| |
| |||||||
Log-Analyse und Auswertung: Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteiltWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.11.2016, 20:43
| #1 |
 |  Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt Guten Abend, Nachdem heute ich darauf hingewiesen wurde, dass mein Skype Account Spam verteilt (unsicheres Passwort), habe ich Emisoft installiert und durchlaufen lassen. Malwarebytes wollte nicht updaten zu dem Zeitpunkt. Emisoft hatte 3 Treffer, leider habe ich in der Aufregung die in Quarantäne verschobenen Daten über Emisoft löschen lassen  Zur Vollständigkeit muss ich noch erwähnen, dass ich heute ebenso ein Programm deinstalliert habe, welche während eines Praktikums Voraussetzung war und vom Betreuer mit ungültiger Lizenz verteilt wurde  . Reste sind in den angehängten Dateien zu finden. (Hatte mir damals die MyStartSearch Seuche beschert, welche ich mit Tutorial vom Trojaner-Board entfernt hatte.)Der heutige Bericht lautete wie gefolgt: Code:
ATTFilter Emsisoft Emergency Kit – Version 11.9
Letztes Update: 01.11.2016 12:52:19
Benutzerkonto: Ira2\Cel
Computer name: IRA2
OS version: Windows 7x64 Service Pack 1
Scan-Einstellungen:
Scan-Methode: Malware-Scan
Objekte: Rootkits, Speicher, Traces, Dateien
PUPs-Erkennung: An
Archiv-Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan-Beginn: 01.11.2016 12:52:49
C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LO4Q4JV\7Rk6oE62V48461uGP0h0Y1o343C722826251s[1].swf Gefunden: Script.SWF.CVE-2014-0515.C99 (B)
C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WX1O6G2O\BiTool[1].dll Gefunden: Application.InstallAd (A)
C:\Users\Cel\AppData\Local\Temp\bitool.dll Gefunden: Application.InstallAd (A)
Gescannt: 93258
Gefunden 3
Scan-Ende: 01.11.2016 13:03:00
Scan-Zeit: 0:10:11
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
durchgeführt von Cel (Administrator) auf IRA2 (01-11-2016 19:06:22)
Gestartet von C:\Users\Cel\Desktop
Geladene Profile: UpdatusUser & Cel & Timba (Verfügbare Profile: UpdatusUser & Cel & Timba)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3037808 2011-05-12] (VIA)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [StopDefragment] => Install\StopDefragment.exe
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Run: [Google Update] => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc.)
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Run: [NIRegistrationWizard] => D:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\MountPoints2: {206bbce5-ad38-11e4-9e59-742f683d34fd} - E:\autorun.exe
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [145408 2013-06-14] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{5875688E-489D-4FDF-9BBF-2D4BB8963D23}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{EC018F6B-62B4-4D5F-B524-123AEEABE859}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
HKU\S-1-5-21-3318948826-2183189698-3215584185-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKU\S-1-5-21-3318948826-2183189698-3215584185-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3318948826-2183189698-3215584185-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-03-01] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll [2010-11-26] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll => Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-26] (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default [2016-10-06]
FF Extension: (Ghostery) - C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default\Extensions\firefox@ghostery.com.xpi [2016-06-11]
FF Extension: (NoScript) - C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-06-11]
FF Extension: (Adblock Plus) - C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-20] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-03-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-26] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll [2012-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll [2012-02-03] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin HKU\S-1-5-21-3318948826-2183189698-3215584185-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3318948826-2183189698-3215584185-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3318948826-2183189698-3215584185-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3318948826-2183189698-3215584185-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default [2015-04-07]
CHR Extension: (Adblock Plus) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Ghostery) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-05]
CHR Extension: (NotScripts) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn [2014-01-28]
CHR Profile: C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-01]
CHR Extension: (Google Präsentationen) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-07]
CHR Extension: (Google Docs) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07]
CHR Extension: (Google Drive) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Google-Suche) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Tabellen) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Ghostery) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-10-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
StartMenuInternet: Google Chrome.DV3TY6PAKHB5U4QJW2P2RK4QD4 - C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [52896 2010-11-26] (Atheros Commnucations) [Datei ist nicht signiert]
S4 GoogleDesktopManager; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [1838592 2013-06-14] (Google) [Datei ist nicht signiert]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-05-09] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
S4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [X]
S3 OpcEnum; C:\Windows\SysWOW64\OpcEnum.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp; C:\EEK\bin64\epp.sys [116944 2016-06-30] (Emsisoft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-01-28] (Cisco Systems, Inc.)
