startgo123

caloda · 16.09.2016, 18:16

Guten Abend!
Seit nun gut 2 Wochen werde ich nach einem Download, den ich für unbedenklich gehalten hatte, von dieser Suchmaschine startgo123.com belästigt, zu allem Überfluss wird mir natürlich auch massenweise Werbung angezeigt, mal ganz zu schweigen von unzähligen Pop-ups, die Internetverbindung selbst ist auch am Lahmen...
Ich als völlig Ahnungslose in diesem Bereich möchte dieses Geschwür einfach nur loswerden, habe aber keinen Schimmer, wo ich beginnen soll - schon klar, dass ich es ganz stümperhaft über die Systemsteuerung mit "Programme deinstallieren" versucht habe, aber ebenso klar, dass es damit nicht getan ist.
Vielleicht kann sich jemand meines Problems annehmen, vielen Dank im Voraus!

M-K-D-B · 16.09.2016, 21:12

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

caloda · 16.09.2016, 21:32

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2016
durchgeführt von HP (Administrator) auf HP-HP (16-09-2016 22:27:24)
Gestartet von C:\Users\HP\Downloads
Geladene Profile: HP & UpdatusUser (Verfügbare Profile: HP & UpdatusUser)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\AdCleaner.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\AdxEngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Akamai Technologies, Inc.) C:\Users\HP\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\HP\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\HP\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Akamai NetSession Interface] => C:\Users\HP\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Spotify Web Helper] => C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-07] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Spotify] => C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe [6810224 2016-09-07] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\MountPoints2: {47a0191f-03ec-11e6-bf03-c4e984de72eb} - "F:\SETUP.EXE" 
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\MountPoints2: {54070070-21d4-11e3-be6c-806e6f6e6963} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Akamai NetSession Interface] => C:\Users\HP\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Spotify Web Helper] => C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-07] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Spotify] => C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe [6810224 2016-09-07] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\MountPoints2: {54070070-21d4-11e3-be6c-806e6f6e6963} - "F:\_AUTORUN\AUTORUN.EXE" 
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:14211;https=127.0.0.1:14211
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4AFCAB27-7A13-443C-8C69-7BF2A32C56D7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B4A4A94D-A997-4FEA-A47D-7711FD344146}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464257586&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
SearchScopes: HKLM -> {BE46FA0C-8976-4C23-92BB-89F9976D0672} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKU\S-1-5-21-3930845653-3837040866-4171826123-1004 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-11-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-11-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin HKU\S-1-5-21-3930845653-3837040866-4171826123-1001: @mail.ru/GameCenter -> C:\Users\HP\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [Keine Datei]
FF Extension: (Kein Name) - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta351\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha256\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2543\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4549\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8521\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff [nicht gefunden]

Chrome: 
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (PDFaVVIewEr) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfffefolbmpgkockocobjbahingomjhg [2015-01-07]
CHR Extension: (hxxps://www.facebook.com/NickLaBAM1?ref=tn_tn) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfnclbhgnbhieeiclhkfpoficinhbfed [2015-04-28]
CHR Extension: (Google Wallet) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-22] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ACHTUNG
CHR HKLM-x32\...\Chrome\Extension: [ankpeclkcofemgafekjomgjalchcocld] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2543\ch\MediaViewV1alpha2543.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [dhmnidfaajaemdfjlianginhmbpjhkjg] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta351\ch\VideoPlayerV3beta351.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [emfolggdkcnkdofpidcpcoalmfklpfam] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4549\ch\MediaViewV1alpha4549.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [ffffoobpkbfcfibdgopmebhlghaiiamk] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ch\WebexpEnhancedV1alpha38.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [heioloeclpfojipdaefblkbooddbkgfb] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8521\ch\MediaWatchV1home8521.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [kiogckdobifgeafbieadaeodfnpajiao] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha6803\ch\TrustMediaViewerV1alpha6803.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [355808 2016-09-05] (DotC United Inc) <==== ACHTUNG
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [161744 2015-03-11] (RaMMicHaeL) [Datei ist nicht signiert]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 EraserUtilDrv11311; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys [140376 2013-09-26] (Symantec Corporation)
S3 EraserUtilDrv11312; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [137648 2013-11-21] (Symantec Corporation) [Datei ist nicht signiert]
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SPL_CRIMSON_MIDI; C:\Windows\system32\drivers\spl_crimson_m.sys [41592 2016-02-19] (Ploytec GmbH)
R3 SPL_CRIMSON_USB; C:\Windows\System32\Drivers\spl_crimson_u.sys [555128 2016-02-19] (Ploytec GmbH)
R3 SPL_CRIMSON_WDM; C:\Windows\system32\drivers\spl_crimson_a.sys [62584 2016-02-19] (Ploytec GmbH)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 MPCKpt; system32\DRIVERS\MPCKpt.sys [X] <==== ACHTUNG
S1 NetUtils2016; \??\C:\WINDOWS\system32\drivers\NetUtils2016.sys [X] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-16 22:27 - 2016-09-16 22:27 - 00018548 _____ C:\Users\HP\Downloads\FRST.txt
2016-09-16 22:27 - 2016-09-16 22:27 - 00000000 ____D C:\FRST
2016-09-16 22:26 - 2016-09-16 22:26 - 02399232 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2016-09-16 22:25 - 2016-09-16 22:25 - 01749504 _____ (Farbar) C:\Users\HP\Downloads\FRST.exe
2016-09-16 22:25 - 2016-09-16 22:25 - 01749504 _____ (Farbar) C:\Users\HP\Downloads\FRST (1).exe
2016-09-16 18:54 - 2016-09-16 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-09-16 10:41 - 2016-09-16 18:55 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-16 10:40 - 2016-09-16 18:48 - 00000000 ____D C:\Users\HP\Desktop\mbar
2016-09-16 10:39 - 2016-09-16 10:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\HP\Downloads\mbar-1.09.3.1001.exe
2016-09-16 10:14 - 2016-09-16 10:14 - 00023837 _____ C:\Users\HP\Downloads\returnLabel-4340515.pdf
2016-09-13 23:36 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-09-13 23:36 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-13 23:36 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-13 23:36 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-09-13 23:36 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-13 23:36 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-13 23:36 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-13 23:36 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-13 23:36 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-13 23:36 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-13 23:36 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-13 23:36 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-13 23:35 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-13 23:35 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-13 23:35 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-13 23:35 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-13 23:35 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-09-13 23:35 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-09-13 23:35 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-13 23:35 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-13 23:35 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-13 23:35 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-13 23:35 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-13 23:35 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-13 23:35 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-13 23:35 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-13 23:35 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-09-13 23:35 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-13 23:35 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-09-13 23:35 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-13 23:35 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-13 23:35 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-13 23:35 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-13 23:35 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-13 23:35 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-13 23:35 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-13 23:35 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-09-13 23:35 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-09-13 23:35 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-13 23:35 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-13 23:35 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-13 23:35 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-13 23:35 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-13 23:35 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-13 23:35 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-13 23:35 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-13 23:35 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-13 23:35 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-13 23:35 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-13 23:35 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-13 23:35 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-13 23:35 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-13 23:35 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-13 23:35 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-13 23:35 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-13 23:35 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-13 23:35 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-13 23:35 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-13 23:35 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-13 23:35 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-09-13 23:35 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-09-13 23:35 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-13 23:35 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-13 23:35 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-09-13 23:35 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2016-09-13 23:35 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-13 23:35 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2016-09-13 23:35 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2016-09-13 23:35 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-09-13 23:35 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-09-13 23:35 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-13 23:35 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-13 23:35 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-13 23:35 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-09-13 23:35 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2016-09-13 23:35 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2016-09-13 23:35 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2016-09-13 23:35 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-09-13 23:35 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-13 23:35 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2016-09-13 23:35 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-09-13 23:35 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-13 23:35 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-09-13 23:35 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-13 23:35 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-13 23:35 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssenh.dll
2016-09-13 23:35 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dssenh.dll
2016-09-13 23:35 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-09-13 11:05 - 2016-09-13 11:05 - 00222838 _____ C:\Users\HP\Desktop\FLIX-Ticket-8024808223.pdf
2016-09-08 00:51 - 2016-09-08 00:51 - 01328304 _____ C:\Users\HP\Downloads\video-1473288302.mp4
2016-09-08 00:24 - 2016-09-08 00:24 - 03079986 _____ C:\Users\HP\Downloads\video-1473282758.mp4
2016-09-06 18:28 - 2016-09-16 18:54 - 00001798 _____ C:\Users\Public\Desktop\MPC Desktop.lnk
2016-09-06 18:28 - 2016-09-16 18:54 - 00001791 _____ C:\Users\Public\Desktop\MPC AdCleaner.lnk
2016-09-06 18:28 - 2016-09-16 18:54 - 00001743 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\Avira
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\Avg
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-06 17:20 - 2016-09-08 00:47 - 00000000 ____D C:\Users\HP\AppData\Local\Kabeghtjerpoing
2016-09-05 00:55 - 2016-09-05 00:55 - 00000000 ____D C:\Users\HP\AppData\Roaming\MCorp
2016-09-05 00:50 - 2016-09-05 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop
2016-09-05 00:50 - 2016-09-05 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
2016-09-05 00:47 - 2016-09-05 00:48 - 23461607 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part25.rar.crdownload
2016-09-05 00:47 - 2016-09-05 00:47 - 02310048 _____ C:\Users\HP\Downloads\winrar-x64-540d (1).exe
2016-09-05 00:46 - 2016-09-15 10:50 - 00612848 _____ C:\WINDOWS\system32\NetUtils2016.dll
2016-09-05 00:46 - 2016-09-05 00:48 - 36749031 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part26.rar.crdownload
2016-09-05 00:46 - 2016-09-05 00:48 - 30818023 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part53.rar.crdownload
2016-09-05 00:46 - 2016-09-05 00:46 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-09-05 00:46 - 2016-09-05 00:46 - 00000000 ____D C:\Users\HP\AppData\Roaming\HDWallPaper
2016-09-05 00:45 - 2016-09-06 17:23 - 00000000 ____D C:\Program Files (x86)\PC Speed Up
2016-09-05 00:45 - 2016-09-05 00:45 - 00001167 _____ C:\Users\HP\Desktop\Die Installation von keygen - Free Download fortsetzen.lnk
2016-09-05 00:43 - 2016-09-16 18:54 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-09-05 00:40 - 2016-09-08 01:01 - 00000000 ____D C:\Program Files (x86)\Qotachcoerduk
2016-09-05 00:40 - 2016-09-05 00:42 - 00000000 ____D C:\Users\HP\AppData\Local\clucadomqenayfehuent
2016-09-05 00:40 - 2016-09-05 00:40 - 00000000 ____D C:\extensions
2016-09-05 00:39 - 2016-09-05 00:50 - 00000000 ____D C:\Users\HP\AppData\Roaming\Corner Sunshine
2016-09-05 00:39 - 2016-09-05 00:39 - 00000000 ____D C:\ProgramData\sozy
2016-09-05 00:39 - 2016-09-05 00:38 - 01611944 _____ (Secure Download Ltd. ) C:\Users\HP\Downloads\keygen
2016-09-05 00:37 - 2016-09-05 00:37 - 00000000 ____D C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat (1)
2016-09-05 00:36 - 2016-09-05 00:36 - 00370166 _____ C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat (1).zip
2016-09-05 00:34 - 2016-09-05 00:34 - 00000000 ____D C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat
2016-09-05 00:33 - 2016-09-05 00:33 - 05172648 _____ C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat.zip
2016-09-05 00:30 - 2016-09-05 00:30 - 00002070 _____ C:\Users\HP\Desktop\Cubase 5.lnk
2016-09-05 00:29 - 2016-09-05 00:48 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Program Files\WinRAR
2016-09-04 23:53 - 2016-09-04 23:53 - 02310048 _____ C:\Users\HP\Downloads\winrar-x64-540d.exe
2016-09-04 22:24 - 2016-09-04 23:20 - 3690898231 _____ C:\Users\HP\Desktop\cubase.zip
2016-09-04 21:56 - 2016-09-04 22:08 - 2661829209 _____ C:\Users\HP\Desktop\cubase.7z
2016-09-04 21:52 - 2016-09-04 21:52 - 00000000 ____D C:\Users\HP\Downloads\cubase 5
2016-09-04 18:59 - 2016-09-04 20:23 - 00000000 ____D C:\Users\HP\Downloads\SteinbergCubasev5
2016-09-04 18:44 - 2016-09-04 18:44 - 00001652 _____ C:\Users\HP\Desktop\JDownloader 2.lnk
2016-09-04 18:44 - 2016-09-04 18:44 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-09-04 18:42 - 2016-09-04 20:23 - 00000000 ____D C:\Users\HP\Desktop\JDownloader
2016-09-04 18:39 - 2016-09-04 18:39 - 00076504 _____ (AppWork GmbH) C:\Users\HP\Downloads\WebInstaller_adfree_2016_1.exe
2016-09-04 18:39 - 2016-09-04 18:39 - 00076504 _____ (AppWork GmbH) C:\Users\HP\Downloads\WebInstaller_adfree_2016_1 (1).exe
2016-09-04 18:07 - 2016-09-05 00:08 - 00000000 ____D C:\Users\HP\Desktop\cubase
2016-09-04 16:48 - 2016-09-04 16:48 - 00609217 ____T C:\Users\HP\Downloads\Don&#039;t Leave - Free Boom Bap Hip Hop Instrumental Beat (Prod By Outspoken &amp; Yung Castello) (320  kbps).mp3.asd
2016-09-04 08:48 - 2016-09-04 08:48 - 00127537 _____ C:\Users\HP\Downloads\uebersicht-vorkurs-2014-100.pdf
2016-09-04 00:07 - 2016-09-04 00:07 - 00782252 ____T C:\Users\HP\Downloads\Afro_cuban_jazz_suite_for_ellington_[mp3take].mp3.asd
2016-09-03 23:30 - 2016-09-08 00:14 - 00000000 ___RD C:\Users\HP\Desktop\first drumpack Project
2016-09-03 17:06 - 2016-09-03 17:06 - 00000000 ____D C:\Users\HP\Downloads\Elements-Of-UK-Dance
2016-09-03 16:48 - 2016-09-07 19:46 - 00000000 ____D C:\Users\HP\AppData\Roaming\MPC
2016-09-03 16:48 - 2016-09-03 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akai
2016-09-03 16:48 - 2016-09-03 16:48 - 00001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Essentials.lnk
2016-09-03 16:48 - 2016-09-03 16:48 - 00000000 ____D C:\Users\HP\Documents\MPC
2016-09-03 16:48 - 2016-09-03 16:48 - 00000000 ____D C:\ProgramData\Akai
2016-09-03 16:48 - 2016-09-03 16:48 - 00000000 ____D C:\Program Files\Common Files\Avid
2016-09-03 16:47 - 2016-09-03 16:47 - 00000000 ____D C:\Program Files\Akai Pro
2016-09-03 16:47 - 2016-09-03 16:47 - 00000000 ____D C:\Program Files (x86)\Akai Pro
2016-09-03 16:45 - 2016-09-03 16:45 - 00000000 ____D C:\Users\HP\Downloads\Update-MPC-Essentials-1.8.2-WIN
2016-09-03 16:38 - 2016-09-03 17:00 - 443053927 _____ C:\Users\HP\Downloads\Elements-Of-UK-Dance.zip
2016-09-03 16:37 - 2016-09-03 19:40 - 2919535507 _____ C:\Users\HP\Downloads\BigBangDrums2.zip
2016-09-03 16:37 - 2016-09-03 19:23 - 1490752945 _____ C:\Users\HP\Downloads\BigBang2.5.zip
2016-09-03 16:37 - 2016-09-03 16:45 - 136513144 _____ C:\Users\HP\Downloads\Update-MPC-Essentials-1.8.2-WIN.zip
2016-09-03 16:30 - 2016-09-03 17:07 - 975151220 _____ C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64 (1).zip
2016-09-03 16:25 - 2016-09-03 17:00 - 00000000 ____D C:\Users\HP\Documents\Ableton
2016-09-03 16:22 - 2016-09-03 16:48 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-03 16:21 - 2016-09-03 16:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\Ableton
2016-09-03 16:16 - 2016-09-03 16:16 - 00000887 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Lite.lnk
2016-09-03 16:16 - 2016-09-03 16:16 - 00000000 ____D C:\ProgramData\Ableton
2016-09-03 16:13 - 2016-09-03 16:13 - 00000000 ____D C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64
2016-09-03 16:01 - 2016-09-03 16:13 - 975151220 _____ C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64.zip
2016-09-03 13:44 - 2016-09-03 13:44 - 00274725 _____ C:\Users\HP\Desktop\Ying And Yang by P_Beats.htm
2016-09-03 13:44 - 2016-09-03 13:44 - 00000000 ____D C:\Users\HP\Desktop\Ying And Yang by P_Beats_files
2016-08-30 23:51 - 2016-09-03 15:42 - 00000000 ____D C:\Users\HP\Documents\Cubase LE AI Elements Projects
2016-08-30 23:50 - 2016-08-30 23:50 - 00000000 ____D C:\Users\HP\Documents\VST3 Presets
2016-08-30 23:50 - 2016-08-30 23:50 - 00000000 ____D C:\Users\HP\Documents\Steinberg
2016-08-30 23:45 - 2016-09-05 00:29 - 00000000 ____D C:\Program Files (x86)\Steinberg
2016-08-30 23:45 - 2016-08-30 23:45 - 00002892 _____ () C:\WINDOWS\SysWOW64\audcon.sys
2016-08-30 23:45 - 2016-08-30 23:45 - 00002333 _____ C:\Users\HP\Desktop\Cubase LE AI Elements 8.lnk
2016-08-30 23:45 - 2016-08-30 23:45 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 8 32bit
2016-08-30 23:45 - 2016-08-30 23:45 - 00000000 ____D C:\ProgramData\Syncrosoft
2016-08-30 23:44 - 2016-08-30 23:44 - 00000049 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg
2016-08-30 23:44 - 2016-08-30 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2016-08-30 23:44 - 2016-08-30 23:44 - 00000000 ____D C:\Program Files (x86)\Syncrosoft
2016-08-30 23:44 - 2011-12-14 21:21 - 00086016 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe
2016-08-30 23:43 - 2016-08-30 23:45 - 00000000 ____D C:\ProgramData\eLicenser
2016-08-30 23:43 - 2016-08-30 23:44 - 00000000 ____D C:\Program Files (x86)\eLicenser
2016-08-30 23:43 - 2016-08-30 23:43 - 00000000 ____D C:\Program Files\eLicenser
2016-08-30 23:43 - 2012-12-07 17:48 - 01714176 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\system32\SYNSOACC.dll
2016-08-30 23:43 - 2012-12-07 17:48 - 01277952 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\SysWOW64\SYNSOACC.dll
2016-08-30 23:23 - 2016-08-30 23:23 - 00000000 ____D C:\ProgramData\Steinberg
2016-08-30 23:23 - 2016-08-30 23:23 - 00000000 ____D C:\Program Files\Common Files\Steinberg
2016-08-30 23:21 - 2016-08-30 23:41 - 00000000 ____D C:\Users\HP\AppData\Local\Steinberg Installation Updater
2016-08-30 23:21 - 2016-08-30 23:21 - 00000000 ____D C:\Users\HP\AppData\Roaming\Steinberg Installation Updater
2016-08-30 23:11 - 2016-08-30 23:11 - 00000000 ____D C:\Users\HP\Downloads\Cubase_Elements_8_Trial_Installer_windows
2016-08-30 23:07 - 2016-09-05 00:29 - 00000000 ____D C:\Users\HP\AppData\Roaming\Steinberg
2016-08-30 23:07 - 2016-09-03 16:48 - 00000000 ____D C:\Program Files\Steinberg
2016-08-30 23:07 - 2016-09-03 16:21 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-08-30 23:07 - 2016-08-30 23:07 - 00002215 _____ C:\Users\HP\Desktop\Cubase LE AI Elements 8 64bit.lnk
2016-08-30 23:07 - 2016-08-30 23:07 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 8 64bit
2016-08-30 22:25 - 2016-08-30 23:05 - 2772390032 _____ C:\Users\HP\Downloads\Cubase_Elements_8_Trial_Installer_windows.zip
2016-08-30 20:39 - 2016-09-03 16:22 - 00000000 ____D C:\Users\HP\AppData\Roaming\Audacity
2016-08-30 20:39 - 2016-08-30 20:39 - 00000000 ____D C:\Users\HP\Downloads\audacity-win-2.1.2
2016-08-30 20:39 - 2016-08-30 20:39 - 00000000 ____D C:\Users\HP\AppData\Local\Audacity
2016-08-30 20:38 - 2016-08-30 20:38 - 10921409 _____ C:\Users\HP\Downloads\audacity-win-2.1.2.zip
2016-08-30 19:36 - 2016-08-30 20:03 - 00000000 ____D C:\WINDOWS\usb-audio.deSPLCrimson
2016-08-30 19:36 - 2016-02-19 20:56 - 00555128 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_u.sys
2016-08-30 19:36 - 2016-02-19 20:56 - 00062584 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_a.sys
2016-08-30 19:36 - 2016-02-19 20:56 - 00041592 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_m.sys
2016-08-30 19:35 - 2016-02-23 10:52 - 02175274 _____ C:\Users\HP\Downloads\SPL_Crimson_2.9.86.25.zip
2016-08-30 19:32 - 2016-08-30 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-30 19:32 - 2016-08-30 19:32 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-08-30 19:31 - 2016-08-30 19:31 - 01474568 _____ C:\Users\HP\Downloads\7 Zip 32 Bit - CHIP-Installer.exe
2016-08-30 19:25 - 2016-08-30 19:25 - 02220493 _____ C:\Users\HP\Downloads\SPL_Crimson2.9.86.25_web.zip
2016-08-30 18:59 - 2016-08-30 19:00 - 00000000 ____D C:\Users\HP\Desktop\games
2016-08-30 18:56 - 2016-09-03 14:32 - 00000000 ____D C:\Users\HP\Desktop\bilder
2016-08-25 13:50 - 2016-08-25 13:50 - 00000000 ____D C:\Users\HP\Documents\My Games
2016-08-25 13:50 - 2016-08-25 13:50 - 00000000 ____D C:\Users\HP\AppData\Local\FalloutNV
2016-08-20 04:34 - 2016-09-16 21:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-20 04:34 - 2016-09-14 10:13 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-20 04:34 - 2016-09-13 17:51 - 00003898 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-08-20 04:34 - 2016-09-13 17:51 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-08-20 04:34 - 2016-08-23 20:43 - 00000000 ____D C:\Users\HP\AppData\Local\Adobe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-16 22:15 - 2014-10-20 19:13 - 00000000 ____D C:\Users\HP\AppData\Roaming\Spotify
2016-09-16 19:00 - 2013-09-20 11:33 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3930845653-3837040866-4171826123-1001
2016-09-16 18:56 - 2014-10-20 19:15 - 00000000 ____D C:\Users\HP\AppData\Local\Spotify
2016-09-16 18:55 - 2015-04-17 22:33 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-16 18:55 - 2014-07-19 20:11 - 00000000 ___RD C:\Users\HP\OneDrive
2016-09-16 18:53 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-16 18:52 - 2012-10-05 22:13 - 00000000 ____D C:\WINDOWS\en
2016-09-16 18:52 - 2012-10-05 21:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-16 10:46 - 2014-01-31 21:20 - 00000000 ____D C:\ProgramData\dfffefolbmpgkockocobjbahingomjhg
2016-09-16 10:46 - 2014-01-05 19:38 - 00000000 ____D C:\ProgramData\gkcgpnoahhlagpbfhddbkieglahmlgnm
2016-09-16 10:41 - 2015-01-07 19:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-16 10:40 - 2015-01-07 19:01 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-14 10:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-09-14 10:24 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 10:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-14 10:18 - 2014-03-18 12:03 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-14 10:18 - 2014-03-18 11:25 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-14 10:18 - 2014-03-18 11:25 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-14 10:18 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-09-14 10:13 - 2013-08-22 16:44 - 00377408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-14 10:10 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-09-14 10:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-14 10:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-14 00:50 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-14 00:47 - 2013-09-27 16:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 00:37 - 2013-09-27 16:00 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-13 17:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-13 17:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-12 16:45 - 2014-07-14 15:04 - 00976384 ___SH C:\Users\HP\Desktop\Thumbs.db
2016-09-12 08:49 - 2014-07-11 16:17 - 00000000 ____D C:\Users\UpdatusUser
2016-09-12 08:47 - 2014-07-11 03:21 - 00000000 ____D C:\Users\HP
2016-09-10 09:16 - 2013-09-30 15:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\vlc
2016-09-08 20:04 - 2014-07-14 18:15 - 11131904 ___SH C:\Users\HP\Downloads\Thumbs.db
2016-09-08 01:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-07 03:11 - 2016-07-27 11:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:11 - 2016-07-27 11:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-06 18:25 - 2013-09-27 19:50 - 00001332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-06 17:19 - 2015-01-07 21:54 - 00000000 ____D C:\ProgramData\Unchecky
2016-09-02 12:33 - 2016-04-01 12:31 - 00000000 ____D C:\Users\HP\Desktop\mzzk
2016-08-27 10:30 - 2013-10-06 14:56 - 00000000 ____D C:\Users\HP\AppData\Local\ElevatedDiagnostics
2016-08-25 13:21 - 2015-04-17 23:33 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-17 22:54 - 2016-08-10 20:19 - 00000000 ____D C:\Users\HP\AppData\Local\Anno Online