U0 aswVmm; kein ImagePath
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-01 19:06 - 2016-11-01 19:07 - 00021961 _____ C:\Users\Cel\Desktop\FRST.txt
2016-11-01 18:46 - 2016-11-01 18:46 - 00002595 _____ C:\Users\Public\Desktop\Scene Switch.lnk
2016-11-01 18:46 - 2016-11-01 18:46 - 00000000 ____D C:\Users\Cel\Documents\ASUS
2016-11-01 14:42 - 2016-11-01 14:43 - 00000000 ____D C:\Users\Cel\Desktop\report2
2016-11-01 14:22 - 2016-11-01 14:22 - 00000000 ____D C:\Users\Cel\Desktop\report
2016-11-01 14:17 - 2016-11-01 14:17 - 22851472 _____ (Malwarebytes ) C:\Users\Cel\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-11-01 13:43 - 2016-11-01 14:40 - 00073499 _____ C:\Users\Cel\Downloads\Addition.txt
2016-11-01 13:41 - 2016-11-01 14:40 - 00071061 _____ C:\Users\Cel\Downloads\FRST.txt
2016-11-01 13:40 - 2016-11-01 19:06 - 00000000 ____D C:\FRST
2016-11-01 13:40 - 2016-11-01 13:40 - 02408960 _____ (Farbar) C:\Users\Cel\Desktop\FRST64.exe
2016-11-01 12:49 - 2016-11-01 18:32 - 00000000 ____D C:\EEK
2016-11-01 12:48 - 2016-11-01 12:48 - 259371000 _____ C:\Users\Cel\Downloads\EmsisoftEmergencyKit.exe
2016-11-01 12:26 - 2016-11-01 12:26 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-11-01 12:26 - 2016-11-01 12:26 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-01 12:25 - 2016-11-01 12:38 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-01 12:23 - 2016-11-01 12:23 - 06253536 _____ (AVAST Software) C:\Users\Cel\Downloads\avast123_free_antivirus_setup_online.exe
2016-11-01 11:53 - 2016-11-01 14:21 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-11-01 11:51 - 2016-11-01 11:51 - 22851472 _____ (Malwarebytes ) C:\Users\Cel\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-31 19:25 - 2016-10-31 19:25 - 00136363 _____ C:\Users\Cel\Downloads\AnaIV10.pdf
2016-10-30 22:44 - 2016-10-30 22:47 - 00000000 ____D C:\Users\Cel\Downloads\MfP3
2016-10-26 20:39 - 2016-10-26 20:39 - 00044493 _____ C:\Users\Cel\Desktop\Projektidee.pdf
2016-10-26 14:04 - 2016-10-26 14:04 - 00001771 _____ C:\Users\Cel\Desktop\Pokémon Trading Card Game Online.lnk
2016-10-26 14:04 - 2016-10-26 14:04 - 00000000 ____D C:\Users\Cel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2016-10-26 14:04 - 2016-10-26 14:04 - 00000000 ____D C:\Program Files (x86)\PokeGame
2016-10-25 19:02 - 2016-10-25 19:02 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-10-25 19:02 - 2016-10-25 19:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-25 19:02 - 2016-10-25 19:02 - 00000000 ____D C:\Users\Cel\Tracing
2016-10-25 19:02 - 2016-10-25 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-25 18:57 - 2016-10-25 18:58 - 43762816 _____ (Skype Technologies S.A.) C:\Users\Cel\Downloads\SkypeSetupFull.exe
2016-10-21 09:58 - 2016-10-21 11:09 - 00000369 _____ C:\Users\Cel\Desktop\Neues Textdokument.txt
2016-10-16 21:56 - 2016-10-16 22:00 - 341096448 _____ C:\Users\Cel\Downloads\PokemonInstaller.msi
2016-10-12 13:58 - 2016-09-30 21:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 13:58 - 2016-09-30 20:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 13:58 - 2016-09-30 16:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 13:58 - 2016-09-30 16:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-12 13:58 - 2016-09-30 16:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-12 13:58 - 2016-09-30 08:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 13:58 - 2016-09-30 07:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 13:58 - 2016-09-30 07:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 13:58 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-12 13:58 - 2016-09-30 07:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-12 13:58 - 2016-09-30 07:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 13:58 - 2016-09-30 07:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 13:58 - 2016-09-30 07:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 13:58 - 2016-09-30 07:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-12 13:58 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 13:58 - 2016-09-30 06:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-12 13:58 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 13:58 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 13:58 - 2016-09-30 06:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-12 13:58 - 2016-09-30 06:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 13:58 - 2016-09-30 06:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 13:58 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 13:58 - 2016-09-30 06:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 13:58 - 2016-09-30 06:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-12 13:58 - 2016-09-30 06:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 13:58 - 2016-09-30 06:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 13:58 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 13:58 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 13:58 - 2016-09-30 06:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 13:58 - 2016-09-30 06:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-12 13:58 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 13:58 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 13:58 - 2016-09-30 05:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 13:58 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 13:58 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 13:58 - 2016-09-15 16:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 13:58 - 2016-09-15 16:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-12 13:58 - 2016-09-15 16:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 13:58 - 2016-09-15 16:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-12 13:58 - 2016-09-12 22:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 13:58 - 2016-09-12 22:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-12 13:58 - 2016-09-12 22:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-12 13:58 - 2016-09-12 22:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 13:58 - 2016-09-12 22:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 13:58 - 2016-09-12 22:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-12 13:58 - 2016-09-12 22:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 13:58 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 13:58 - 2016-09-12 21:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-12 13:58 - 2016-09-12 21:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 13:58 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 13:58 - 2016-09-12 21:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 13:58 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 13:58 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 13:58 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 13:58 - 2016-09-10 17:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 13:58 - 2016-09-10 16:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 13:58 - 2016-09-09 19:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 13:58 - 2016-09-09 19:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 13:58 - 2016-09-09 19:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-12 13:58 - 2016-09-09 19:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-12 13:58 - 2016-09-09 16:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 13:58 - 2016-09-09 16:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 13:58 - 2016-09-09 16:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 13:58 - 2016-09-09 16:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 13:58 - 2016-09-09 16:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 13:58 - 2016-09-09 16:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 13:58 - 2016-09-09 16:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 13:58 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-12 13:58 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-12 13:58 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-12 13:58 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-12 13:58 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 13:58 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 13:58 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 13:58 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 13:58 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-12 13:58 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-12 13:58 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-12 13:58 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-12 13:58 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-12 13:58 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-12 13:58 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-12 13:58 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-12 13:58 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-12 13:58 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-12 13:58 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 13:58 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-12 13:58 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-12 13:58 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-12 13:58 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-12 13:58 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-12 13:58 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-12 13:58 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-12 13:58 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 13:58 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-12 13:58 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-12 13:58 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-12 13:58 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-12 13:58 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-12 13:58 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-12 13:58 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-12 13:58 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-12 13:58 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-12 13:58 