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-19 22:57 - 2014-03-28 09:18 - 0000157 _____ () C:\Users\HP\AppData\Roaming\WB.CFG
2013-09-20 11:20 - 2013-09-20 11:20 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\AnVir.exe
C:\Users\HP\AppData\Local\Temp\APNSetup.exe
C:\Users\HP\AppData\Local\Temp\bi_cleaner.exe
C:\Users\HP\AppData\Local\Temp\ICReinstall_keygen-step-2.exe
C:\Users\HP\AppData\Local\Temp\InstallManager_GEN_GEN.exe
C:\Users\HP\AppData\Local\Temp\JDSetup131174807762048176.exe
C:\Users\HP\AppData\Local\Temp\MPCSetup_4.3.1.exe
C:\Users\HP\AppData\Local\Temp\proxy_vole3308267830375487799.dll
C:\Users\HP\AppData\Local\Temp\proxy_vole7886453566581831209.dll
C:\Users\HP\AppData\Local\Temp\rtinstaller.exe
C:\Users\HP\AppData\Local\Temp\rtXQ2WlUvQ.exe
C:\Users\HP\AppData\Local\Temp\SIntf16.dll
C:\Users\HP\AppData\Local\Temp\SIntf32.dll
C:\Users\HP\AppData\Local\Temp\SIntfNT.dll
C:\Users\HP\AppData\Local\Temp\srv15999.exe
C:\Users\HP\AppData\Local\Temp\srv42539.exe
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10283.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10355.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10607.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10652.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10804.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10940.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10966.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10990.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite11273.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12415.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12432.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12569.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12578.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12725.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12795.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12806.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12837.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12860.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite13009.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite13087.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite14221.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite14252.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15046.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15102.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15276.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15492.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15503.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16206.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16819.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16886.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16938.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16983.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18193.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18283.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18560.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18730.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18897.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19213.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19260.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19517.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19553.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19640.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20053.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20064.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20092.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20129.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20223.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20264.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20491.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20693.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite21130.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite21193.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite21589.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite21905.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22023.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22057.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22142.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22260.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22341.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22412.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22545.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22841.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22939.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23127.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23306.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23450.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23570.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23660.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23725.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23736.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24041.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24523.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24564.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24669.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24681.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24906.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24919.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite25182.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite25261.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite25546.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite25947.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26012.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26201.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26209.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26236.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26305.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26637.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27196.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27197.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27365.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27426.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27692.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27890.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite28847.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite28887.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29044.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29159.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29363.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29573.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29624.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite30136.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite30405.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite30685.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31037.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31087.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31329.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31334.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31533.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31883.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32051.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32705.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32834.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32836.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32901.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32990.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite33138.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite33366.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite34285.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite34766.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite35322.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite35595.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite35670.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36024.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36042.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36137.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36393.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36652.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36701.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36951.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite37599.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite37939.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite38366.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite38912.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39096.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39333.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39412.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39481.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39522.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39577.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39600.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39607.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39739.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40291.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40328.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40383.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40650.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40735.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite41249.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite41880.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite41980.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42100.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42102.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42324.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42708.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42864.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43207.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43295.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43512.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43542.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43552.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44007.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44127.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44164.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44507.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44696.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44785.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44805.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44932.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite45295.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite45891.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite45998.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46261.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46271.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46449.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46467.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46691.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46757.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46869.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47124.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47145.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47345.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47365.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47911.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47915.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47990.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite48505.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite48840.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49009.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49455.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49608.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49627.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49639.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite50217.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite50346.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite50837.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51032.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51439.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51523.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51595.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51782.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52037.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52255.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52406.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52467.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52605.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52782.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52829.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53152.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53171.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53311.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53949.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53966.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite54073.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite54418.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite54838.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite55292.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite55705.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite55835.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56463.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56735.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56779.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56797.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56935.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite57890.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite58107.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite58111.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite58135.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite58481.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite59506.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite59568.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite59968.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite60480.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite60582.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61165.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61185.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61294.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61310.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61924.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61993.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62099.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62250.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62400.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62527.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62976.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63115.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63156.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63161.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63384.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63385.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63630.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63913.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63945.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63960.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64057.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64329.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64454.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64816.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64832.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64997.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65055.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65374.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65765.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65858.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65907.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66017.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66042.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66197.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66366.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66471.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66719.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66846.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite67244.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite67949.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite67984.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite68065.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite68266.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite68792.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite71224.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite71519.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite71621.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72006.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72171.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72182.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72357.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72384.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72673.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72792.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73165.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73373.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73697.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73720.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73795.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73807.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74418.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74540.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74661.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74767.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74956.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite75188.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite75846.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite75944.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76113.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76742.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76880.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76917.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76970.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76974.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77004.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77153.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77269.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77513.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77601.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78136.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78205.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78372.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78412.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78664.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78830.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78923.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78931.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79005.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79475.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79527.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79621.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79629.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79706.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79776.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79884.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79899.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite80537.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite80558.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite80756.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite80949.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite81378.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite81968.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82454.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82709.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82743.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82929.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82942.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite83270.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite83450.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite84085.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite84258.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite84330.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite84611.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite85000.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite85235.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite85792.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite85964.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite86338.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite86606.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite86970.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87055.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87670.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87727.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87772.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88040.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88059.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88700.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88749.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88896.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite89470.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite89743.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite89874.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90001.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90438.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90474.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90521.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90566.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90636.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90748.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90749.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90789.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite91065.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite91142.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite91203.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite91906.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92114.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92433.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92721.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92796.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92899.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93374.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93379.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93523.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93528.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93659.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93952.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite94396.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite94795.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite94870.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite95223.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite95672.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96263.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96275.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96440.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96483.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96805.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97007.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97135.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97310.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97642.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97780.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97941.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97985.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98132.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98311.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98340.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98456.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98530.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98861.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99012.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99249.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99739.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99795.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99937.dll
C:\Users\HP\AppData\Local\Temp\tbuF4D.exe
C:\Users\HP\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-14 10:24

==================== Ende von FRST.txt ============================

caloda · 16.09.2016, 22:11

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2016
durchgeführt von HP (16-09-2016 22:28:23)
Gestartet von C:\Users\HP\Downloads
Windows 8.1 (Update) (X64) (2014-07-11 14:02:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3930845653-3837040866-4171826123-500 - Administrator - Disabled)
Gast (S-1-5-21-3930845653-3837040866-4171826123-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3930845653-3837040866-4171826123-1003 - Limited - Enabled)
HP (S-1-5-21-3930845653-3837040866-4171826123-1001 - Administrator - Enabled) => C:\Users\HP
UpdatusUser (S-1-5-21-3930845653-3837040866-4171826123-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

«Âîéíà è Ìèð» (HKLM-x32\...\«Âîéíà è Ìèð») (Version:  - )
7-Zip 16.02 (HKLM-x32\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Ãåðîè Ìå÷à è Ìàãèè® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version:  - )
Ableton Live 9 Lite (HKLM\...\{E807D51A-ED71-4353-AD60-4E9625BE7531}) (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Akai Elements of UK Dance (HKLM-x32\...\Akai UK Dance_is1) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno Online (HKLM\...\Steam App 336510) (Version:  - Blue Byte)
AnVir Task Manager Free (HKLM-x32\...\AnVir Task Manager Free) (Version:  - AnVir Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArmA Demo Uninstall (HKLM-x32\...\ArmA Demo) (Version:  - )
Blitzkrieg (HKLM-x32\...\Blitzkrieg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrainBread 2 (HKLM\...\Steam App 346330) (Version:  - Reperio Studios)
Chicago 1930 (HKLM-x32\...\Chicago 1930) (Version:  - )
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - Team Psykskallar)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ElectroLyrics-1 (HKLM-x32\...\ElectroLyrics-1) (Version: 1.28.153.3 - Lyrics) <==== ACHTUNG
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.5.1160 - Steinberg Media Technologies GmbH)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto Vice City (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Grand Theft Auto Vice City (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
GTA2 (HKLM-x32\...\GTA2) (Version:  - )
GTAIII (HKLM-x32\...\{92B94569-6683-4617-8C54-EB27A1B51B30}) (Version:  - )
Hammer & Sickle (HKLM-x32\...\Hammer & Sickle) (Version:  - )
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
ISScript (x32 Version: 3.00.185 - InstallShield Software Corp.) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LEGO Alpha Team (HKLM-x32\...\{C5C8DE40-1AB7-11D4-854E-00A0C99F6AF9}) (Version:  - )
Lollipop (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\lollipop_11221407) (Version:  - Lollipop Network, S.L.) <==== ACHTUNG
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MPC Essentials 1.8.2 (HKLM\...\com.akaipro.mpc.essentials_is1) (Version: 1.8.2 - Akai Professional)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Pro Rally 2001 (HKLM-x32\...\Pro Rally 2001) (Version:  - )
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
SPL Crimson USB ASIO driver (HKLM\...\USB_AUDIO_DEusb-audio.deSPLCrimson) (Version:  - )
Spotify (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Spotify) (Version: 1.0.37.150.gad02a02e - Spotify AB)
Spotify (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 8 (HKLM-x32\...\{C82690CF-7D52-4E6A-02BB-AB612D4D8D28}) (Version: 8.0.10 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.10 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version:  - )
Unchecky v0.3.7 (HKLM-x32\...\Unchecky) (Version: 0.3.7 - RaMMicHaeL)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Warface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Warface) (Version: 1.87 - Mail.Ru)
Warface (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Warface) (Version: 1.87 - Mail.Ru)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
youndoo - Uninstall (HKLM-x32\...\{F0E89B99-DF95-406C-9B69-10924C7F47BD}) (Version:  - ) <==== ACHTUNG
Игровой центр (HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\GameCenterMailRu) (Version: 2.402 - ООО "Мэйл.Ру Геймз")

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2C56CCE9-6B4E-426A-9439-6EF1FDBA3C65} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {2F9BCB64-B414-4FF9-AAA5-14C240293051} - \Tozatplermusy Configuration -> Keine Datei <==== ACHTUNG
Task: {48BF7FE4-16B3-42BB-A43F-95350E7131D5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {52B160ED-B394-4462-8927-43C6ACC8306C} - System32\Tasks\{AF089043-D6AA-41B7-A239-8F8B8E8FAA06} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {6E87A472-CB8B-4D44-9413-166AB458F2D5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {710F6622-7749-4122-80E5-BC696171976F} - System32\Tasks\ExtFixer13197 => C:\windows\TEMP\41844_updater.exe <==== ACHTUNG
Task: {8507F8F4-7E2F-4651-9936-8905E375F9FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {850AC5A8-2E1C-42C3-9965-931751078C0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {8C600834-BD7F-48DE-9DF1-DC80FEEB40F9} - System32\Tasks\{820D1004-08F0-4C3F-8553-9B88F08D781B} => pcalua.exe -a F:\ProRally.exe -d F:\
Task: {9ABBC3D1-DB15-4BAB-9397-BAE1EE87DAF1} - System32\Tasks\ExtFixer2078 => C:\windows\TEMP\41844_updater.exe <==== ACHTUNG
Task: {B2530D95-ACF4-4DC4-82E8-9B2FD6594D84} - System32\Tasks\{42A7BE18-F334-47DC-892B-2C562E256871} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {C463C7B7-3AAB-4778-8630-C3D74C672124} - System32\Tasks\{731C0D96-12CF-47EF-B0BF-E54A152EB958} => pcalua.exe -a "C:\Program Files (x86)\Cinema-Plus-1.2\Uninstall.exe" -c /fcp=1
Task: {D0612721-6B70-4089-9E5E-936897C56ADF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {DE278E01-1E60-465E-A5CB-E857CDF8F5D2} - \Perotainghernerry System -> Keine Datei <==== ACHTUNG
Task: {E09F5153-E919-4910-B801-F1A052F640D8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ExtFixer13197.job => C:\windows\TEMP\41844_updater.exeq/url='hxxp:/xml.localxpath.net/apps/cr/1060-4030_ElectroLyrics.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ExtFixer2078.job => C:\windows\TEMP\41844_updater.exep/url='hxxp:/xml.localxpath.net/apps/cr/1060-4030_ElectroLyrics.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> search.mpc.am
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> search.mpc.am