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-12 13:58 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-12 13:58 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-12 13:58 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-12 13:58 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-12 13:58 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-12 13:58 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-12 13:58 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-12 13:57 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-12 13:57 - 2016-09-30 07:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 13:57 - 2016-09-30 07:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-12 13:57 - 2016-09-30 07:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-12 13:57 - 2016-09-30 07:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-12 13:57 - 2016-09-30 07:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-12 13:57 - 2016-09-30 07:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-12 13:57 - 2016-09-30 07:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-12 13:57 - 2016-09-30 07:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-12 13:57 - 2016-09-30 07:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-12 13:57 - 2016-09-30 06:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 13:57 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-12 13:57 - 2016-09-30 06:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-12 13:57 - 2016-09-30 06:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-12 13:57 - 2016-09-30 06:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-12 13:57 - 2016-09-30 06:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-12 13:57 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-12 13:57 - 2016-09-30 06:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-12 13:57 - 2016-09-30 06:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-12 13:57 - 2016-09-30 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-12 13:57 - 2016-09-30 06:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-12 13:57 - 2016-09-30 06:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-12 13:57 - 2016-09-30 06:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-12 13:57 - 2016-09-30 06:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-12 13:57 - 2016-09-30 06:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-12 13:57 - 2016-09-30 06:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-12 13:57 - 2016-09-30 06:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-12 13:57 - 2016-09-30 06:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-12 13:57 - 2016-09-30 06:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-12 13:57 - 2016-09-30 06:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-12 13:57 - 2016-09-30 06:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-12 13:57 - 2016-09-30 06:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-12 13:57 - 2016-09-30 06:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-12 13:57 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-12 13:57 - 2016-09-12 22:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-12 13:57 - 2016-09-12 21:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-12 13:57 - 2016-09-12 21:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-12 13:57 - 2016-09-12 21:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-12 13:57 - 2016-09-12 21:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-12 13:57 - 2016-09-12 21:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-12 13:57 - 2016-09-12 21:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-12 13:57 - 2016-09-12 21:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-12 13:57 - 2016-09-12 21:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 19:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-12 13:57 - 2016-09-09 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-12 13:57 - 2016-09-09 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-12 13:57 - 2016-09-09 19:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 13:57 - 2016-09-09 18:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-12 13:57 - 2016-09-09 18:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 13:57 - 2016-09-09 18:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-12 13:57 - 2016-09-09 18:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-12 13:57 - 2016-09-09 18:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-12 13:57 - 2016-09-09 18:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-12 13:57 - 2016-09-09 18:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-12 13:57 - 2016-09-09 18:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-12 13:57 - 2016-09-09 18:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-12 13:57 - 2016-09-09 18:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 13:57 - 2016-09-09 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 13:57 - 2016-08-29 16:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 13:57 - 2016-08-29 16:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-12 13:57 - 2016-08-29 16:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-12 13:57 - 2016-08-29 16:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 13:57 - 2016-08-29 16:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-12 13:57 - 2016-08-29 16:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-12 13:57 - 2016-08-29 16:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 13:57 - 2016-08-29 15:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 13:57 - 2016-08-16 21:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-12 13:57 - 2016-08-16 21:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-12 13:57 - 2016-08-16 21:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-12 13:57 - 2016-08-16 21:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-12 13:57 - 2016-08-16 21:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-12 13:57 - 2016-08-16 21:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-12 13:57 - 2016-08-16 21:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-12 13:57 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-12 13:57 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-12 13:57 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-12 13:57 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-12 13:57 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-12 13:57 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-12 13:57 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-12 13:57 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-12 13:57 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-12 13:57 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-12 13:57 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-12 13:57 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-12 13:50 - 2016-07-22 15:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-12 13:50 - 2016-07-22 15:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-10 18:14 - 2016-10-10 18:14 - 00243590 _____ C:\Users\Cel\Downloads\978-3-8274-2866-0_Lösungen_Kap4-5_v2 (1).pdf
2016-10-09 18:14 - 2016-10-09 18:14 - 09611641 _____ C:\Users\Cel\Downloads\mfp2Lösung ohne Gewähr (1).pdf
2016-10-04 02:29 - 2016-10-04 02:29 - 00273547 _____ C:\Users\Cel\Downloads\Loesung7.pdf
2016-10-03 23:37 - 2016-10-03 23:37 - 00243590 _____ C:\Users\Cel\Downloads\978-3-8274-2866-0_Lösungen_Kap4-5_v2.pdf
2016-10-03 22:20 - 2016-10-03 22:20 - 00106229 _____ C:\Users\Cel\Downloads\ue09_L (2).pdf
2016-10-03 22:10 - 2016-10-03 22:10 - 00106229 _____ C:\Users\Cel\Downloads\ue09_L (1).pdf
2016-10-03 21:55 - 2016-10-03 21:55 - 00106229 _____ C:\Users\Cel\Downloads\ue09_L.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-01 18:56 - 2011-04-13 03:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-01 18:53 - 2012-09-20 14:38 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001UA.job
2016-11-01 18:46 - 2011-07-09 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2016-11-01 18:32 - 2012-11-09 23:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-01 14:18 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-01 14:18 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-01 14:17 - 2011-11-26 14:14 - 00000000 ____D C:\Users\Cel\AppData\Roaming\Skype
2016-11-01 14:16 - 2011-02-19 05:24 - 00711094 _____ C:\Windows\system32\perfh007.dat
2016-11-01 14:16 - 2011-02-19 05:24 - 00153542 _____ C:\Windows\system32\perfc007.dat
2016-11-01 14:16 - 2009-07-14 06:13 - 01651444 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-01 14:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-01 14:14 - 2011-04-13 03:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-01 14:10 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-01 14:04 - 2015-02-05 14:40 - 00000000 ____D C:\ProgramData\National Instruments
2016-11-01 12:07 - 2011-11-22 18:56 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2016-11-01 09:53 - 2012-09-20 14:38 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001Core.job
2016-11-01 09:13 - 2011-11-26 15:08 - 00000000 ____D C:\Users\Cel\AppData\Local\Adobe
2016-10-31 17:47 - 2014-03-02 13:53 - 00000000 ____D C:\Users\Cel\AppData\Local\Battle.net
2016-10-31 15:26 - 2014-03-02 13:53 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-10-28 12:21 - 2011-11-22 19:01 - 00000000 ____D C:\Users\Cel\AppData\Local\Google
2016-10-26 16:29 - 2011-11-27 14:14 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-26 15:54 - 2012-09-20 14:38 - 00002358 _____ C:\Users\Cel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-26 14:04 - 2016-06-17 17:14 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-10-25 19:02 - 2014-03-10 09:40 - 00000000 ____D C:\Users\Cel\AppData\Local\Skype
2016-10-25 19:02 - 2011-11-26 14:14 - 00000000 ____D C:\ProgramData\Skype
2016-10-25 19:02 - 2011-11-22 18:55 - 00000000 ____D C:\Users\Cel