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-05 00:43 - 2016-09-05 00:43 - 00115168 _____ () C:\Program Files (x86)\MPC Cleaner\zlib1.dll
2015-04-17 23:28 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-17 23:28 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-17 23:28 - 2016-08-23 21:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-17 23:28 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-17 23:28 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-17 23:28 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-17 23:28 - 2016-08-23 21:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-07-27 17:55 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-03-11 20:05 - 2016-09-07 17:10 - 51272304 _____ () C:\Users\HP\AppData\Roaming\Spotify\libcef.dll
2015-03-11 20:05 - 2016-09-07 17:10 - 01765488 _____ () C:\Users\HP\AppData\Roaming\Spotify\libglesv2.dll
2015-03-11 20:05 - 2016-09-07 17:10 - 00088176 _____ () C:\Users\HP\AppData\Roaming\Spotify\libegl.dll
2015-04-17 23:28 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-10-05 21:59 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-06 14:06 - 2013-12-04 04:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-06 14:06 - 2013-12-04 04:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-06 14:06 - 2013-12-04 04:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\HP:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [120]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_0refresh-2076883145 [2686]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_1write-1878237577 [2686]
AlternateDataStreams: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Mail.Ru.website:TASKICON_2adress_book2-609010338 [2686]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-09-16 18:53 - 00001993 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
0.0.0.0 cdn.bisrv.com

Da befinden sich 3 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Theme2\img10.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "fst_de_19"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1831D832-0085-412F-AD86-5D5B89F42A77}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FE33F88C-E0F4-4BB1-9C7D-10CF276F3BED}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{576CD0BF-2CA2-47A3-B325-6353000EF03E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DFB4C9B7-8D33-4392-9006-A5AE1CF3BCCC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DEF483F9-E3F4-4D8D-9413-56D219FD4E84}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E372ABB6-ECB4-4096-A3AB-FCE65CA87A5D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3DF00AA1-75E1-4EE9-AD6E-B9057966895D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D452AC97-DBF6-4D48-A3F7-6A8F658A7F74}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{005D2F35-F842-47AB-AFDF-CB2B1F93F775}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E529D38-E74E-43EE-86F9-0EB0F270B4BA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9435A3F0-0CA3-48F8-8659-DD5FE2C06D01}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2D0B747F-E4DD-4AD7-8843-8EC2BA447690}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DC75E642-E39C-4D17-997A-730CEC93BC47}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{27E3496D-0218-45A8-AE3E-4740FD3CD194}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F2CAA585-C5C7-486D-9C44-D863BAAAD505}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4DB0F702-F2C9-4DBE-BE25-0380369C7F88}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{191DDC5E-F3B1-467E-87B7-1DB5DA27C139}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3210EF94-760C-491A-925D-5F2ECB3E1FFD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0F53E743-082B-4C03-AB49-257ACB1A6F0D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40FB1C47-6484-4FC6-8AE6-64EB79E678F1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{29738446-D9BE-497F-91AB-E3AA893440FD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A66597FB-0C5E-4FAB-B8CB-C6D5032C5BD3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C222B0E6-B5D6-4593-B563-9A584F8B0C16}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6EB0B2FE-F281-4DA6-AFA4-96B3F5A4495D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9CBF9631-4859-4E78-80ED-82367B79F805}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A1B324F-9A5A-4564-9E30-5F5411A7FB78}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A580BFA5-C63A-4613-9E53-0CEE605CD7AC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8B7583EB-DCC3-48FF-9B3F-AA47A8130C5B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0DA647E8-BEC0-43CC-A928-9C7E670F57B0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F36970C1-D3CC-486A-9BA8-105533EC62E9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E8FFF43F-96FA-4970-9AD5-1568C6E94F5F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9BC6FD9D-2547-484D-82C5-74C002248D19}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FFDBD881-F24A-4FAA-9A0B-2B3D69281BFF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{486C20E5-4BEC-4672-90EB-7AD38E3EFD0B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4B1E150D-DD19-42B1-A0AF-1DA2B59EA750}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{56A5FCC7-361D-445C-A203-DFBE4D2E23F3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E938228E-C3C8-47F0-A642-8AB23B685C9E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DC307FCF-A262-45B8-835E-F322CCA2C7B0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D35373C-2C88-4E7A-A736-BB61396CEF34}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DACDD348-3151-4FBD-871F-4240A5C6313A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4F972021-55F4-4A55-A127-82E51B4DBF26}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0590F1B7-E677-4009-9CD5-CB2CECFCA95C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8DB2BE7B-DD81-4729-866E-5FF3670E4E8F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AB269C0B-3E60-493B-BE9E-98D086323E70}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{240D29B0-90EE-40A2-AD89-774A853E5340}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C3CCAF6F-28EB-467A-97D5-FE03818A57A7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2A553F1-7611-4A7F-A159-1BC2A2FF9CE4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F9B766F0-9B03-46DB-A606-88A8E911FAA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6B97FFC2-265A-4D18-AA3A-548E59D885E0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{40D5D850-AC28-43A7-8455-95ED9444476C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E374F7F4-55C5-46F5-9C86-6EE161F7A7C9}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A9256CFC-1C11-457F-9F8C-16B61A834305}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F970A3D0-30F3-406C-B51B-D6B65520D7C7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D35A0A2-93AF-4EE6-8D9E-478757A78F5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D06FC8D4-66E8-401A-BD65-8CF943C35DE5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [UDP Query User{434C97A3-AA31-40AE-B896-B74555F819F7}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F4A159A5-1196-449F-9842-6E3E8423FA81}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [{672C6317-FB94-43EB-B635-007DDA880CFE}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup (1).exe
FirewallRules: [{23915B54-3A99-49D6-A0F7-1347D4A34C73}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup (1).exe
FirewallRules: [{49E6529A-20EA-4F8E-966F-70A79BD61637}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup.exe
FirewallRules: [{FAB33320-CE75-49B7-B30F-24FA26F42453}] => (Allow) C:\Users\HP\Downloads\VideoPerformerSetup.exe
FirewallRules: [{A6B62685-6743-42EC-9EB4-268E4F6F8A57}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{66F75D86-AE6D-48E9-B73E-85F4FA1E490E}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{329CFAA1-80CD-4C99-B4B6-9DB0DF944BE9}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{C7BBEC78-745E-4F90-9325-2A444EF55299}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{CFE45F69-0152-4E39-9985-4466EA1F34DB}] => (Allow) LPort=1900
FirewallRules: [{69760FC3-10F9-4A08-821E-089917CDE05C}] => (Allow) LPort=2869
FirewallRules: [{9990EC68-E558-4940-BF68-77F4AAE397AC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{55EF0FA1-8EE3-4EC4-A3B6-9F754A2E872B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D0307A22-5E62-4E12-8F79-3A6C3D3660B2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7647AE3D-187E-4713-9BF7-7EA40EAD7F0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{26F32E2D-209C-4169-91C7-AD4F3921FEA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AE6EBFF2-C261-4958-A53F-27F490E80E27}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{76B0EE6E-F2AF-44F9-8C36-0D5B3FD53DCA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D416815-F6FA-4288-BFA1-845D5CECF941}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BBA12AD4-14DB-4BAF-BDF4-179B7D57E9F0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{687944BF-DB4B-4CF7-8415-0DF239EF7065}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{67FC3F5D-D669-494C-BA07-319DAECA001E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D5F865B5-00C2-4C3A-B9D2-46F1A0F7ACE3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B58D4FC7-2099-4D01-A59E-BBD27E8C9C96}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{C8F8AAAD-C85F-4C58-BF89-5AB73D0B452E}C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe
FirewallRules: [UDP Query User{3905AADC-36C1-4914-87A1-38B921917B8D}C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe] => (Block) C:\users\hp\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe
FirewallRules: [{556CD6F7-89FD-4AE5-8742-F07B41EFE276}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{87BE7E7B-DED1-465E-B624-2F036C9F32C7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9668310A-69FD-4A59-8271-1E1EDC150D09}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BAA912D5-89F1-4AAB-A697-AA5EDA1F349B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D2868235-A202-467C-9173-2538567D8C36}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9E7BBFF7-16B9-4039-B0F4-02CFAC9520F7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BF0EF3BB-210F-4CBF-BF12-5A7E76E5E086}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{923CE724-90DC-442C-A82F-394D51545520}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C16FE4D2-A58C-443C-A458-835F236C3A6D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BD837EDC-B82C-4D41-B76A-FAA8B23AB8AF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{127EF742-91AF-498B-B9E0-AB2BBCCF265B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3E2CD19B-0CCE-4376-8498-C2AB10717A66}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E884976-9C69-42B3-BA16-AE0A3146CB5B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2E3AE94F-1027-4B18-B06A-E2AAAC181658}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA43461D-AF18-4798-A5CD-484DE8C0D4E4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F6CC1C6C-1057-44AC-8FFA-A4BA6F0748B5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{61D012B2-9F18-4F76-A53A-75E5D75EB033}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9C33B8D9-12FE-4161-834B-84B0201B786B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DBD6C599-46EA-48DE-BE74-B3BEB8DBFCCA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{BF725BC3-63F5-481C-A42C-F7B2A1494222}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{72EBE10A-3FB4-450A-A5A4-228A54A39ADD}C:\users\hp\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\hp\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C0B486BA-67DC-4C72-892F-3F41C530A530}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8B3D049A-860E-472B-AB5A-5A2CD5994067}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DA256FAE-9E71-434A-9CC3-6085E89C79C1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5BE97B07-F48A-4C7F-9EFA-8AB769CBD3B3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{51A3F8EF-1B17-4A14-AF01-4C4EF75B2942}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CC6669BF-BBF7-4929-8EA2-D4850B422403}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7BEA4A91-DF07-4E4D-B43C-DDE4A5EF32C2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D96E3EF6-E8EA-4B2C-891B-3E52CC9611A6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C1D880B8-5A61-42A1-87B5-833B2806CADB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E8EE6707-99DA-4B50-9953-AB6855A2BA13}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0D5A9B36-55D6-446C-A2AE-E12219D1F7A1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4D650A68-C739-440C-851E-F5F7FD38F18E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1A4F884F-12F0-449F-8EB5-DD871300332C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{884C9969-17FC-425B-933B-98721AAE5B5E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CCBCE541-9B10-4D30-9766-27E25DBF2D17}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D82FB43F-1883-4314-9592-F6A9537551AA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F82555C5-03EC-42FB-A148-44DF7BB37D9A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AEA789FF-39CC-4B3F-BE80-A4FCC343D10C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EA4BFE88-97B1-4C6E-8A49-9AA1E469CE9D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{37972B5A-B10F-41ED-832A-9F964FF6C88E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C28B5E82-E122-438A-B393-023F81584006}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{581112E1-696F-41E0-AB11-A9149AB73436}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{095460BF-7FCA-4F6C-92B0-A065C47B776C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B90E463D-2897-4644-A2C9-3E6F6EC8F0E1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{04BCF110-1434-4CA5-8A00-8DEFDAC39F8A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6499C949-E3C9-434C-8DE4-998474FBCBA1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2AE78E1A-859A-4217-9E5E-A171B0F450CA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{80351C0E-596B-4057-8F90-1BBDE99E34C4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4C5F3409-4A34-427D-AE55-906BFDB3BEA8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{119541EF-2D84-4D6C-A605-C62B9A9312CB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9D4AC32D-DC66-4F40-8BA1-F850E4F041C3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F32F3740-7B7B-4A19-87EB-D30D9E9F0911}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{330E6868-4AFD-4A53-9C54-1606A14917A2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{D13CE3B4-D3F9-47CF-A179-24E841D5EAD6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A3DFAC17-58B2-414D-970C-A5E12B57371A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{277B5F4B-0882-43F2-9A95-2A159552F72D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2DB048F7-86C3-495D-9648-0A8C1208DABD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1E4E6816-611C-4569-895A-D1F389961EB8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BB3D18A4-AE0C-45E0-97DF-2F092DEFFB6E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{DDC1635A-EFB6-4C18-A22F-5C6E62646292}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3352DBB0-0440-4A6D-BB9B-7AC2799D6999}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0D9ACE9C-B6EC-4C18-AC39-4F650D767BF5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{73606971-9468-412B-8B2D-549EFD3CE5FF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7F23168C-8574-4DEB-9E05-FE65F4EE9FA3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{9737E393-5759-4B92-8B74-5CB4AE18AADE}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{417C9F35-448C-40B2-89AF-1236CFE4FDAD}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{152810D6-3EE7-4445-A453-93A51B5B2015}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{76EF961A-A5C0-49E0-A936-E517E5F8E9E3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{FD1BBC6F-B08D-4947-84E8-DEB255E28B0E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{78DD4B75-CE4B-482E-9286-0CF7F10B91E5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0C4402D3-3E1E-432B-90D6-6B8DEEBA916B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1F0CE691-712B-4455-AA84-5464E4E3AFF4}] => (Allow) LPort=53000
FirewallRules: [{99B668BB-2A93-4E3F-93DF-D038F403B3CA}] => (Allow) LPort=52000
FirewallRules: [TCP Query User{5AE32623-ECB6-425B-9E5C-277D0FDAF89F}C:\program files\bohemia interactive\arma demo\armademo.exe] => (Allow) C:\program files\bohemia interactive\arma demo\armademo.exe
FirewallRules: [UDP Query User{BC011901-7A51-4AD3-8583-7A8C529646E3}C:\program files\bohemia interactive\arma demo\armademo.exe] => (Allow) C:\program files\bohemia interactive\arma demo\armademo.exe
FirewallRules: [{6CA06C4A-0447-4B57-943A-E2C1C90EB408}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{08CA7946-9C29-4FB8-ADA9-4830B2FB0829}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F3181C95-4C37-4BA3-8350-CC5F00DAF0FE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{10F18B87-7F3A-4747-99E7-9BA04EFB15F0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C600BDA3-1DB9-4350-AC69-5BBC4FBB909D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{1E6C4E5D-39FF-433E-AB0B-1B648DE7725E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{C94EED85-FDCD-49A0-8D89-C9ABAF743893}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{EBCECBAB-D15C-48C3-AE6A-5903338AEC5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{5A0CE2C0-382A-4A59-A099-554F406746B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E4045A13-F24C-4C6D-A974-B46DF44560AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{9EA36164-95AA-4373-9F64-1CA2E7C4F66A}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{FC78917D-A1B3-448C-A6CB-2B31CA69BC37}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{F743E7B3-B31C-4E1A-B8FD-300DB314E27F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{196AC14A-EE27-4A8A-8476-5761E98413BE}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5EE74F2D-BC1C-41EB-BFCE-37C916707AF1}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{08C91461-1FEA-4D94-8623-2D46BD51F151}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{15A17A4A-E1C0-40DC-B4F2-6D1655F7A7F1}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{6FACB36C-E4C8-40DB-B900-3096AAFBC88A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\brainbread2\hl2.exe
FirewallRules: [{8D209586-73F4-41EB-946D-627FA1581959}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\brainbread2\hl2.exe
FirewallRules: [{A461D0CF-9F9E-4F69-ADDE-42DB66F7210E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno Online\nw.exe
FirewallRules: [{60C5CB51-0891-44A6-A9EB-711701E05717}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno Online\nw.exe
FirewallRules: [{3E926C57-708F-4F5D-843C-61B9C76F1140}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{7F6501C0-3AB2-4D61-9D05-93D7903B691B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{C6F9BD41-52D1-460C-AA6B-A193561111FA}C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe] => (Allow) C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe
FirewallRules: [UDP Query User{8CB60933-7022-4957-A469-E0974B22D98E}C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe] => (Allow) C:\programdata\ableton\live 9 lite\program\ableton live 9 lite.exe
FirewallRules: [{2807E630-6F67-4B2F-A442-E00378054676}] => (Allow) C:\Users\HP\AppData\Local\Temp\MPCOnline\MPCDownload.exe
FirewallRules: [{24AEEB3B-4053-4ECA-A9A1-6D4B67FC9DB4}] => (Allow) C:\Users\HP\AppData\Local\Temp\MPCOnline\MPCDownload.exe

==================== Wiederherstellungspunkte =========================

11-09-2016 11:04:07 Geplanter Prüfpunkt
16-09-2016 18:47:16 Malwarebytes Anti-Rootkit Restore Point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/16/2016 10:18:50 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (09/16/2016 10:03:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 83602781

Error: (09/16/2016 10:03:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 83602781

Error: (09/16/2016 10:03:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/15/2016 10:50:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5609

Error: (09/15/2016 10:50:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5609

Error: (09/15/2016 10:50:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/15/2016 10:50:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4453

Error: (09/15/2016 10:50:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4453

Error: (09/15/2016 10:50:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (09/16/2016 06:58:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (09/15/2016 10:04:28 AM) (Source: Ntfs) (EventID: 138) (User: )
Description: Bei "C:\" wurde vom Transaktionsressourcen-Manager ein schwerwiegender Fehler festgestellt, und er wurde heruntergefahren. Der Fehlercode ist in den Daten enthalten.

Error: (09/14/2016 09:54:14 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/12/2016 04:45:20 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 0.0.0.0 mit dem Computer mit der
Netzwerkhardwareadresse 00-00-00-00-00-00 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (09/12/2016 08:52:03 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (09/12/2016 08:47:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎12.‎09.‎2016 um 05:56:15 unerwartet heruntergefahren.

Error: (09/11/2016 09:00:34 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/10/2016 08:45:17 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/10/2016 09:19:28 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/09/2016 08:31:39 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


CodeIntegrity:
===================================
  Date: 2016-09-16 22:27:53.401
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 22:27:53.168
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 22:26:58.197
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 22:26:57.957
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 11:33:09.761
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 11:33:09.505
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 10:51:21.291
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 10:51:21.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 10:16:41.727
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-16 10:16:41.500
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8147.3 MB
Verfügbarer physikalischer RAM: 5430.16 MB
Summe virtueller Speicher: 8547.3 MB
Verfügbarer virtueller Speicher: 5708.22 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:918.38 GB) (Free:583.71 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.36 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 076766A4)

Partition: GPT.