2016-10-14 17:13 - 2014-12-25 21:08 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-10-14 17:12 - 2015-11-11 22:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-13 08:34 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-13 08:30 - 2014-12-24 19:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-13 08:30 - 2014-12-24 19:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-13 08:30 - 2009-07-14 05:45 - 04914552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-13 03:29 - 2014-12-11 09:49 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-13 03:29 - 2014-05-06 22:53 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-13 03:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-13 03:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-13 02:15 - 2013-08-14 20:51 - 00000000 ____D C:\Windows\system32\MRT
2016-10-13 02:04 - 2014-12-24 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-13 02:04 - 2011-11-26 13:52 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 22:21 - 2016-09-25 02:46 - 00000000 ____D C:\Users\Cel\Downloads\MfP1+2
2016-10-11 00:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-09-09 01:12 - 2016-07-01 21:36 - 0000132 _____ () C:\Users\Cel\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2011-12-09 19:36 - 2012-01-15 22:13 - 0000132 _____ () C:\Users\Cel\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-05-16 14:11 - 2016-05-16 14:27 - 0001935 _____ () C:\Users\Cel\AppData\Roaming\gnuplot_history
2013-05-11 11:43 - 2016-09-28 21:45 - 0001456 _____ () C:\Users\Cel\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-01-18 21:38 - 2015-01-18 21:38 - 0003390 _____ () C:\Users\Cel\AppData\Local\recently-used.xbel
2013-01-05 07:44 - 2015-05-01 14:06 - 0007623 _____ () C:\Users\Cel\AppData\Local\Resmon.ResmonCfg
2011-04-13 03:48 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-07-09 07:31 - 2011-07-09 07:31 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-07-09 07:31 - 2011-07-09 07:31 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Einige Dateien in TEMP:
====================
C:\Users\Cel\AppData\Local\Temp\binkw32.dll
C:\Users\Cel\AppData\Local\Temp\contentDATs.exe
C:\Users\Cel\AppData\Local\Temp\Core.dll
C:\Users\Cel\AppData\Local\Temp\d2l_Install.exe
C:\Users\Cel\AppData\Local\Temp\d2l_PlayD2.exe
C:\Users\Cel\AppData\Local\Temp\dbghelp.dll
C:\Users\Cel\AppData\Local\Temp\Engine.dll
C:\Users\Cel\AppData\Local\Temp\FastDownload.exe
C:\Users\Cel\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Cel\AppData\Local\Temp\IFC23.dll
C:\Users\Cel\AppData\Local\Temp\InstallAX.exe
C:\Users\Cel\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Cel\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Cel\AppData\Local\Temp\MSVCR71.dll
C:\Users\Cel\AppData\Local\Temp\ogg.dll
C:\Users\Cel\AppData\Local\Temp\recycle.exe
C:\Users\Cel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Cel\AppData\Local\Temp\SIntf16.dll
C:\Users\Cel\AppData\Local\Temp\SIntf32.dll
C:\Users\Cel\AppData\Local\Temp\SIntfNT.dll
C:\Users\Cel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Cel\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Cel\AppData\Local\Temp\uninstall.exe
C:\Users\Cel\AppData\Local\Temp\vorbis.dll
C:\Users\Cel\AppData\Local\Temp\vorbisfile.dll
C:\Users\Cel\AppData\Local\Temp\Window.dll
C:\Users\Cel\AppData\Local\Temp\_is5BA8.exe
C:\Users\Cel\AppData\Local\Temp\_isC60C.exe
C:\Users\Timba\AppData\Local\Temp\SecurityScan_Release.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-05 10:25
==================== Ende von FRST.txt ============================
|
|
01.11.2016, 20:45
| #2 |
| | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt Addition Datei
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von Cel (01-11-2016 19:07:39)
Gestartet von C:\Users\Cel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-11-22 17:55:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3318948826-2183189698-3215584185-500 - Administrator - Disabled)
Cel (S-1-5-21-3318948826-2183189698-3215584185-1001 - Administrator - Enabled) => C:\Users\Cel
Gast (S-1-5-21-3318948826-2183189698-3215584185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3318948826-2183189698-3215584185-1006 - Limited - Enabled)
Timba (S-1-5-21-3318948826-2183189698-3215584185-1004 - Limited - Enabled) => C:\Users\Timba
UpdatusUser (S-1-5-21-3318948826-2183189698-3215584185-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B001064C-D061-4BAE-9031-416A838D5536}) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.42 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.45 - Atheros Communications)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.0.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Data Lifeguard Diagnostic for Windows (HKLM-x32\...\{75B61CF0-B8A8-46E2-8709-C4A79898AC1D}) (Version: 1.17 - Western Digital Corporation)
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.8 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
gnuplot 4.6.6 (HKLM\...\{AB419AC3-9BC1-4EC5-A75B-4D8870DD651F}_is1) (Version: 4.6.6 - gnuplot development team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 17.0.963.78 - Google Inc.)