==================== Ende von Addition.txt ============================

caloda · 16.09.2016, 22:15

Code:

ATTFilter

22:38:09.0138 0x162c  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
22:38:09.0138 0x162c  UEFI system
23:11:58.0212 0x162c  ============================================================
23:11:58.0212 0x162c  Current date / time: 2016/09/16 23:11:58.0212
23:11:58.0212 0x162c  SystemInfo:
23:11:58.0212 0x162c  
23:11:58.0212 0x162c  OS Version: 6.3.9600 ServicePack: 0.0
23:11:58.0212 0x162c  Product type: Workstation
23:11:58.0212 0x162c  ComputerName: HP-HP
23:11:58.0212 0x162c  UserName: HP
23:11:58.0212 0x162c  Windows directory: C:\WINDOWS
23:11:58.0212 0x162c  System windows directory: C:\WINDOWS
23:11:58.0212 0x162c  Running under WOW64
23:11:58.0212 0x162c  Processor architecture: Intel x64
23:11:58.0212 0x162c  Number of processors: 4
23:11:58.0212 0x162c  Page size: 0x1000
23:11:58.0212 0x162c  Boot type: Normal boot
23:11:58.0212 0x162c  CodeIntegrityOptions = 0x00000001
23:11:58.0212 0x162c  ============================================================
23:11:58.0408 0x162c  KLMD registered as C:\WINDOWS\system32\drivers\22316170.sys
23:11:58.0408 0x162c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18438, osProperties = 0x19
23:11:59.0182 0x162c  System UUID: {5B80D4E5-EF1F-2FDC-9DF6-75533EDF7DFE}
23:12:00.0434 0x162c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:12:00.0445 0x162c  ============================================================
23:12:00.0445 0x162c  \Device\Harddisk0\DR0:
23:12:00.0445 0x162c  GPT partitions:
23:12:00.0445 0x162c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D9A4DCFD-0076-4184-9EC4-59F7DEAD9A4A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
23:12:00.0445 0x162c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3FD7ADB1-BE28-4BE6-B510-EBB344B0BFA0}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
23:12:00.0446 0x162c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {91042004-A6F3-4780-A41B-45C5080981D5}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
23:12:00.0446 0x162c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {93ADC2D7-11D8-46F3-B016-BA78B7FEC246}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x72CC5000
23:12:00.0446 0x162c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C7FA41D3-26AE-4FDD-90A2-74FEE3E23DEA}, Name: , StartLBA 0x72FB9000, BlocksNum 0xE1000
23:12:00.0446 0x162c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {042929B9-9134-4A6D-8D7A-E450EE62308D}, Name: Basic data partition, StartLBA 0x7309A000, BlocksNum 0x166C800
23:12:00.0446 0x162c  MBR partitions:
23:12:00.0446 0x162c  ============================================================
23:12:00.0448 0x162c  C: <-> \Device\Harddisk0\DR0\Partition4
23:12:00.0489 0x162c  D: <-> \Device\Harddisk0\DR0\Partition6
23:12:00.0489 0x162c  ============================================================
23:12:00.0489 0x162c  Initialize success
23:12:00.0489 0x162c  ============================================================
23:12:31.0473 0x166c  ============================================================
23:12:31.0473 0x166c  Scan started
23:12:31.0473 0x166c  Mode: Manual; 
23:12:31.0473 0x166c  ============================================================
23:12:31.0473 0x166c  KSN ping started
23:12:31.0575 0x166c  KSN ping finished: true
23:12:33.0287 0x166c  ================ Scan system memory ========================
23:12:33.0287 0x166c  System memory - ok
23:12:33.0288 0x166c  ================ Scan services =============================
23:12:33.0467 0x166c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:12:33.0474 0x166c  1394ohci - ok
23:12:33.0514 0x166c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
23:12:33.0517 0x166c  3ware - ok
23:12:33.0619 0x166c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
23:12:33.0630 0x166c  ACPI - ok
23:12:33.0660 0x166c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:12:33.0661 0x166c  acpiex - ok
23:12:33.0684 0x166c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:12:33.0684 0x166c  acpipagr - ok
23:12:33.0782 0x166c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:12:33.0782 0x166c  AcpiPmi - ok
23:12:33.0814 0x166c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:12:33.0815 0x166c  acpitime - ok
23:12:34.0057 0x166c  [ C473A0D5192A55C838361ACF804DEF6D, 710503ADA9801DF04D58D9032FA2DF880DE0AA5F59E90F5E962C749D2F231E47 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:12:34.0065 0x166c  AdobeFlashPlayerUpdateSvc - ok
23:12:34.0122 0x166c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:12:34.0139 0x166c  ADP80XX - ok
23:12:34.0184 0x166c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
23:12:34.0187 0x166c  AeLookupSvc - ok
23:12:34.0245 0x166c  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
23:12:34.0258 0x166c  AFD - ok
23:12:34.0268 0x166c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
23:12:34.0269 0x166c  agp440 - ok
23:12:34.0305 0x166c  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:12:34.0306 0x166c  ahcache - ok
23:12:34.0349 0x166c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
23:12:34.0353 0x166c  ALG - ok
23:12:34.0367 0x166c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
23:12:34.0370 0x166c  AmdK8 - ok
23:12:34.0380 0x166c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
23:12:34.0382 0x166c  AmdPPM - ok
23:12:34.0391 0x166c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
23:12:34.0392 0x166c  amdsata - ok
23:12:34.0410 0x166c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:12:34.0414 0x166c  amdsbs - ok
23:12:34.0424 0x166c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
23:12:34.0425 0x166c  amdxata - ok
23:12:34.0510 0x166c  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
23:12:34.0513 0x166c  AppHostSvc - ok
23:12:34.0554 0x166c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
23:12:34.0557 0x166c  AppID - ok
23:12:34.0599 0x166c  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
23:12:34.0600 0x166c  AppIDSvc - ok
23:12:34.0645 0x166c  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
23:12:34.0648 0x166c  Appinfo - ok
23:12:34.0773 0x166c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:12:34.0776 0x166c  Apple Mobile Device Service - ok
23:12:34.0833 0x166c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:12:34.0848 0x166c  AppReadiness - ok
23:12:34.0923 0x166c  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
23:12:34.0943 0x166c  AppXSvc - ok
23:12:34.0960 0x166c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:12:34.0962 0x166c  arcsas - ok
23:12:35.0080 0x166c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:12:35.0081 0x166c  aspnet_state - ok
23:12:35.0106 0x166c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
23:12:35.0107 0x166c  atapi - ok
23:12:35.0160 0x166c  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:12:35.0166 0x166c  AudioEndpointBuilder - ok
23:12:35.0213 0x166c  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
23:12:35.0229 0x166c  Audiosrv - ok
23:12:35.0272 0x166c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:12:35.0274 0x166c  AxInstSV - ok
23:12:35.0308 0x166c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
23:12:35.0322 0x166c  b06bdrv - ok
23:12:35.0343 0x166c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:12:35.0345 0x166c  BasicDisplay - ok
23:12:35.0357 0x166c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
23:12:35.0359 0x166c  BasicRender - ok
23:12:35.0373 0x166c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:12:35.0374 0x166c  bcmfn2 - ok
23:12:35.0410 0x166c  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:12:35.0420 0x166c  BDESVC - ok
23:12:35.0451 0x166c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:12:35.0452 0x166c  Beep - ok
23:12:35.0480 0x166c  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll
23:12:35.0492 0x166c  BFE - ok
23:12:35.0531 0x166c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
23:12:35.0545 0x166c  BITS - ok
23:12:35.0578 0x166c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:12:35.0584 0x166c  Bonjour Service - ok
23:12:35.0589 0x166c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
23:12:35.0591 0x166c  bowser - ok
23:12:35.0637 0x166c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:12:35.0645 0x166c  BrokerInfrastructure - ok
23:12:35.0664 0x166c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
23:12:35.0668 0x166c  Browser - ok
23:12:35.0691 0x166c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:12:35.0692 0x166c  BthAvrcpTg - ok
23:12:35.0723 0x166c  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:12:35.0725 0x166c  BthHFEnum - ok
23:12:35.0731 0x166c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
23:12:35.0733 0x166c  bthhfhid - ok
23:12:35.0761 0x166c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
23:12:35.0771 0x166c  BthHFSrv - ok
23:12:35.0787 0x166c  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:12:35.0789 0x166c  BTHMODEM - ok
23:12:35.0823 0x166c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:12:35.0826 0x166c  bthserv - ok
23:12:35.0842 0x166c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:12:35.0844 0x166c  cdfs - ok
23:12:35.0873 0x166c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
23:12:35.0878 0x166c  cdrom - ok
23:12:35.0894 0x166c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
23:12:35.0899 0x166c  CertPropSvc - ok
23:12:35.0916 0x166c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:12:35.0917 0x166c  circlass - ok
23:12:35.0968 0x166c  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
23:12:35.0977 0x166c  CLFS - ok
23:12:36.0009 0x166c  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
23:12:36.0011 0x166c  CLVirtualDrive - ok
23:12:36.0036 0x166c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:12:36.0038 0x166c  CmBatt - ok
23:12:36.0089 0x166c  [ 5CBF8B3E27D824D2AA2A34AFB406F1D0, 955AF1307C02D2B4DEEB150F37F77B8631C0F3C450037C233E9E27D6571B0265 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
23:12:36.0104 0x166c  CNG - ok
23:12:36.0124 0x166c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
23:12:36.0125 0x166c  CompositeBus - ok
23:12:36.0129 0x166c  COMSysApp - ok
23:12:36.0145 0x166c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:12:36.0146 0x166c  condrv - ok
23:12:36.0168 0x166c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:12:36.0170 0x166c  CryptSvc - ok
23:12:36.0181 0x166c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
23:12:36.0182 0x166c  dam - ok
23:12:36.0242 0x166c  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:12:36.0265 0x166c  DcomLaunch - ok
23:12:36.0308 0x166c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
23:12:36.0317 0x166c  defragsvc - ok
23:12:36.0370 0x166c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:12:36.0376 0x166c  DeviceAssociationService - ok
23:12:36.0389 0x166c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
23:12:36.0392 0x166c  DeviceInstall - ok
23:12:36.0402 0x166c  [ 5408A71E47FF21E357192FD4126B3002, D9EDDE26EFB7B3EBD8F21F5730A49D594D916A95E0D09ABBA7B6E7C59052A712 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
23:12:36.0404 0x166c  Dfsc - ok
23:12:36.0433 0x166c  [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
23:12:36.0435 0x166c  dg_ssudbus - ok
23:12:36.0479 0x166c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
23:12:36.0485 0x166c  Dhcp - ok
23:12:36.0572 0x166c  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
23:12:36.0594 0x166c  DiagTrack - ok
23:12:36.0634 0x166c  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
23:12:36.0637 0x166c  disk - ok
23:12:36.0651 0x166c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
23:12:36.0653 0x166c  dmvsc - ok
23:12:36.0700 0x166c  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:12:36.0707 0x166c  Dnscache - ok
23:12:36.0758 0x166c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:12:36.0765 0x166c  dot3svc - ok
23:12:36.0786 0x166c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
23:12:36.0792 0x166c  DPS - ok
23:12:36.0835 0x166c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:12:36.0858 0x166c  drmkaud - ok
23:12:36.0869 0x166c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
23:12:36.0875 0x166c  DsmSvc - ok
23:12:36.0990 0x166c  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:12:37.0012 0x166c  DXGKrnl - ok
23:12:37.0027 0x166c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
23:12:37.0029 0x166c  Eaphost - ok
23:12:37.0152 0x166c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
23:12:37.0199 0x166c  ebdrv - ok
23:12:37.0306 0x166c  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:12:37.0318 0x166c  eeCtrl - ok
23:12:37.0351 0x166c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
23:12:37.0353 0x166c  EFS - ok
23:12:37.0360 0x166c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
23:12:37.0361 0x166c  EhStorClass - ok
23:12:37.0372 0x166c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:12:37.0374 0x166c  EhStorTcgDrv - ok
23:12:37.0395 0x166c  [ 23C3061D2F7F8BCB6140A098447035B4, A89A628D99637DA72F51E90A6C3CBAAB552B423447C2EDC561E3D7CCB4D7EAB7 ] EraserUtilDrv11311 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys
23:12:37.0398 0x166c  EraserUtilDrv11311 - ok
23:12:37.0429 0x166c  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilDrv11312 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys
23:12:37.0432 0x166c  EraserUtilDrv11312 - ok
23:12:37.0445 0x166c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:12:37.0446 0x166c  ErrDev - ok
23:12:37.0513 0x166c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
23:12:37.0527 0x166c  EventSystem - ok
23:12:37.0542 0x166c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
23:12:37.0545 0x166c  exfat - ok
23:12:37.0563 0x166c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
23:12:37.0566 0x166c  fastfat - ok
23:12:37.0623 0x166c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:12:37.0640 0x166c  Fax - ok
23:12:37.0664 0x166c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
23:12:37.0665 0x166c  fdc - ok
23:12:37.0694 0x166c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:12:37.0695 0x166c  fdPHost - ok
23:12:37.0713 0x166c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:12:37.0714 0x166c  FDResPub - ok
23:12:37.0762 0x166c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
23:12:37.0764 0x166c  fhsvc - ok
23:12:37.0775 0x166c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:12:37.0778 0x166c  FileInfo - ok
23:12:37.0792 0x166c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
23:12:37.0794 0x166c  Filetrace - ok
23:12:37.0800 0x166c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:12:37.0801 0x166c  flpydisk - ok
23:12:37.0853 0x166c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:12:37.0862 0x166c  FltMgr - ok
23:12:37.0951 0x166c  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
23:12:37.0970 0x166c  FontCache - ok
23:12:38.0031 0x166c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:12:38.0032 0x166c  FontCache3.0.0.0 - ok
23:12:38.0071 0x166c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
23:12:38.0073 0x166c  FsDepends - ok
23:12:38.0090 0x166c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:12:38.0091 0x166c  Fs_Rec - ok
23:12:38.0151 0x166c  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:12:38.0162 0x166c  fvevol - ok
23:12:38.0166 0x166c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
23:12:38.0167 0x166c  FxPPM - ok
23:12:38.0181 0x166c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
23:12:38.0182 0x166c  gagp30kx - ok
23:12:38.0212 0x166c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:12:38.0213 0x166c  GEARAspiWDM - ok
23:12:38.0257 0x166c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:12:38.0258 0x166c  gencounter - ok
23:12:38.0280 0x166c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:12:38.0284 0x166c  GPIOClx0101 - ok
23:12:38.0366 0x166c  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
23:12:38.0385 0x166c  gpsvc - ok
23:12:38.0419 0x166c  gupdate - ok
23:12:38.0420 0x166c  gupdatem - ok
23:12:38.0446 0x166c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:12:38.0448 0x166c  HDAudBus - ok
23:12:38.0474 0x166c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
23:12:38.0475 0x166c  HidBatt - ok
23:12:38.0525 0x166c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:12:38.0528 0x166c  HidBth - ok
23:12:38.0544 0x166c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:12:38.0545 0x166c  hidi2c - ok
23:12:38.0597 0x166c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:12:38.0599 0x166c  HidIr - ok
23:12:38.0644 0x166c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
23:12:38.0646 0x166c  hidserv - ok
23:12:38.0661 0x166c  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:12:38.0662 0x166c  HidUsb - ok
23:12:38.0701 0x166c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
23:12:38.0705 0x166c  hkmsvc - ok
23:12:38.0777 0x166c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:12:38.0786 0x166c  HomeGroupListener - ok
23:12:38.0839 0x166c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:12:38.0853 0x166c  HomeGroupProvider - ok
23:12:38.0886 0x166c  [ E1C037A7E05FD39E6C1AF93CEEFDC53A, D20B056BE5CEB5D471170D6627157D8848376FF319BFE12C7331B0F2C0EBB4A4 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:12:38.0889 0x166c  HP Support Assistant Service - ok
23:12:38.0925 0x166c  [ E2550FBBBA31E2D4F9757E0A533689F0, 0AE6B0D89E74E57F87A6431D005BFF4213AC4C98A74A7C796894FC2A8D42E0DD ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
23:12:38.0927 0x166c  HPConnectedRemote - ok
23:12:39.0026 0x166c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
23:12:39.0039 0x166c  hpqwmiex - ok
23:12:39.0053 0x166c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:12:39.0054 0x166c  HpSAMD - ok
23:12:39.0105 0x166c  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
23:12:39.0119 0x166c  HTTP - ok
23:12:39.0129 0x166c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:12:39.0129 0x166c  hwpolicy - ok
23:12:39.0137 0x166c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
23:12:39.0137 0x166c  hyperkbd - ok
23:12:39.0144 0x166c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:12:39.0144 0x166c  HyperVideo - ok
23:12:39.0186 0x166c  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:12:39.0188 0x166c  i8042prt - ok
23:12:39.0201 0x166c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:12:39.0202 0x166c  iaLPSSi_GPIO - ok
23:12:39.0211 0x166c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:12:39.0214 0x166c  iaLPSSi_I2C - ok
23:12:39.0248 0x166c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
23:12:39.0265 0x166c  iaStorAV - ok
23:12:39.0287 0x166c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
23:12:39.0293 0x166c  iaStorV - ok
23:12:39.0295 0x166c  IEEtwCollectorService - ok
23:12:39.0356 0x166c  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
23:12:39.0384 0x166c  IKEEXT - ok
23:12:39.0436 0x166c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
23:12:39.0449 0x166c  Intel(R) Capability Licensing Service Interface - ok
23:12:39.0476 0x166c  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
23:12:39.0478 0x166c  Intel(R) ME Service - ok
23:12:39.0493 0x166c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:12:39.0494 0x166c  intelide - ok
23:12:39.0524 0x166c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:12:39.0524 0x166c  intelpep - ok
23:12:39.0533 0x166c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
23:12:39.0535 0x166c  intelppm - ok
23:12:39.0560 0x166c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:12:39.0562 0x166c  IpFilterDriver - ok
23:12:39.0639 0x166c  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
23:12:39.0660 0x166c  iphlpsvc - ok
23:12:39.0698 0x166c  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:12:39.0699 0x166c  IPMIDRV - ok
23:12:39.0738 0x166c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:12:39.0741 0x166c  IPNAT - ok
23:12:39.0791 0x166c  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:12:39.0807 0x166c  iPod Service - ok
23:12:39.0816 0x166c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:12:39.0816 0x166c  IRENUM - ok
23:12:39.0850 0x166c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
23:12:39.0852 0x166c  isapnp - ok
23:12:39.0892 0x166c  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
23:12:39.0900 0x166c  iScsiPrt - ok
23:12:39.0930 0x166c  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:12:39.0934 0x166c  jhi_service - ok
23:12:39.0950 0x166c  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:12:39.0952 0x166c  kbdclass - ok
23:12:39.0974 0x166c  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:12:39.0975 0x166c  kbdhid - ok
23:12:40.0001 0x166c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:12:40.0002 0x166c  kdnic - ok
23:12:40.0015 0x166c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:12:40.0018 0x166c  KeyIso - ok
23:12:40.0058 0x166c  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
23:12:40.0061 0x166c  KSecDD - ok
23:12:40.0105 0x166c  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:12:40.0110 0x166c  KSecPkg - ok
23:12:40.0117 0x166c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
23:12:40.0118 0x166c  ksthunk - ok
23:12:40.0152 0x166c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:12:40.0163 0x166c  KtmRm - ok
23:12:40.0215 0x166c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
23:12:40.0221 0x166c  LanmanServer - ok
23:12:40.0270 0x166c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:12:40.0280 0x166c  LanmanWorkstation - ok
23:12:40.0312 0x166c  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
23:12:40.0320 0x166c  lfsvc - ok
23:12:40.0360 0x166c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:12:40.0362 0x166c  lltdio - ok
23:12:40.0389 0x166c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
23:12:40.0394 0x166c  lltdsvc - ok
23:12:40.0436 0x166c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
23:12:40.0438 0x166c  lmhosts - ok
23:12:40.0457 0x166c  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:12:40.0464 0x166c  LMS - ok
23:12:40.0486 0x166c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
23:12:40.0489 0x166c  LSI_SAS - ok
23:12:40.0510 0x166c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:12:40.0513 0x166c  LSI_SAS2 - ok
23:12:40.0524 0x166c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
23:12:40.0527 0x166c  LSI_SAS3 - ok
23:12:40.0541 0x166c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
23:12:40.0543 0x166c  LSI_SSS - ok
23:12:40.0612 0x166c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
23:12:40.0625 0x166c  LSM - ok
23:12:40.0640 0x166c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
23:12:40.0642 0x166c  luafv - ok
23:12:40.0654 0x166c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
23:12:40.0655 0x166c  megasas - ok
23:12:40.0679 0x166c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:12:40.0693 0x166c  megasr - ok
23:12:40.0740 0x166c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
23:12:40.0742 0x166c  MEIx64 - ok
23:12:40.0778 0x166c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
23:12:40.0782 0x166c  MMCSS - ok
23:12:40.0796 0x166c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
23:12:40.0798 0x166c  Modem - ok
23:12:40.0821 0x166c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
23:12:40.0822 0x166c  monitor - ok
23:12:40.0836 0x166c  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:12:40.0838 0x166c  mouclass - ok
23:12:40.0844 0x166c  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:12:40.0846 0x166c  mouhid - ok
23:12:40.0884 0x166c  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
23:12:40.0887 0x166c  mountmgr - ok
23:12:40.0899 0x166c  MPCKpt - ok
23:12:41.0014 0x166c  [ 3B777AD722F994E72A9A5EBFF55A2269, C7BE220A0BD5D458A4B1EDE2F58E14912283DC83D1BBAB26BFBA722716A5DF3E ] MPCProtectService C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
23:12:41.0023 0x166c  MPCProtectService - ok
23:12:41.0067 0x166c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:12:41.0068 0x166c  mpsdrv - ok
23:12:41.0093 0x166c  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
23:12:41.0106 0x166c  MpsSvc - ok
23:12:41.0139 0x166c  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:12:41.0141 0x166c  MRxDAV - ok
23:12:41.0188 0x166c  [ 3AF30CEB99E581E2FADA0B5FC4B551D8, 59BDE83C10D6F31E13B81FC317F1DE0E00793FBA288EAF844E29CFA0EB184502 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:12:41.0194 0x166c  mrxsmb - ok
23:12:41.0214 0x166c  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:12:41.0219 0x166c  mrxsmb10 - ok
23:12:41.0227 0x166c  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:12:41.0230 0x166c  mrxsmb20 - ok
23:12:41.0263 0x166c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
23:12:41.0265 0x166c  MsBridge - ok
23:12:41.0278 0x166c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:12:41.0282 0x166c  MSDTC - ok
23:12:41.0325 0x166c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:12:41.0326 0x166c  Msfs - ok
23:12:41.0347 0x166c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:12:41.0348 0x166c  msgpiowin32 - ok
23:12:41.0369 0x166c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:12:41.0370 0x166c  mshidkmdf - ok
23:12:41.0382 0x166c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:12:41.0383 0x166c  mshidumdf - ok
23:12:41.0404 0x166c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:12:41.0405 0x166c  msisadrv - ok
23:12:41.0433 0x166c  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
23:12:41.0438 0x166c  MSiSCSI - ok
23:12:41.0443 0x166c  msiserver - ok
23:12:41.0462 0x166c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:12:41.0463 0x166c  MSKSSRV - ok
23:12:41.0481 0x166c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:12:41.0483 0x166c  MsLldp - ok
23:12:41.0500 0x166c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:12:41.0501 0x166c  MSPCLOCK - ok
23:12:41.0505 0x166c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:12:41.0506 0x166c  MSPQM - ok
23:12:41.0529 0x166c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
23:12:41.0537 0x166c  MsRPC - ok
23:12:41.0552 0x166c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:12:41.0554 0x166c  mssmbios - ok
23:12:41.0566 0x166c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:12:41.0566 0x166c  MSTEE - ok
23:12:41.0599 0x166c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:12:41.0600 0x166c  MTConfig - ok
23:12:41.0637 0x166c  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
23:12:41.0639 0x166c  Mup - ok
23:12:41.0644 0x166c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:12:41.0645 0x166c  mvumis - ok
23:12:41.0693 0x166c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
23:12:41.0702 0x166c  napagent - ok
23:12:41.0747 0x166c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:12:41.0754 0x166c  NativeWifiP - ok
23:12:41.0803 0x166c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:12:41.0809 0x166c  NcaSvc - ok
23:12:41.0855 0x166c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
23:12:41.0861 0x166c  NcbService - ok
23:12:41.0908 0x166c  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:12:41.0912 0x166c  NcdAutoSetup - ok
23:12:41.0992 0x166c  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
23:12:42.0010 0x166c  NDIS - ok
23:12:42.0047 0x166c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:12:42.0048 0x166c  NdisCap - ok
23:12:42.0092 0x166c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:12:42.0094 0x166c  NdisImPlatform - ok
23:12:42.0104 0x166c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:12:42.0105 0x166c  NdisTapi - ok
23:12:42.0128 0x166c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:12:42.0130 0x166c  Ndisuio - ok
23:12:42.0143 0x166c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:12:42.0144 0x166c  NdisVirtualBus - ok
23:12:42.0175 0x166c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:12:42.0181 0x166c  NdisWan - ok
23:12:42.0190 0x166c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:12:42.0196 0x166c  NdisWanLegacy - ok
23:12:42.0241 0x166c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:12:42.0242 0x166c  NDProxy - ok
23:12:42.0257 0x166c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:12:42.0259 0x166c  Ndu - ok
23:12:42.0288 0x166c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:12:42.0290 0x166c  NetBIOS - ok
23:12:42.0343 0x166c  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:12:42.0347 0x166c  NetBT - ok
23:12:42.0355 0x166c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:12:42.0356 0x166c  Netlogon - ok
23:12:42.0373 0x166c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
23:12:42.0378 0x166c  Netman - ok
23:12:42.0432 0x166c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:12:42.0441 0x166c  netprofm - ok
23:12:42.0491 0x166c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:12:42.0493 0x166c  NetTcpPortSharing - ok
23:12:42.0496 0x166c  NetUtils2016 - ok
23:12:42.0533 0x166c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
23:12:42.0535 0x166c  netvsc - ok
23:12:42.0562 0x166c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
23:12:42.0573 0x166c  NlaSvc - ok
23:12:42.0587 0x166c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:12:42.0589 0x166c  Npfs - ok
23:12:42.0637 0x166c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