Google Chrome (HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.99 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
ImageJ 1.48v (HKLM\...\ImageJ_is1) (Version: - NIH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 7 Update 3 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417003FF}) (Version: 7.0.30 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Memeo AutoSync (HKLM-x32\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version: - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version: - NCsoft)
NVIDIA Graphics Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.36 - VIA Technologies, Inc.) Hidden
Pokémon Trading Card Game Online (HKLM-x32\...\{2C962E04-B2C1-4698-AE6C-1D338EA60E93}) (Version: 2.39.0 - The Pokémon Company International)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
PyQt4 - PyQwt5 5.2.1-5 (HKLM-x32\...\PyQt4 - PyQwt5 5.2.1-5) (Version: 5.2.1-5 - pythonxy.com)
PyQt4 - QtHelp 4.8.4-2 (HKLM-x32\...\PyQt4 - QtHelp 4.8.4-2) (Version: 4.8.4-2 - pythonxy.com)
Python 2.7 - babel 0.9.6-1 (HKLM-x32\...\Python 2.7 - babel 0.9.6-1) (Version: 0.9.6-1 - pythonxy)
Python 2.7 - base_libraries 1.1.0-5 (HKLM-x32\...\Python 2.7 - base_libraries 1.1.0-5) (Version: 1.1.0-5 - pythonxy)
Python 2.7 - base_python 1.3.0-5 (HKLM-x32\...\Python 2.7 - base_python 1.3.0-5) (Version: 1.3.0-5 - pythonxy)
Python 2.7 - bottleneck 0.6.0-1 (HKLM-x32\...\Python 2.7 - bottleneck 0.6.0-1) (Version: 0.6.0-1 - pythonxy)
Python 2.7 - cffi 0.5.0-2 (HKLM-x32\...\Python 2.7 - cffi 0.5.0-2) (Version: 0.5.0-2 - pythonxy)
Python 2.7 - cx_Freeze 4.3.1-1 (HKLM-x32\...\Python 2.7 - cx_Freeze 4.3.1-1) (Version: 4.3.1-1 - pythonxy.com)
Python 2.7 - distribute 0.6.45-8 (HKLM-x32\...\Python 2.7 - distribute 0.6.45-8) (Version: 0.6.45-8 - pythonxy)
Python 2.7 - docutils 0.10-1 (HKLM-x32\...\Python 2.7 - docutils 0.10-1) (Version: 0.10-1 - pythonxy.com)
Python 2.7 - EnthoughtToolSuite 4.3.0-2 (HKLM-x32\...\Python 2.7 - EnthoughtToolSuite 4.3.0-2) (Version: 4.3.0-2 - hxxp://pythonxy.googlecode.com)
Python 2.7 - formlayout 1.0.13-2 (HKLM-x32\...\Python 2.7 - formlayout 1.0.13-2) (Version: 1.0.13-2 - pythonxy)
Python 2.7 - freeimage 3.5.14-2 (HKLM-x32\...\Python 2.7 - freeimage 3.5.14-2) (Version: 3.5.14-2 - pythonxy.com)
Python 2.7 - gevent 1.0.0-1 (HKLM-x32\...\Python 2.7 - gevent 1.0.0-1) (Version: 1.0.0-1 - pythonxy.com)
Python 2.7 - Gnuplot 1.8.0.3 (HKLM-x32\...\Python 2.7 - Gnuplot 1.8.0.3) (Version: 1.8.0.3 - pythonxy.com)