23:12:42.0638 0x166c  npsvctrig - ok
23:12:42.0676 0x166c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
23:12:42.0679 0x166c  nsi - ok
23:12:42.0720 0x166c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
23:12:42.0721 0x166c  nsiproxy - ok
23:12:42.0815 0x166c  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:12:42.0879 0x166c  Ntfs - ok
23:12:42.0889 0x166c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:12:42.0889 0x166c  Null - ok
23:12:42.0934 0x166c  [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
23:12:42.0939 0x166c  NVHDA - ok
23:12:43.0239 0x166c  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
23:12:43.0390 0x166c  nvlddmkm - ok
23:12:43.0412 0x166c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:12:43.0415 0x166c  nvraid - ok
23:12:43.0428 0x166c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:12:43.0430 0x166c  nvstor - ok
23:12:43.0490 0x166c  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
23:12:43.0503 0x166c  nvsvc - ok
23:12:43.0556 0x166c  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:12:43.0575 0x166c  nvUpdatusService - ok
23:12:43.0587 0x166c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
23:12:43.0589 0x166c  nv_agp - ok
23:12:43.0636 0x166c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:12:43.0647 0x166c  p2pimsvc - ok
23:12:43.0707 0x166c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:12:43.0716 0x166c  p2psvc - ok
23:12:43.0728 0x166c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
23:12:43.0730 0x166c  Parport - ok
23:12:43.0758 0x166c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
23:12:43.0760 0x166c  partmgr - ok
23:12:43.0812 0x166c  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
23:12:43.0821 0x166c  PcaSvc - ok
23:12:43.0850 0x166c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
23:12:43.0854 0x166c  pci - ok
23:12:43.0872 0x166c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:12:43.0873 0x166c  pciide - ok
23:12:43.0899 0x166c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:12:43.0901 0x166c  pcmcia - ok
23:12:43.0912 0x166c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
23:12:43.0913 0x166c  pcw - ok
23:12:43.0932 0x166c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
23:12:43.0934 0x166c  pdc - ok
23:12:43.0986 0x166c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
23:12:43.0997 0x166c  PEAUTH - ok
23:12:44.0086 0x166c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:12:44.0088 0x166c  PerfHost - ok
23:12:44.0165 0x166c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
23:12:44.0186 0x166c  pla - ok
23:12:44.0206 0x166c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:12:44.0209 0x166c  PlugPlay - ok
23:12:44.0250 0x166c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:12:44.0252 0x166c  PNRPAutoReg - ok
23:12:44.0278 0x166c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
23:12:44.0289 0x166c  PNRPsvc - ok
23:12:44.0336 0x166c  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
23:12:44.0343 0x166c  PolicyAgent - ok
23:12:44.0355 0x166c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
23:12:44.0357 0x166c  Power - ok
23:12:44.0490 0x166c  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:12:44.0530 0x166c  PrintNotify - ok
23:12:44.0573 0x166c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
23:12:44.0574 0x166c  Processor - ok
23:12:44.0597 0x166c  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
23:12:44.0601 0x166c  ProfSvc - ok
23:12:44.0636 0x166c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
23:12:44.0638 0x166c  Psched - ok
23:12:44.0686 0x166c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:12:44.0691 0x166c  QWAVE - ok
23:12:44.0735 0x166c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:12:44.0736 0x166c  QWAVEdrv - ok
23:12:44.0778 0x166c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:12:44.0779 0x166c  RasAcd - ok
23:12:44.0824 0x166c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:12:44.0829 0x166c  RasAuto - ok
23:12:44.0891 0x166c  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:12:44.0906 0x166c  RasMan - ok
23:12:44.0924 0x166c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:12:44.0925 0x166c  RasPppoe - ok
23:12:44.0971 0x166c  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:12:44.0976 0x166c  rdbss - ok
23:12:45.0018 0x166c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:12:45.0019 0x166c  rdpbus - ok
23:12:45.0063 0x166c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
23:12:45.0068 0x166c  RDPDR - ok
23:12:45.0124 0x166c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:12:45.0126 0x166c  RdpVideoMiniport - ok
23:12:45.0159 0x166c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:12:45.0165 0x166c  rdyboost - ok
23:12:45.0217 0x166c  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
23:12:45.0241 0x166c  ReFS - ok
23:12:45.0263 0x166c  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:12:45.0268 0x166c  RemoteAccess - ok
23:12:45.0290 0x166c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:12:45.0294 0x166c  RemoteRegistry - ok
23:12:45.0336 0x166c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:12:45.0340 0x166c  RpcEptMapper - ok
23:12:45.0380 0x166c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:12:45.0382 0x166c  RpcLocator - ok
23:12:45.0421 0x166c  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:12:45.0446 0x166c  RpcSs - ok
23:12:45.0459 0x166c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:12:45.0461 0x166c  rspndr - ok
23:12:45.0520 0x166c  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
23:12:45.0536 0x166c  RTL8168 - ok
23:12:45.0590 0x166c  [ B0A0260A3C03156937ECDB67CE5C6FE5, 88102D22976398599FA6165E9DBC1213EF2A001C99602E2195C9A7BAB0A127D7 ] RtlWlanu        C:\WINDOWS\system32\DRIVERS\rtwlanu.sys
23:12:45.0619 0x166c  RtlWlanu - ok
23:12:45.0628 0x166c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
23:12:45.0628 0x166c  s3cap - ok
23:12:45.0668 0x166c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
23:12:45.0669 0x166c  SamSs - ok
23:12:45.0705 0x166c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:12:45.0707 0x166c  sbp2port - ok
23:12:45.0755 0x166c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
23:12:45.0759 0x166c  SCardSvr - ok
23:12:45.0767 0x166c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
23:12:45.0770 0x166c  ScDeviceEnum - ok
23:12:45.0809 0x166c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:12:45.0811 0x166c  scfilter - ok
23:12:45.0869 0x166c  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:12:45.0886 0x166c  Schedule - ok
23:12:45.0934 0x166c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
23:12:45.0939 0x166c  SCPolicySvc - ok
23:12:45.0984 0x166c  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
23:12:45.0989 0x166c  sdbus - ok
23:12:46.0003 0x166c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
23:12:46.0005 0x166c  sdstor - ok
23:12:46.0019 0x166c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
23:12:46.0020 0x166c  secdrv - ok
23:12:46.0064 0x166c  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:12:46.0066 0x166c  seclogon - ok
23:12:46.0112 0x166c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
23:12:46.0117 0x166c  SENS - ok
23:12:46.0160 0x166c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:12:46.0169 0x166c  SensrSvc - ok
23:12:46.0179 0x166c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
23:12:46.0182 0x166c  SerCx - ok
23:12:46.0194 0x166c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:12:46.0197 0x166c  SerCx2 - ok
23:12:46.0216 0x166c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
23:12:46.0217 0x166c  Serenum - ok
23:12:46.0250 0x166c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:12:46.0252 0x166c  Serial - ok
23:12:46.0292 0x166c  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:12:46.0294 0x166c  sermouse - ok
23:12:46.0320 0x166c  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
23:12:46.0330 0x166c  SessionEnv - ok
23:12:46.0342 0x166c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
23:12:46.0343 0x166c  sfloppy - ok
23:12:46.0379 0x166c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:12:46.0386 0x166c  SharedAccess - ok
23:12:46.0517 0x166c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:12:46.0531 0x166c  ShellHWDetection - ok
23:12:46.0545 0x166c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:12:46.0546 0x166c  SiSRaid2 - ok
23:12:46.0559 0x166c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:12:46.0560 0x166c  SiSRaid4 - ok
23:12:46.0604 0x166c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
23:12:46.0607 0x166c  smphost - ok
23:12:46.0638 0x166c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:12:46.0641 0x166c  SNMPTRAP - ok
23:12:46.0696 0x166c  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
23:12:46.0708 0x166c  spaceport - ok
23:12:46.0719 0x166c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
23:12:46.0721 0x166c  SpbCx - ok
23:12:46.0759 0x166c  [ CC30A64A10BEDBBDDC073E8FBD871738, D2F2BE66B69AE050AC211D9537683871EC2E732E849369A4FA106A8184CD15BC ] SPL_CRIMSON_MIDI C:\WINDOWS\system32\drivers\spl_crimson_m.sys
23:12:46.0760 0x166c  SPL_CRIMSON_MIDI - ok
23:12:46.0811 0x166c  [ CE0943FE5025CCA3A0D6304F8C70F1E4, 438C0A0301C9B98B6979569E30684F135A634A5722737AC3B9861E567BDFFB42 ] SPL_CRIMSON_USB C:\WINDOWS\System32\Drivers\spl_crimson_u.sys
23:12:46.0818 0x166c  SPL_CRIMSON_USB - ok
23:12:46.0832 0x166c  [ 3565ACEC5A28833B81C613A0B896FD11, 6B3384250DD3A0DA1B20796D25B56B277A9A1329F231F16234607E7976C3C0BE ] SPL_CRIMSON_WDM C:\WINDOWS\system32\drivers\spl_crimson_a.sys
23:12:46.0833 0x166c  SPL_CRIMSON_WDM - ok
23:12:46.0890 0x166c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
23:12:46.0913 0x166c  Spooler - ok
23:12:47.0106 0x166c  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
23:12:47.0191 0x166c  sppsvc - ok
23:12:47.0266 0x166c  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:12:47.0271 0x166c  srv - ok
23:12:47.0369 0x166c  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
23:12:47.0386 0x166c  srv2 - ok
23:12:47.0409 0x166c  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:12:47.0413 0x166c  srvnet - ok
23:12:47.0480 0x166c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:12:47.0488 0x166c  SSDPSRV - ok
23:12:47.0527 0x166c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
23:12:47.0531 0x166c  SstpSvc - ok
23:12:47.0562 0x166c  [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
23:12:47.0566 0x166c  ssudmdm - ok
23:12:47.0648 0x166c  [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
23:12:47.0657 0x166c  STacSV - ok
23:12:47.0798 0x166c  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:12:47.0819 0x166c  Steam Client Service - ok
23:12:47.0888 0x166c  [ 7FCE08C739136C9C64107A8814EF854C, 820E494A401D69E3DA7A8624B2093DCF98198E6D8CCCE345BDF76952EE4ADB07 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:12:47.0899 0x166c  Stereo Service - ok
23:12:47.0942 0x166c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:12:47.0943 0x166c  stexstor - ok
23:12:47.0970 0x166c  [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
23:12:47.0984 0x166c  STHDA - ok
23:12:48.0042 0x166c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:12:48.0059 0x166c  stisvc - ok
23:12:48.0074 0x166c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
23:12:48.0076 0x166c  storahci - ok
23:12:48.0106 0x166c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
23:12:48.0107 0x166c  storflt - ok
23:12:48.0147 0x166c  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
23:12:48.0148 0x166c  stornvme - ok
23:12:48.0187 0x166c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
23:12:48.0188 0x166c  StorSvc - ok
23:12:48.0202 0x166c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
23:12:48.0203 0x166c  storvsc - ok
23:12:48.0243 0x166c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
23:12:48.0246 0x166c  svsvc - ok
23:12:48.0284 0x166c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
23:12:48.0285 0x166c  swenum - ok
23:12:48.0347 0x166c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
23:12:48.0362 0x166c  swprv - ok
23:12:48.0423 0x166c  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
23:12:48.0442 0x166c  SysMain - ok
23:12:48.0484 0x166c  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:12:48.0489 0x166c  SystemEventsBroker - ok
23:12:48.0537 0x166c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:12:48.0540 0x166c  TabletInputService - ok
23:12:48.0583 0x166c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:12:48.0588 0x166c  TapiSrv - ok
23:12:48.0676 0x166c  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
23:12:48.0712 0x166c  Tcpip - ok
23:12:48.0777 0x166c  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:12:48.0812 0x166c  TCPIP6 - ok
23:12:48.0853 0x166c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:12:48.0854 0x166c  tcpipreg - ok
23:12:48.0898 0x166c  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
23:12:48.0900 0x166c  tdx - ok
23:12:48.0925 0x166c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:12:48.0926 0x166c  terminpt - ok
23:12:48.0990 0x166c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
23:12:49.0006 0x166c  TermService - ok
23:12:49.0045 0x166c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
23:12:49.0047 0x166c  Themes - ok
23:12:49.0077 0x166c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
23:12:49.0079 0x166c  THREADORDER - ok
23:12:49.0096 0x166c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
23:12:49.0100 0x166c  TimeBroker - ok
23:12:49.0159 0x166c  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
23:12:49.0161 0x166c  TPM - ok
23:12:49.0174 0x166c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:12:49.0179 0x166c  TrkWks - ok
23:12:49.0224 0x166c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:12:49.0227 0x166c  TrustedInstaller - ok
23:12:49.0242 0x166c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
23:12:49.0244 0x166c  TsUsbFlt - ok
23:12:49.0280 0x166c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:12:49.0281 0x166c  TsUsbGD - ok
23:12:49.0331 0x166c  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:12:49.0336 0x166c  tunnel - ok
23:12:49.0379 0x166c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
23:12:49.0381 0x166c  uagp35 - ok
23:12:49.0398 0x166c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:12:49.0401 0x166c  UASPStor - ok
23:12:49.0448 0x166c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
23:12:49.0453 0x166c  UCX01000 - ok
23:12:49.0492 0x166c  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:12:49.0500 0x166c  udfs - ok
23:12:49.0513 0x166c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:12:49.0515 0x166c  UEFI - ok
23:12:49.0564 0x166c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
23:12:49.0568 0x166c  UI0Detect - ok
23:12:49.0583 0x166c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
23:12:49.0586 0x166c  uliagpkx - ok
23:12:49.0597 0x166c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
23:12:49.0598 0x166c  umbus - ok
23:12:49.0620 0x166c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:12:49.0621 0x166c  UmPass - ok
23:12:49.0659 0x166c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:12:49.0669 0x166c  UmRdpService - ok
23:12:49.0715 0x166c  [ 2F665FCF5B0BE6733251D9A711024B37, 26DEB3931469FE3DC3A11465744AC9EF4D706E1C3C81D89EE53D5E4D3ADA6058 ] Unchecky        C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
23:12:49.0718 0x166c  Unchecky - ok
23:12:49.0774 0x166c  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:12:49.0783 0x166c  UNS - ok
23:12:49.0845 0x166c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:12:49.0858 0x166c  upnphost - ok
23:12:49.0904 0x166c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
23:12:49.0905 0x166c  USBAAPL64 - ok
23:12:49.0943 0x166c  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
23:12:49.0945 0x166c  usbaudio - ok
23:12:49.0968 0x166c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
23:12:49.0970 0x166c  usbccgp - ok
23:12:50.0011 0x166c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:12:50.0014 0x166c  usbcir - ok
23:12:50.0050 0x166c  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
23:12:50.0053 0x166c  usbehci - ok
23:12:50.0116 0x166c  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:12:50.0128 0x166c  usbhub - ok
23:12:50.0143 0x166c  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
23:12:50.0150 0x166c  USBHUB3 - ok
23:12:50.0168 0x166c  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
23:12:50.0169 0x166c  usbohci - ok
23:12:50.0186 0x166c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:12:50.0186 0x166c  usbprint - ok
23:12:50.0220 0x166c  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:12:50.0221 0x166c  usbscan - ok
23:12:50.0266 0x166c  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:12:50.0269 0x166c  USBSTOR - ok
23:12:50.0284 0x166c  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
23:12:50.0285 0x166c  usbuhci - ok
23:12:50.0323 0x166c  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:12:50.0328 0x166c  USBXHCI - ok
23:12:50.0338 0x166c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:12:50.0340 0x166c  VaultSvc - ok
23:12:50.0371 0x166c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
23:12:50.0372 0x166c  vdrvroot - ok
23:12:50.0442 0x166c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
23:12:50.0462 0x166c  vds - ok
23:12:50.0491 0x166c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
23:12:50.0493 0x166c  VerifierExt - ok
23:12:50.0554 0x166c  [ 5DB4AFA10A488EC4DDB3DA09B0425BE5, 480AFB6A6BCC95E86C5087C3D9DCD6058D48659A5A63F524A0B9ED3A8FEF6B9B ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
23:12:50.0568 0x166c  vhdmp - ok
23:12:50.0592 0x166c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
23:12:50.0593 0x166c  viaide - ok
23:12:50.0636 0x166c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
23:12:50.0637 0x166c  vmbus - ok
23:12:50.0646 0x166c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
23:12:50.0646 0x166c  VMBusHID - ok
23:12:50.0698 0x166c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:12:50.0713 0x166c  vmicguestinterface - ok
23:12:50.0730 0x166c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
23:12:50.0738 0x166c  vmicheartbeat - ok
23:12:50.0750 0x166c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:12:50.0759 0x166c  vmickvpexchange - ok
23:12:50.0771 0x166c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
23:12:50.0778 0x166c  vmicrdv - ok
23:12:50.0791 0x166c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
23:12:50.0798 0x166c  vmicshutdown - ok
23:12:50.0810 0x166c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
23:12:50.0818 0x166c  vmictimesync - ok
23:12:50.0830 0x166c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
23:12:50.0837 0x166c  vmicvss - ok
23:12:50.0877 0x166c  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
23:12:50.0878 0x166c  volmgr - ok
23:12:50.0895 0x166c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
23:12:50.0901 0x166c  volmgrx - ok
23:12:50.0951 0x166c  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
23:12:50.0959 0x166c  volsnap - ok
23:12:50.0986 0x166c  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
23:12:50.0988 0x166c  vpci - ok
23:12:51.0001 0x166c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
23:12:51.0003 0x166c  vsmraid - ok
23:12:51.0061 0x166c  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\WINDOWS\system32\vssvc.exe
23:12:51.0081 0x166c  VSS - ok
23:12:51.0104 0x166c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:12:51.0109 0x166c  VSTXRAID - ok
23:12:51.0168 0x166c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:12:51.0169 0x166c  vwifibus - ok
23:12:51.0188 0x166c  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:12:51.0191 0x166c  vwififlt - ok
23:12:51.0197 0x166c  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:12:51.0198 0x166c  vwifimp - ok
23:12:51.0221 0x166c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
23:12:51.0234 0x166c  W32Time - ok
23:12:51.0308 0x166c  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
23:12:51.0311 0x166c  w3logsvc - ok
23:12:51.0322 0x166c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:12:51.0323 0x166c  WacomPen - ok
23:12:51.0380 0x166c  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:12:51.0391 0x166c  WAS - ok
23:12:51.0447 0x166c  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:12:51.0471 0x166c  wbengine - ok
23:12:51.0492 0x166c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
23:12:51.0499 0x166c  WbioSrvc - ok
23:12:51.0513 0x166c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
23:12:51.0519 0x166c  Wcmsvc - ok
23:12:51.0555 0x166c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
23:12:51.0562 0x166c  wcncsvc - ok
23:12:51.0595 0x166c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:12:51.0597 0x166c  WcsPlugInService - ok
23:12:51.0611 0x166c  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
23:12:51.0612 0x166c  WdBoot - ok
23:12:51.0640 0x166c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:12:51.0652 0x166c  Wdf01000 - ok
23:12:51.0681 0x166c  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
23:12:51.0684 0x166c  WdFilter - ok
23:12:51.0729 0x166c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:12:51.0732 0x166c  WdiServiceHost - ok
23:12:51.0735 0x166c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:12:51.0738 0x166c  WdiSystemHost - ok
23:12:51.0758 0x166c  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:12:51.0760 0x166c  WdNisDrv - ok
23:12:51.0796 0x166c  WdNisSvc - ok
23:12:51.0838 0x166c  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:12:51.0846 0x166c  WebClient - ok
23:12:51.0894 0x166c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:12:51.0901 0x166c  Wecsvc - ok
23:12:51.0941 0x166c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:12:51.0944 0x166c  WEPHOSTSVC - ok
23:12:51.0985 0x166c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
23:12:51.0989 0x166c  wercplsupport - ok
23:12:52.0030 0x166c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:12:52.0035 0x166c  WerSvc - ok
23:12:52.0080 0x166c  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:12:52.0084 0x166c  WFPLWFS - ok
23:12:52.0123 0x166c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:12:52.0127 0x166c  WiaRpc - ok
23:12:52.0170 0x166c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:12:52.0171 0x166c  WIMMount - ok
23:12:52.0174 0x166c  WinDefend - ok
23:12:52.0245 0x166c  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:12:52.0262 0x166c  WinHttpAutoProxySvc - ok
23:12:52.0316 0x166c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:12:52.0319 0x166c  Winmgmt - ok
23:12:52.0398 0x166c  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
23:12:52.0436 0x166c  WinRM - ok
23:12:52.0467 0x166c  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
23:12:52.0468 0x166c  WinUsb - ok
23:12:52.0548 0x166c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
23:12:52.0573 0x166c  WlanSvc - ok
23:12:52.0619 0x166c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
23:12:52.0642 0x166c  wlidsvc - ok
23:12:52.0668 0x166c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
23:12:52.0669 0x166c  WmiAcpi - ok
23:12:52.0684 0x166c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:12:52.0687 0x166c  wmiApSrv - ok
23:12:52.0719 0x166c  WMPNetworkSvc - ok
23:12:52.0764 0x166c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:12:52.0769 0x166c  Wof - ok
23:12:52.0861 0x166c  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:12:52.0884 0x166c  workfolderssvc - ok
23:12:52.0901 0x166c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:12:52.0902 0x166c  wpcfltr - ok
23:12:52.0933 0x166c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
23:12:52.0935 0x166c  WPCSvc - ok
23:12:52.0980 0x166c  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:12:52.0982 0x166c  WPDBusEnum - ok
23:12:53.0027 0x166c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:12:53.0029 0x166c  WpdUpFltr - ok
23:12:53.0037 0x166c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:12:53.0038 0x166c  ws2ifsl - ok
23:12:53.0090 0x166c  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
23:12:53.0097 0x166c  wscsvc - ok
23:12:53.0102 0x166c  WSearch - ok
23:12:53.0232 0x166c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
23:12:53.0279 0x166c  WSService - ok
23:12:53.0404 0x166c  [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
23:12:53.0453 0x166c  wuauserv - ok
23:12:53.0501 0x166c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:12:53.0525 0x166c  WudfPf - ok
23:12:53.0572 0x166c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:12:53.0578 0x166c  WUDFRd - ok
23:12:53.0588 0x166c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
23:12:53.0594 0x166c  WUDFSensorLP - ok
23:12:53.0633 0x166c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
23:12:53.0636 0x166c  wudfsvc - ok
23:12:53.0644 0x166c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
23:12:53.0648 0x166c  WUDFWpdFs - ok
23:12:53.0654 0x166c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
23:12:53.0658 0x166c  WUDFWpdMtp - ok
23:12:53.0694 0x166c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
23:12:53.0703 0x166c  WwanSvc - ok
23:12:53.0710 0x166c  ================ Scan global ===============================
23:12:53.0755 0x166c  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
23:12:53.0802 0x166c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
23:12:53.0842 0x166c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
23:12:53.0895 0x166c  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
23:12:53.0902 0x166c  [ Global ] - ok
23:12:53.0903 0x166c  ================ Scan MBR ==================================
23:12:53.0917 0x166c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:12:53.0924 0x166c  \Device\Harddisk0\DR0 - ok
23:12:53.0924 0x166c  ================ Scan VBR ==================================
23:12:53.0926 0x166c  [ 936BD8ED4D593784E8F338390C75E178 ] \Device\Harddisk0\DR0\Partition1
23:12:53.0929 0x166c  \Device\Harddisk0\DR0\Partition1 - ok
23:12:53.0942 0x166c  [ B3DA356A55B626DE2C1E6E2545EF11D4 ] \Device\Harddisk0\DR0\Partition2
23:12:53.0942 0x166c  \Device\Harddisk0\DR0\Partition2 - ok
23:12:53.0950 0x166c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:12:53.0951 0x166c  \Device\Harddisk0\DR0\Partition3 - ok
23:12:53.0963 0x166c  [ FD275436E2A333D33A2AA98A350704BA ] \Device\Harddisk0\DR0\Partition4
23:12:53.0965 0x166c  \Device\Harddisk0\DR0\Partition4 - ok
23:12:53.0990 0x166c  [ 29B6EF5AB74E54E3C589BCA00CF95EE9 ] \Device\Harddisk0\DR0\Partition5
23:12:53.0992 0x166c  \Device\Harddisk0\DR0\Partition5 - ok
23:12:54.0003 0x166c  [ 074637D93835709AB9C154C80FE0327B ] \Device\Harddisk0\DR0\Partition6
23:12:54.0005 0x166c  \Device\Harddisk0\DR0\Partition6 - ok
23:12:54.0005 0x166c  ================ Scan generic autorun ======================
23:12:54.0083 0x166c  [ 94BFCE236D6340011721470E394056E3, 42A7808F6C53C268354E9E47F0689FE2B4717F61E97CBAA0ABF33E0275B908EF ] C:\Program Files\IDT\WDM\sttray64.exe
23:12:54.0117 0x166c  SysTrayApp - ok
23:12:54.0167 0x166c  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
23:12:54.0169 0x166c  iTunesHelper - ok
23:12:54.0399 0x166c  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\HP\AppData\Local\Akamai\netsession_win.exe
23:12:54.0484 0x166c  Akamai NetSession Interface - ok
23:12:54.0599 0x166c  [ 330049982A6CF1A2A0500E8E620889D3, 81A804621F9FAD520CB47FC084F6BD4EF2697E1FB8AF30596303089597FE7C2C ] C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe
23:12:54.0625 0x166c  Spotify Web Helper - ok
23:12:54.0775 0x166c  [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] C:\Program Files (x86)\Steam\steam.exe
23:12:54.0812 0x166c  Steam - ok
23:12:54.0989 0x166c  [ 8A793A1618B8C37FC70E85DC03E9567D, 568156DB22BB9E3411923BD3417C1E8BAFC641FB82C298FCFAAD8708BE8E7DF3 ] C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe
23:12:55.0080 0x166c  Spotify - ok
23:12:55.0217 0x166c  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\HP\AppData\Local\Akamai\netsession_win.exe
23:12:55.0277 0x166c  Akamai NetSession Interface - ok
23:12:55.0324 0x166c  [ 330049982A6CF1A2A0500E8E620889D3, 81A804621F9FAD520CB47FC084F6BD4EF2697E1FB8AF30596303089597FE7C2C ] C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe
23:12:55.0343 0x166c  Spotify Web Helper - ok
23:12:55.0411 0x166c  [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] C:\Program Files (x86)\Steam\steam.exe
23:12:55.0447 0x166c  Steam - ok
23:12:55.0599 0x166c  [ 8A793A1618B8C37FC70E85DC03E9567D, 568156DB22BB9E3411923BD3417C1E8BAFC641FB82C298FCFAAD8708BE8E7DF3 ] C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe
23:12:55.0691 0x166c  Spotify - ok
23:12:55.0696 0x166c  Waiting for KSN requests completion. In queue: 128
23:12:56.0757 0x166c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
23:12:56.0760 0x166c  Win FW state via NFP2: enabled ( trusted )
23:12:56.0916 0x166c  ============================================================
23:12:56.0916 0x166c  Scan finished
23:12:56.0916 0x166c  ============================================================
23:12:56.0927 0x0d84  Detected object count: 0
23:12:56.0928 0x0d84  Actual detected object count: 0

M-K-D-B · 17.09.2016, 10:58

Servus,

bitte beachten:

Zitat:

Gestartet von C:\Users\HP\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

caloda · 17.09.2016, 14:16

Erstmal Danke!
Soll ich die ersten Schritte jetzt nochmal wiederholen oder ist das soweit ok?

M-K-D-B · 17.09.2016, 20:05

Servus,

das ist schon soweit ok.

Bitte mit MBAR starten.

caloda · 17.09.2016, 22:54

Ich kann kein mbar.exe finden...

... nachtrag: Nehm' ich zurück...

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.09.17.08
  rootkit: v2016.08.15.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18450
HP :: HP-HP [administrator]

17.09.2016 23:05:29
mbar-log-2016-09-17 (23-05-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 428640
Time elapsed: 42 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

M-K-D-B · 18.09.2016, 13:20

Servus,

bitte alles vom Desktop starten!

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

caloda · 18.09.2016, 17:38

Was mache ich denn falsch? O.o
Hatte dieses mbar auf dem Desktop, wo liegt der Fehler? Bitte verzeih' meine Begriffstutzigkeit in dieser Sache...

M-K-D-B · 18.09.2016, 21:17

Servus,

ich meinte damit nur, dass du ComboFix auch wieder vom Desktop starten sollst.

War wohl etwas zweideutig, tut mir Leid.

caloda · 18.09.2016, 22:43

combofix läuft nicht bei mir, die ansage lautet: läuft nur auf windows xp, vista, 7 und 8.
und nun?

M-K-D-B · 19.09.2016, 15:45

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
- Chrome Einstellungen
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

caloda · 20.09.2016, 13:30

so...

Code:

ATTFilter

# AdwCleaner v6.020 - Bericht erstellt am 20/09/2016 um 13:05:29
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-09-20.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : HP - HP-HP
# Gestartet von : C:\Users\HP\Desktop\AdwCleaner_6.020.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

[-] Dienst gelöscht: MPCProtectService
[-] Dienst gelöscht: MPCKpt
[-] Dienst gelöscht: NetUtils2016


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\ProgramData\f1c11deb-468d-4e28-a37d-be8513e1bc56
[-] Ordner gelöscht: C:\ProgramData\gkcgpnoahhlagpbfhddbkieglahmlgnm
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\gkcgpnoahhlagpbfhddbkieglahmlgnm
[-] Ordner gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfffefolbmpgkockocobjbahingomjhg
[-] Ordner gelöscht: C:\Users\HP\AppData\Local\Mail.Ru
[-] Ordner gelöscht: C:\Users\HP\AppData\Roaming\MPC
[-] Ordner gelöscht: C:\Users\HP\AppData\Roaming\MCorp
[-] Ordner gelöscht: C:\Users\HP\AppData\Roaming\HDWallPaper
[-] Ordner gelöscht: C:\Users\HP\AppData\Roaming\Corner Sunshine
[-] Ordner gelöscht: C:\Users\HP\Documents\MPC
[-] Ordner gelöscht: C:\ProgramData\sozy
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\sozy
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\MPC Cleaner
[-] Ordner gelöscht: C:\Program Files (x86)\pc speed up
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\PC Speed Up
[-] Ordner gelöscht: C:\Users\HP\AppData\Local\Temp\APN-Stub
[-] Ordner gelöscht: C:\Users\HP\AppData\Local\Temp\MPC
[-] Ordner gelöscht: C:\extensions
[-] Ordner gelöscht: C:\Users\HP\AppData\Local\com
[#] Ordner mit Neustart gelöscht: C:\Users\HP\AppData\Roaming\MCorp
[-] Ordner gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fkillgaimpibbecaaifpcnlnjnicnbjn_0
[-] Ordner gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fkillgaimpibbecaaifpcnlnjnicnbjn


***** [ Dateien ] *****

[-] Datei gelöscht: C:\WINDOWS\SysNative\NetUtils2016.dll
[-] Datei gelöscht: C:\Users\Public\Desktop\MPC AdCleaner.lnk
[-] Datei gelöscht: C:\Users\Public\Desktop\MPC Cleaner.lnk
[-] Datei gelöscht: C:\Users\Public\Desktop\MPC Desktop.lnk
[-] Datei gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejnmnhkgiphcaeefbaooconkceehicfi_0.localstorage
[-] Datei gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejnmnhkgiphcaeefbaooconkceehicfi_0.localstorage-journal
[-] Datei gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fkillgaimpibbecaaifpcnlnjnicnbjn_0.localstorage
[-] Datei gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fkillgaimpibbecaaifpcnlnjnicnbjn_0.localstorage-journal
[-] Datei gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpcknfcdcgpffjddjeceioobdelceffo_0.localstorage
[-] Datei gelöscht: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpcknfcdcgpffjddjeceioobdelceffo_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****

[-] Verknüpfung desinfiziert: C:\Users\Public\Desktop\Google Chrome.lnk
[-] Verknüpfung desinfiziert: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Verknüpfung desinfiziert: C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk


***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [ElectroLyrics-1-bg.exe]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\6338256C-5C67-48F7-BC5C-F2A4BEE23B23
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16e8609e-85ad-4367-8944-2f6413e7bb64}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29bf5e5f-a5a6-47ff-a74b-814b3901d6c0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34b22bb2-3226-4a4c-bfcd-300361b673e6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{805b8382-9887-415f-8e54-5175a6ab001b}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b50edb63-728d-48b0-827e-e6c0690f9c4d}
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\keepmysearch
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\keepmysearch
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\keepmysearch
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{066D89E6-B457-4A57-888A-B0AEB11D5BF1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{0E8990F4-2FC9-403C-883B-535D6271E740}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{1644E2E1-E15E-4E9E-9B25-5668536DD6A7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2BA83048-8B7C-4186-843B-D97FC1A6AE95}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{469960F8-8172-4386-BBB1-DF3590027D58}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{753C5ED0-B9AB-4F1E-8DAC-668E701CA569}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{80995911-5CF2-483F-A260-C736E8D0C691}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{821ED2B3-866E-4177-870E-52D995D123D0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9B4E4BF6-9346-4969-8428-C3CB81CD7A30}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9BAC5A3B-33FD-4DB9-A4F1-B749498D4017}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A6670033-7A4B-4F59-B8A9-A7CEBF3CE960}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B1285825-F24F-4651-9F8A-2012460AD2FC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B3D38AE9-C808-4811-8417-F114839D6392}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B8E64931-27EF-42BC-AF3B-0E2B25D17567}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BE952BDF-6FDF-4A62-B318-E15D4487A2EF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C0233F6C-3110-4AEA-A798-C81DA43CED9E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{CC5B7648-AAF8-4642-B53D-B7B5E4AE7241}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{D325B617-D6F9-4C72-90B2-A38E6D15C16E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{DF51AD29-5239-441A-B921-E655C8162060}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E515494B-7548-462A-B7E7-A3E6F8C4899C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E9ECFFF9-2011-439F-92EB-BE145ACD87DA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FBB92627-0DAA-4B69-97CC-9879236FE039}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{553D53FA-59F3-44D0-ABC4-58F290DB70DC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{59E8D94C-7A20-41AD-83CF-3E156D3AEB2F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{5EF4F032-2DB4-48E9-B5A9-ADAC095E096A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{6FE5D7AF-5812-4E08-BA22-9805FFE9F429}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{781999CA-3F51-4A56-94CA-0C8A8E0100AF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A39B7A1C-F58A-4C22-9015-E2C8EF1C31BA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{AB121BE6-2299-4B9B-8545-9104ABA20717}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C0833ED4-281E-441C-B004-43752001A629}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{DC330A23-4FBE-414C-AB3D-1C42056E5245}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{DCD71BA3-32C2-455F-8DF0-37EE26E0C395}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E9C30691-5CE7-46BF-B940-C0125DA9E05B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{F654B5BE-1A20-48A6-BED0-7C9E29CB8099}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{0DA40B75-6FEE-49BF-BDDE-E2598E786C8C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{12FF3C6A-56FB-4B3E-858D-0877CD39B025}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{15DDC42D-13A8-432B-B31D-36A8FB50758F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{1CD6E593-ABBF-45AC-9F94-21E8F1BDC10B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2B584AEB-6C8F-4238-89E4-850CFD7B2065}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{30A2947A-664F-440B-908D-E0FEDFEAE5DE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{34BCEF11-CE38-48EC-9D08-5CC0557E8887}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3B06CDDC-2ECB-45DC-B565-D41CC095BE40}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3FD7EB0A-96B6-43E0-9D94-44929F3FD1B3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4D2525EE-3B7B-44C6-8960-77843DBC67A3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{89449F37-4AB2-46ED-A566-BB3A7797701B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\ImInstaller
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\OB
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\OCS
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Probit Software
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Mail.Ru
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\csastats
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\INSTALLPATH\STATUS
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Corner Sunshine
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\COMMONMSG
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\SweetIM
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Updater By Sweetpacks
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Wajam
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
[-] Schlüssel gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AskPartnerNetwork
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\ImInstaller
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OB
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Probit Software
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Mail.Ru
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\INSTALLPATH\STATUS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Corner Sunshine
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\COMMONMSG
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By Sweetpacks
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Better Surf Plus
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Better-Surf
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MPC
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MPC AdCleaner
[-] Schlüssel gelöscht: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MaxPower
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Social2Se
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MPC Desktop
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7304C9D1-98AD-55F0-636E-22D8DD57F176}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Activeris AntiMalware_is1
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Updater By Sweetpacks
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Wajam
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\OB
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\OCS
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Probit Software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Mail.Ru
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\csastats
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\INSTALLPATH\STATUS
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Corner Sunshine
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\COMMONMSG
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3930845653-3837040866-4171826123-1001\Products\B2207CB30EDC4664A96B3ECE52EC46A4
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Wert gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Wert mit Neustart gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\deals-way.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\shopper.deals-way.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\api.ciuvo.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ciuvo.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\de.reimageplus.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\deals-way.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mmotraffic.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mpc.am
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\onclickads.net
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\rambler.ru
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimageplus.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.mpc.am
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shopper.deals-way.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\startgo123.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.livelyrics00.live-lyrics.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.startgo123.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\deals-way.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\shopper.deals-way.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\api.ciuvo.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ciuvo.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\de.reimageplus.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\deals-way.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inst.shoppingate.info
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mmotraffic.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mpc.am
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\onclickads.net
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\rambler.ru
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\reimageplus.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.mpc.am
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shopper.deals-way.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\startgo123.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.livelyrics00.live-lyrics.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.startgo123.com
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [browsersafeguard]
[-] Wert gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [FLV Player]
[#] Wert mit Neustart gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [FLV Player]
[-] Wert gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Optimizer Pro]
[#] Wert mit Neustart gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Optimizer Pro]
[-] Wert gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [PriceMeterW]
[#] Wert mit Neustart gelöscht: HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [PriceMeterW]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.updatepm.oneclickctrl.9
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.updatepm.update3webcontrol.3
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht: HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.dpliveupdate.oneclickctrl.9
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.dpliveupdate.update3webcontrol.3
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext [MPCInstalled]


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [27268 Bytes] - [20/09/2016 13:05:29]
C:\AdwCleaner\AdwCleaner[R0].txt - [65841 Bytes] - [07/01/2015 18:46:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [59172 Bytes] - [07/01/2015 18:49:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [25573 Bytes] - [20/09/2016 12:56:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [27564 Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 20.09.2016
Suchlaufzeit: 13:20
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.20.05
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: HP

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 420809
Abgelaufene Zeit: 20 Min., 59 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 8.1 x64 
Ran by HP (Administrator) on 20.09.2016 at 14:13:38,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\ProgramData\dfffefolbmpgkockocobjbahingomjhg (Folder) 



Registry: 2 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.09.2016 at 14:16:11,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2016
durchgeführt von HP (Administrator) auf HP-HP (20-09-2016 14:21:22)
Gestartet von C:\Users\HP\Desktop
Geladene Profile: HP & UpdatusUser (Verfügbare Profile: HP & UpdatusUser)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Akamai NetSession Interface] => C:\Users\HP\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Spotify Web Helper] => C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-20] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\Run: [Spotify] => C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-20] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\MountPoints2: {47a0191f-03ec-11e6-bf03-c4e984de72eb} - "F:\SETUP.EXE" 
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\...\MountPoints2: {54070070-21d4-11e3-be6c-806e6f6e6963} - "F:\_AUTORUN\AUTORUN.EXE" 
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Akamai NetSession Interface] => C:\Users\HP\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Spotify Web Helper] => C:\Users\HP\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-20] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\Run: [Spotify] => C:\Users\HP\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-20] (Spotify Ltd)
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\...\MountPoints2: {54070070-21d4-11e3-be6c-806e6f6e6963} - "F:\_AUTORUN\AUTORUN.EXE" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4AFCAB27-7A13-443C-8C69-7BF2A32C56D7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B4A4A94D-A997-4FEA-A47D-7711FD344146}: [DhcpNameServer] 192.168.2.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3930845653-3837040866-4171826123-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464241732&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
HKU\S-1-5-21-3930845653-3837040866-4171826123-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131177605464257586&GUID=FA19AD0E-A3EC-4E21-A91E-293449ADE22F
SearchScopes: HKLM -> {BE46FA0C-8976-4C23-92BB-89F9976D0672} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3930845653-3837040866-4171826123-1004 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKLM-x32 - Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-11-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-11-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin HKU\S-1-5-21-3930845653-3837040866-4171826123-1001: @mail.ru/GameCenter -> C:\Users\HP\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll [Keine Datei]
FF Extension: (Kein Name) - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta351\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha256\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2543\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4549\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home8521\ff [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1179\ff [nicht gefunden]

Chrome: 
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM-x32\...\Chrome\Extension: [ffffoobpkbfcfibdgopmebhlghaiiamk] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha38\ch\WebexpEnhancedV1alpha38.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [161744 2015-03-11] (RaMMicHaeL) [Datei ist nicht signiert]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 EraserUtilDrv11311; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys [140376 2013-09-26] (Symantec Corporation)
S3 EraserUtilDrv11312; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [137648 2013-11-21] (Symantec Corporation) [Datei ist nicht signiert]
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SPL_CRIMSON_MIDI; C:\Windows\system32\drivers\spl_crimson_m.sys [41592 2016-02-19] (Ploytec GmbH)
R3 SPL_CRIMSON_USB; C:\Windows\System32\Drivers\spl_crimson_u.sys [555128 2016-02-19] (Ploytec GmbH)
R3 SPL_CRIMSON_WDM; C:\Windows\system32\drivers\spl_crimson_a.sys [62584 2016-02-19] (Ploytec GmbH)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-20 14:21 - 2016-09-20 14:21 - 00014766 _____ C:\Users\HP\Desktop\FRST.txt
2016-09-20 14:20 - 2016-09-20 14:20 - 00000000 ____D C:\Users\HP\Desktop\FRST-OlderVersion
2016-09-20 14:16 - 2016-09-20 14:16 - 00000860 _____ C:\Users\HP\Desktop\JRT.txt
2016-09-20 14:11 - 2016-09-20 14:11 - 01610560 _____ (Malwarebytes) C:\Users\HP\Desktop\JRT.exe
2016-09-20 13:51 - 2016-09-20 13:51 - 00001197 _____ C:\Users\HP\Desktop\mbamlog.txt
2016-09-20 13:18 - 2016-09-20 13:18 - 00000000 ____D C:\Users\HP\Desktop\ Malwarebytes Anti-Malware 
2016-09-20 13:15 - 2016-09-20 13:15 - 00027807 _____ C:\Users\HP\Desktop\AdwCleaner[C0].txt
2016-09-20 13:12 - 2016-09-20 13:14 - 22851472 _____ (Malwarebytes ) C:\Users\HP\Desktop\mbam-setup-2.2.1.1043.exe
2016-09-20 12:52 - 2016-09-20 12:52 - 03861056 _____ C:\Users\HP\Desktop\AdwCleaner_6.020.exe
2016-09-18 00:50 - 2016-09-18 00:50 - 00053219 _____ C:\Users\HP\Downloads\lebenslauf lakhwinder.pdf
2016-09-18 00:46 - 2016-09-18 00:50 - 00015031 _____ C:\Users\HP\Desktop\lebenslauf lakhwinder.odt
2016-09-17 22:53 - 2016-09-17 22:53 - 16563352 _____ (Malwarebytes Corp.) C:\Users\HP\Desktop\mbar-1.09.3.1001 (1).exe
2016-09-16 22:38 - 2016-09-16 23:12 - 00216180 _____ C:\TDSSKiller.3.1.0.11_16.09.2016_22.38.09_log.txt
2016-09-16 22:37 - 2016-09-16 22:37 - 04747704 _____ (AO Kaspersky Lab) C:\Users\HP\Downloads\tdsskiller.exe
2016-09-16 22:28 - 2016-09-16 23:17 - 00057512 _____ C:\Users\HP\Downloads\Addition.txt
2016-09-16 22:27 - 2016-09-20 14:21 - 00000000 ____D C:\FRST
2016-09-16 22:27 - 2016-09-16 22:29 - 00074098 _____ C:\Users\HP\Downloads\FRST.txt
2016-09-16 22:26 - 2016-09-20 14:20 - 02400256 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2016-09-16 22:25 - 2016-09-16 22:25 - 01749504 _____ (Farbar) C:\Users\HP\Downloads\FRST.exe
2016-09-16 22:25 - 2016-09-16 22:25 - 01749504 _____ (Farbar) C:\Users\HP\Downloads\FRST (1).exe
2016-09-16 10:41 - 2016-09-20 13:06 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-16 10:40 - 2016-09-17 23:53 - 00000000 ____D C:\Users\HP\Desktop\mbar
2016-09-16 10:39 - 2016-09-16 10:39 - 16563352 _____ (Malwarebytes Corp.) C:\Users\HP\Downloads\mbar-1.09.3.1001.exe
2016-09-16 10:14 - 2016-09-16 10:14 - 00023837 _____ C:\Users\HP\Downloads\returnLabel-4340515.pdf
2016-09-13 23:36 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-09-13 23:36 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-13 23:36 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-13 23:36 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-09-13 23:36 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-13 23:36 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-13 23:36 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-13 23:36 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-13 23:36 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-13 23:36 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-13 23:36 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-13 23:36 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-13 23:35 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-13 23:35 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-13 23:35 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-13 23:35 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-13 23:35 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-09-13 23:35 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-09-13 23:35 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-13 23:35 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-13 23:35 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-13 23:35 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-13 23:35 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-13 23:35 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-13 23:35 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-13 23:35 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-13 23:35 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-09-13 23:35 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-13 23:35 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-09-13 23:35 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-13 23:35 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-13 23:35 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-13 23:35 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-13 23:35 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-13 23:35 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-13 23:35 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-13 23:35 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-09-13 23:35 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-09-13 23:35 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-13 23:35 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-13 23:35 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-13 23:35 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-13 23:35 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-13 23:35 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-09-13 23:35 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-09-13 23:35 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-13 23:35 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-13 23:35 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-13 23:35 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-13 23:35 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-13 23:35 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-13 23:35 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-13 23:35 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-13 23:35 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-13 23:35 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-13 23:35 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-13 23:35 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-13 23:35 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-13 23:35 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-13 23:35 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-09-13 23:35 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-09-13 23:35 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-13 23:35 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-13 23:35 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2016-09-13 23:35 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2016-09-13 23:35 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-13 23:35 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2016-09-13 23:35 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2016-09-13 23:35 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-09-13 23:35 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-09-13 23:35 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-13 23:35 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-13 23:35 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-13 23:35 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-09-13 23:35 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2016-09-13 23:35 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-13 23:35 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2016-09-13 23:35 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2016-09-13 23:35 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-09-13 23:35 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-13 23:35 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2016-09-13 23:35 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-09-13 23:35 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-13 23:35 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-09-13 23:35 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-13 23:35 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-13 23:35 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssenh.dll
2016-09-13 23:35 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dssenh.dll
2016-09-13 23:35 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-09-13 11:05 - 2016-09-13 11:05 - 00222838 _____ C:\Users\HP\Desktop\FLIX-Ticket-8024808223.pdf
2016-09-08 00:51 - 2016-09-08 00:51 - 01328304 _____ C:\Users\HP\Downloads\video-1473288302.mp4
2016-09-08 00:24 - 2016-09-08 00:24 - 03079986 _____ C:\Users\HP\Downloads\video-1473282758.mp4
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\Avira
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\Avg
2016-09-06 17:22 - 2016-09-06 17:22 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-06 17:20 - 2016-09-08 00:47 - 00000000 ____D C:\Users\HP\AppData\Local\Kabeghtjerpoing
2016-09-05 00:47 - 2016-09-05 00:48 - 23461607 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part25.rar.crdownload
2016-09-05 00:47 - 2016-09-05 00:47 - 02310048 _____ C:\Users\HP\Downloads\winrar-x64-540d (1).exe
2016-09-05 00:46 - 2016-09-05 00:48 - 36749031 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part26.rar.crdownload
2016-09-05 00:46 - 2016-09-05 00:48 - 30818023 _____ C:\Users\HP\Downloads\SteinbergCubasev5.1.part53.rar.crdownload
2016-09-05 00:46 - 2016-09-05 00:46 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-09-05 00:45 - 2016-09-05 00:45 - 00001167 _____ C:\Users\HP\Desktop\Die Installation von keygen - Free Download fortsetzen.lnk
2016-09-05 00:40 - 2016-09-08 01:01 - 00000000 ____D C:\Program Files (x86)\Qotachcoerduk
2016-09-05 00:40 - 2016-09-05 00:42 - 00000000 ____D C:\Users\HP\AppData\Local\clucadomqenayfehuent
2016-09-05 00:39 - 2016-09-05 00:38 - 01611944 _____ (Secure Download Ltd. ) C:\Users\HP\Downloads\keygen
2016-09-05 00:37 - 2016-09-05 00:37 - 00000000 ____D C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat (1)
2016-09-05 00:36 - 2016-09-05 00:36 - 00370166 _____ C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat (1).zip
2016-09-05 00:34 - 2016-09-05 00:34 - 00000000 ____D C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat
2016-09-05 00:33 - 2016-09-05 00:33 - 05172648 _____ C:\Users\HP\Downloads\Cubase.5.0.keygen.by.cat.zip
2016-09-05 00:30 - 2016-09-05 00:30 - 00002070 _____ C:\Users\HP\Desktop\Cubase 5.lnk
2016-09-05 00:29 - 2016-09-05 00:48 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-04 23:54 - 2016-09-04 23:54 - 00000000 ____D C:\Program Files\WinRAR
2016-09-04 23:53 - 2016-09-04 23:53 - 02310048 _____ C:\Users\HP\Downloads\winrar-x64-540d.exe
2016-09-04 22:24 - 2016-09-04 23:20 - 3690898231 _____ C:\Users\HP\Desktop\cubase.zip
2016-09-04 21:56 - 2016-09-04 22:08 - 2661829209 _____ C:\Users\HP\Desktop\cubase.7z
2016-09-04 21:52 - 2016-09-04 21:52 - 00000000 ____D C:\Users\HP\Downloads\cubase 5
2016-09-04 18:59 - 2016-09-04 20:23 - 00000000 ____D C:\Users\HP\Downloads\SteinbergCubasev5
2016-09-04 18:44 - 2016-09-04 18:44 - 00001652 _____ C:\Users\HP\Desktop\JDownloader 2.lnk
2016-09-04 18:44 - 2016-09-04 18:44 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-09-04 18:42 - 2016-09-04 20:23 - 00000000 ____D C:\Users\HP\Desktop\JDownloader
2016-09-04 18:39 - 2016-09-04 18:39 - 00076504 _____ (AppWork GmbH) C:\Users\HP\Downloads\WebInstaller_adfree_2016_1.exe
2016-09-04 18:39 - 2016-09-04 18:39 - 00076504 _____ (AppWork GmbH) C:\Users\HP\Downloads\WebInstaller_adfree_2016_1 (1).exe
2016-09-04 18:07 - 2016-09-05 00:08 - 00000000 ____D C:\Users\HP\Desktop\cubase
2016-09-04 16:48 - 2016-09-04 16:48 - 00609217 ____T C:\Users\HP\Downloads\Don&#039;t Leave - Free Boom Bap Hip Hop Instrumental Beat (Prod By Outspoken &amp; Yung Castello) (320  kbps).mp3.asd
2016-09-04 08:48 - 2016-09-04 08:48 - 00127537 _____ C:\Users\HP\Downloads\uebersicht-vorkurs-2014-100.pdf
2016-09-04 00:07 - 2016-09-04 00:07 - 00782252 ____T C:\Users\HP\Downloads\Afro_cuban_jazz_suite_for_ellington_[mp3take].mp3.asd
2016-09-03 23:30 - 2016-09-08 00:14 - 00000000 ___RD C:\Users\HP\Desktop\first drumpack Project
2016-09-03 17:06 - 2016-09-03 17:06 - 00000000 ____D C:\Users\HP\Downloads\Elements-Of-UK-Dance
2016-09-03 16:48 - 2016-09-03 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akai
2016-09-03 16:48 - 2016-09-03 16:48 - 00001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Essentials.lnk
2016-09-03 16:48 - 2016-09-03 16:48 - 00000000 ____D C:\ProgramData\Akai
2016-09-03 16:48 - 2016-09-03 16:48 - 00000000 ____D C:\Program Files\Common Files\Avid
2016-09-03 16:47 - 2016-09-03 16:47 - 00000000 ____D C:\Program Files\Akai Pro
2016-09-03 16:47 - 2016-09-03 16:47 - 00000000 ____D C:\Program Files (x86)\Akai Pro
2016-09-03 16:45 - 2016-09-03 16:45 - 00000000 ____D C:\Users\HP\Downloads\Update-MPC-Essentials-1.8.2-WIN
2016-09-03 16:38 - 2016-09-03 17:00 - 443053927 _____ C:\Users\HP\Downloads\Elements-Of-UK-Dance.zip
2016-09-03 16:37 - 2016-09-03 19:40 - 2919535507 _____ C:\Users\HP\Downloads\BigBangDrums2.zip
2016-09-03 16:37 - 2016-09-03 19:23 - 1490752945 _____ C:\Users\HP\Downloads\BigBang2.5.zip
2016-09-03 16:37 - 2016-09-03 16:45 - 136513144 _____ C:\Users\HP\Downloads\Update-MPC-Essentials-1.8.2-WIN.zip
2016-09-03 16:30 - 2016-09-03 17:07 - 975151220 _____ C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64 (1).zip
2016-09-03 16:25 - 2016-09-03 17:00 - 00000000 ____D C:\Users\HP\Documents\Ableton
2016-09-03 16:22 - 2016-09-03 16:48 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-03 16:21 - 2016-09-03 16:30 - 00000000 ____D C:\Users\HP\AppData\Roaming\Ableton
2016-09-03 16:16 - 2016-09-03 16:16 - 00000887 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Lite.lnk
2016-09-03 16:16 - 2016-09-03 16:16 - 00000000 ____D C:\ProgramData\Ableton
2016-09-03 16:13 - 2016-09-03 16:13 - 00000000 ____D C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64
2016-09-03 16:01 - 2016-09-03 16:13 - 975151220 _____ C:\Users\HP\Downloads\ableton_live_lite_9.6.2_64.zip
2016-09-03 13:44 - 2016-09-03 13:44 - 00274725 _____ C:\Users\HP\Desktop\Ying And Yang by P_Beats.htm
2016-09-03 13:44 - 2016-09-03 13:44 - 00000000 ____D C:\Users\HP\Desktop\Ying And Yang by P_Beats_files
2016-08-30 23:51 - 2016-09-18 23:37 - 00000000 ____D C:\Users\HP\Documents\Cubase LE AI Elements Projects
2016-08-30 23:50 - 2016-08-30 23:50 - 00000000 ____D C:\Users\HP\Documents\VST3 Presets
2016-08-30 23:50 - 2016-08-30 23:50 - 00000000 ____D C:\Users\HP\Documents\Steinberg
2016-08-30 23:45 - 2016-09-05 00:29 - 00000000 ____D C:\Program Files (x86)\Steinberg
2016-08-30 23:45 - 2016-08-30 23:45 - 00002892 _____ () C:\WINDOWS\SysWOW64\audcon.sys
2016-08-30 23:45 - 2016-08-30 23:45 - 00002333 _____ C:\Users\HP\Desktop\Cubase LE AI Elements 8.lnk
2016-08-30 23:45 - 2016-08-30 23:45 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 8 32bit
2016-08-30 23:45 - 2016-08-30 23:45 - 00000000 ____D C:\ProgramData\Syncrosoft
2016-08-30 23:44 - 2016-08-30 23:44 - 00000049 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe.cfg
2016-08-30 23:44 - 2016-08-30 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser
2016-08-30 23:44 - 2016-08-30 23:44 - 00000000 ____D C:\Program Files (x86)\Syncrosoft
2016-08-30 23:44 - 2011-12-14 21:21 - 00086016 _____ C:\WINDOWS\SysWOW64\SYNSOPOS.exe
2016-08-30 23:43 - 2016-08-30 23:45 - 00000000 ____D C:\ProgramData\eLicenser
2016-08-30 23:43 - 2016-08-30 23:44 - 00000000 ____D C:\Program Files (x86)\eLicenser
2016-08-30 23:43 - 2016-08-30 23:43 - 00000000 ____D C:\Program Files\eLicenser
2016-08-30 23:43 - 2012-12-07 17:48 - 01714176 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\system32\SYNSOACC.dll
2016-08-30 23:43 - 2012-12-07 17:48 - 01277952 _____ (Steinberg Media Technologies GmbH) C:\WINDOWS\SysWOW64\SYNSOACC.dll
2016-08-30 23:23 - 2016-08-30 23:23 - 00000000 ____D C:\ProgramData\Steinberg
2016-08-30 23:23 - 2016-08-30 23:23 - 00000000 ____D C:\Program Files\Common Files\Steinberg
2016-08-30 23:21 - 2016-08-30 23:41 - 00000000 ____D C:\Users\HP\AppData\Local\Steinberg Installation Updater
2016-08-30 23:21 - 2016-08-30 23:21 - 00000000 ____D C:\Users\HP\AppData\Roaming\Steinberg Installation Updater
2016-08-30 23:11 - 2016-08-30 23:11 - 00000000 ____D C:\Users\HP\Downloads\Cubase_Elements_8_Trial_Installer_windows
2016-08-30 23:07 - 2016-09-05 00:29 - 00000000 ____D C:\Users\HP\AppData\Roaming\Steinberg
2016-08-30 23:07 - 2016-09-03 16:48 - 00000000 ____D C:\Program Files\Steinberg
2016-08-30 23:07 - 2016-09-03 16:21 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-08-30 23:07 - 2016-08-30 23:07 - 00002215 _____ C:\Users\HP\Desktop\Cubase LE AI Elements 8 64bit.lnk
2016-08-30 23:07 - 2016-08-30 23:07 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase LE AI Elements 8 64bit
2016-08-30 22:25 - 2016-08-30 23:05 - 2772390032 _____ C:\Users\HP\Downloads\Cubase_Elements_8_Trial_Installer_windows.zip
2016-08-30 20:39 - 2016-09-18 16:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\Audacity
2016-08-30 20:39 - 2016-08-30 20:39 - 00000000 ____D C:\Users\HP\Downloads\audacity-win-2.1.2
2016-08-30 20:39 - 2016-08-30 20:39 - 00000000 ____D C:\Users\HP\AppData\Local\Audacity
2016-08-30 20:38 - 2016-08-30 20:38 - 10921409 _____ C:\Users\HP\Downloads\audacity-win-2.1.2.zip
2016-08-30 19:36 - 2016-08-30 20:03 - 00000000 ____D C:\WINDOWS\usb-audio.deSPLCrimson
2016-08-30 19:36 - 2016-02-19 20:56 - 00555128 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_u.sys
2016-08-30 19:36 - 2016-02-19 20:56 - 00062584 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_a.sys
2016-08-30 19:36 - 2016-02-19 20:56 - 00041592 _____ (Ploytec GmbH) C:\WINDOWS\system32\Drivers\spl_crimson_m.sys
2016-08-30 19:35 - 2016-02-23 10:52 - 02175274 _____ C:\Users\HP\Downloads\SPL_Crimson_2.9.86.25.zip
2016-08-30 19:32 - 2016-08-30 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-30 19:32 - 2016-08-30 19:32 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-08-30 19:31 - 2016-08-30 19:31 - 01474568 _____ C:\Users\HP\Downloads\7 Zip 32 Bit - CHIP-Installer.exe
2016-08-30 19:25 - 2016-08-30 19:25 - 02220493 _____ C:\Users\HP\Downloads\SPL_Crimson2.9.86.25_web.zip
2016-08-30 18:59 - 2016-08-30 19:00 - 00000000 ____D C:\Users\HP\Desktop\games
2016-08-30 18:56 - 2016-09-03 14:32 - 00000000 ____D C:\Users\HP\Desktop\bilder
2016-08-25 13:50 - 2016-08-25 13:50 - 00000000 ____D C:\Users\HP\Documents\My Games
2016-08-25 13:50 - 2016-08-25 13:50 - 00000000 ____D C:\Users\HP\AppData\Local\FalloutNV

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-20 14:20 - 2014-07-14 18:15 - 11175936 ___SH C:\Users\HP\Downloads\Thumbs.db
2016-09-20 14:05 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-09-20 14:03 - 2014-10-20 19:15 - 00000000 ____D C:\Users\HP\AppData\Local\Spotify
2016-09-20 14:02 - 2015-04-17 22:33 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-20 14:02 - 2014-10-20 19:13 - 00000000 ____D C:\Users\HP\AppData\Roaming\Spotify
2016-09-20 14:02 - 2014-07-19 20:11 - 00000000 ___RD C:\Users\HP\OneDrive
2016-09-20 13:58 - 2014-03-18 12:03 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-20 13:58 - 2014-03-18 11:25 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-20 13:58 - 2014-03-18 11:25 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-20 13:52 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-20 13:52 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-09-20 13:52 - 2012-10-05 21:55 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-20 13:52 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-20 13:51 - 2016-08-20 04:34 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-20 13:39 - 2013-09-20 11:33 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3930845653-3837040866-4171826123-1001
2016-09-20 13:19 - 2015-01-07 19:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-20 13:18 - 2015-01-07 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-09-20 13:08 - 2014-07-14 15:04 - 00987648 ___SH C:\Users\HP\Desktop\Thumbs.db
2016-09-20 13:05 - 2015-01-07 18:46 - 00000000 ____D C:\AdwCleaner
2016-09-20 13:04 - 2013-09-27 19:50 - 00001304 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-18 02:27 - 2016-08-20 04:34 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-17 23:30 - 2013-09-30 15:54 - 00000000 ____D C:\Users\HP\AppData\Roaming\vlc
2016-09-16 18:52 - 2012-10-05 22:13 - 00000000 ____D C:\WINDOWS\en
2016-09-14 10:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-09-14 10:24 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 10:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-14 10:13 - 2013-08-22 16:44 - 00377408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-14 10:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-14 10:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-14 00:50 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-14 00:47 - 2013-09-27 16:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 00:37 - 2013-09-27 16:00 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-13 17:51 - 2016-08-20 04:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-13 17:51 - 2016-08-20 04:34 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-09-13 17:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-13 17:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-12 08:49 - 2014-07-11 16:17 - 00000000 ____D C:\Users\UpdatusUser
2016-09-12 08:47 - 2014-07-11 03:21 - 00000000 ____D C:\Users\HP
2016-09-08 01:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-07 03:11 - 2016-07-27 11:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:11 - 2016-07-27 11:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-06 17:19 - 2015-01-07 21:54 - 00000000 ____D C:\ProgramData\Unchecky
2016-09-02 12:33 - 2016-04-01 12:31 - 00000000 ____D C:\Users\HP\Desktop\mzzk
2016-08-27 10:30 - 2013-10-06 14:56 - 00000000 ____D C:\Users\HP\AppData\Local\ElevatedDiagnostics
2016-08-25 13:21 - 2015-04-17 23:33 - 00000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-23 20:43 - 2016-08-20 04:34 - 00000000 ____D C:\Users\HP\AppData\Local\Adobe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-12-19 22:57 - 2014-03-28 09:18 - 0000157 _____ () C:\Users\HP\AppData\Roaming\WB.CFG
2013-09-20 11:20 - 2013-09-20 11:20 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\AnVir.exe
C:\Users\HP\AppData\Local\Temp\bi_cleaner.exe
C:\Users\HP\AppData\Local\Temp\InstallManager_GEN_GEN.exe
C:\Users\HP\AppData\Local\Temp\JDSetup131174807762048176.exe
C:\Users\HP\AppData\Local\Temp\libeay32.dll
C:\Users\HP\AppData\Local\Temp\msvcr120.dll
C:\Users\HP\AppData\Local\Temp\proxy_vole3308267830375487799.dll
C:\Users\HP\AppData\Local\Temp\proxy_vole7886453566581831209.dll
C:\Users\HP\AppData\Local\Temp\rtinstaller.exe
C:\Users\HP\AppData\Local\Temp\rtXQ2WlUvQ.exe
C:\Users\HP\AppData\Local\Temp\SIntf16.dll
C:\Users\HP\AppData\Local\Temp\SIntf32.dll
C:\Users\HP\AppData\Local\Temp\SIntfNT.dll
C:\Users\HP\AppData\Local\Temp\sqlite3.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10283.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10355.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10607.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10652.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10804.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10940.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10966.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite10990.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite11273.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12415.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12432.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12569.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12578.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12725.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12795.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12806.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12837.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite12860.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite13009.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite13087.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite14221.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite14252.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15046.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15102.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15276.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15492.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15503.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16206.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16819.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16886.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16938.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite16983.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18193.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18283.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18560.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18730.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite18897.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19213.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19260.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19517.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19553.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite19640.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20053.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20064.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20092.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20129.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20223.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20264.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20491.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite20693.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite21130.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite21193.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite21589.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite21905.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22023.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22057.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22142.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22260.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22341.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22412.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22545.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22841.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite22939.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23127.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23306.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23450.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23570.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23660.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23725.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite23736.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24041.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24523.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24564.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24669.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24681.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24906.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite24919.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite25182.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite25261.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite25546.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite25947.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26012.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26201.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26209.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26236.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26305.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite26637.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27196.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27197.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27365.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27426.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27692.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite27890.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite28847.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite28887.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29044.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29159.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29363.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29573.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite29624.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite30136.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite30405.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite30685.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31037.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31087.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31329.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31334.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31533.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite31883.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32051.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32705.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32834.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32836.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32901.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite32990.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite33138.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite33366.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite34285.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite34766.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite35322.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite35595.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite35670.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36024.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36042.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36137.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36393.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36652.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36701.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite36951.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite37599.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite37939.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite38366.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite38912.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39096.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39333.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39412.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39481.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39522.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39577.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39600.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39607.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite39739.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40291.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40328.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40383.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40650.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite40735.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite41249.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite41880.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite41980.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42100.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42102.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42324.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42708.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite42864.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43207.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43295.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43512.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43542.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite43552.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44007.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44127.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44164.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44507.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44696.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44785.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44805.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite44932.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite45295.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite45891.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite45998.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46261.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46271.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46449.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46467.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46691.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46757.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite46869.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47124.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47145.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47345.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47365.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47911.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47915.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite47990.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite48505.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite48840.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49009.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49455.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49608.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49627.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite49639.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite50217.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite50346.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite50837.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51032.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51439.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51523.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51595.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite51782.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52037.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52255.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52406.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52467.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52605.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52782.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite52829.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53152.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53171.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53311.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53949.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite53966.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite54073.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite54418.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite54838.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite55292.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite55705.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite55835.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56463.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56735.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56779.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56797.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite56935.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite57890.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite58107.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite58111.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite58135.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite58481.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite59506.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite59568.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite59968.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite60480.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite60582.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61165.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61185.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61294.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61310.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61924.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite61993.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62099.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62250.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62400.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62527.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite62976.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63115.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63156.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63161.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63384.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63385.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63630.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63913.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63945.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite63960.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64057.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64329.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64454.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64816.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64832.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite64997.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65055.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65374.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65765.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65858.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite65907.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66017.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66042.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66197.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66366.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66471.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66719.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite66846.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite67244.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite67949.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite67984.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite68065.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite68266.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite68792.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite71224.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite71519.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite71621.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72006.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72171.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72182.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72357.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72384.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72673.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite72792.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73165.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73373.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73697.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73720.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73795.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite73807.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74418.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74540.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74661.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74767.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite74956.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite75188.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite75846.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite75944.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76113.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76742.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76880.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76917.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76970.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite76974.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77004.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77153.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77269.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77513.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite77601.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78136.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78205.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78372.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78412.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78664.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78830.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78923.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite78931.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79005.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79475.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79527.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79621.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79629.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79706.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79776.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79884.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite79899.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite80537.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite80558.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite80756.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite80949.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite81378.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite81968.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82454.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82709.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82743.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82929.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite82942.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite83270.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite83450.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite84085.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite84258.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite84330.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite84611.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite85000.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite85235.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite85792.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite85964.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite86338.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite86606.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite86970.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87055.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87670.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87727.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87772.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88040.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88059.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88700.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88749.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite88896.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite89470.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite89743.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite89874.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90001.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90438.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90474.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90521.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90566.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90636.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90748.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90749.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite90789.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite91065.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite91142.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite91203.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite91906.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92114.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92433.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92721.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92796.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite92899.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93374.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93379.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93523.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93528.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93659.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite93952.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite94396.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite94795.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite94870.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite95223.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite95672.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96263.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96275.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96440.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96483.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite96805.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97007.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97135.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97310.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97642.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97780.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97941.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite97985.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98132.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98311.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98340.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98456.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98530.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite98861.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99012.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99249.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99739.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99795.dll
C:\Users\HP\AppData\Local\Temp\System.Data.SQLite99937.dll
C:\Users\HP\AppData\Local\Temp\tbuF4D.exe
C:\Users\HP\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-20 13:39

==================== Ende von FRST.txt ============================

17.09.2016, 20:05	#8
M-K-D-B /// TB-Ausbilder	startgo123 Servus, das ist schon soweit ok. Bitte mit MBAR starten.

18.09.2016, 21:17	#12
M-K-D-B /// TB-Ausbilder	startgo123 Servus, ich meinte damit nur, dass du ComboFix auch wieder vom Desktop starten sollst. War wohl etwas zweideutig, tut mir Leid.

startgo123

Plagegeister aller Art und deren Bekämpfung: startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

startgo123

Ähnliche Themen: startgo123

17.09.2016, 14:16	#7
caloda	startgo123 Erstmal Danke! Soll ich die ersten Schritte jetzt nochmal wiederholen oder ist das soweit ok?

18.09.2016, 17:38	#11
caloda	startgo123 Was mache ich denn falsch? O.o Hatte dieses mbar auf dem Desktop, wo liegt der Fehler? Bitte verzeih' meine Begriffstutzigkeit in dieser Sache...

18.09.2016, 22:43	#13
caloda	startgo123 combofix läuft nicht bei mir, die ansage lautet: läuft nur auf windows xp, vista, 7 und 8. und nun?