Python 2.7 - guidata 1.6.1-2 (HKLM-x32\...\Python 2.7 - guidata 1.6.1-2) (Version: 1.6.1-2 - pythonxy)
Python 2.7 - guiqwt 2.3.1-3 (HKLM-x32\...\Python 2.7 - guiqwt 2.3.1-3) (Version: 2.3.1-3 - pythonxy)
Python 2.7 - h5py 2.1.3-2 (HKLM-x32\...\Python 2.7 - h5py 2.1.3-2) (Version: 2.1.3-2 - pythonxy)
Python 2.7 - IPython 0.13.2-2 (HKLM-x32\...\Python 2.7 - IPython 0.13.2-2) (Version: 0.13.2-2 - pythonxy)
Python 2.7 - jinja2 2.7-1 (HKLM-x32\...\Python 2.7 - jinja2 2.7-1) (Version: 2.7-1 - pythonxy)
Python 2.7 - lxml 3.2.0-5 (HKLM-x32\...\Python 2.7 - lxml 3.2.0-5) (Version: 3.2.0-5 - pythonxy)
Python 2.7 - mahotas 0.99-4 (HKLM-x32\...\Python 2.7 - mahotas 0.99-4) (Version: 0.99-4 - pythonxy)
Python 2.7 - matplotlib 1.2.1-1 (HKLM-x32\...\Python 2.7 - matplotlib 1.2.1-1) (Version: 1.2.1-1 - pythonxy)
Python 2.7 - nose 1.3.0-1 (HKLM-x32\...\Python 2.7 - nose 1.3.0-1) (Version: 1.3.0-1 - pythonxy)
Python 2.7 - numexpr 2.1-1 (HKLM-x32\...\Python 2.7 - numexpr 2.1-1) (Version: 2.1-1 - pythonxy)
Python 2.7 - numpy 1.7.1-2 (HKLM-x32\...\Python 2.7 - numpy 1.7.1-2) (Version: 1.7.1-2 - pythonxy)
Python 2.7 - pandas 0.11.0-6 (HKLM-x32\...\Python 2.7 - pandas 0.11.0-6) (Version: 0.11.0-6 - pythonxy)
Python 2.7 - paramiko 1.10.1-1 (HKLM-x32\...\Python 2.7 - paramiko 1.10.1-1) (Version: 1.10.1-1 - pythonxy)
Python 2.7 - PIL 2.0.0-1 (HKLM-x32\...\Python 2.7 - PIL 2.0.0-1) (Version: 2.0.0-1 - pythonxy)
Python 2.7 - pip 1.3.1-2 (HKLM-x32\...\Python 2.7 - pip 1.3.1-2) (Version: 1.3.1-2 - pythonxy.com)
Python 2.7 - ply 3.4 (HKLM-x32\...\Python 2.7 - ply 3.4) (Version: 3.4 - pythonxy.com)
Python 2.7 - psutil 0.7.1-2 (HKLM-x32\...\Python 2.7 - psutil 0.7.1-2) (Version: 0.7.1-2 - pythonxy)
Python 2.7 - py2exe 0.6.9 (HKLM-x32\...\Python 2.7 - py2exe 0.6.9) (Version: 0.6.9 - pythonxy.com)
Python 2.7 - pycparser 2.90.1-1 (HKLM-x32\...\Python 2.7 - pycparser 2.90.1-1) (Version: 2.90.1-1 - pythonxy.com)
Python 2.7 - pycrypto 2.6-1 (HKLM-x32\...\Python 2.7 - pycrypto 2.6-1) (Version: 2.6-1 - pythonxy)
Python 2.7 - pyfits 3.1.1-1 (HKLM-x32\...\Python 2.7 - pyfits 3.1.1-1) (Version: 3.1.1-1 - pythonxy.com)
Python 2.7 - pygments 1.6-1 (HKLM-x32\...\Python 2.7 - pygments 1.6-1) (Version: 1.6-1 - pythonxy.com)
Python 2.7 - PyICU 1.5-1 (HKLM-x32\...\Python 2.7 - PyICU 1.5-1) (Version: 1.5-1 - pythonxy.com)
Python 2.7 - pylint 0.28.0-5 (HKLM-x32\...\Python 2.7 - pylint 0.28.0-5) (Version: 0.28.0-5 - pythonxy)
Python 2.7 - PyOpenGL 3.0.2-2 (HKLM-x32\...\Python 2.7 - PyOpenGL 3.0.2-2) (Version: 3.0.2-2 - pythonxy)
Python 2.7 - PyQt4 4.9.6-3 (HKLM-x32\...\Python 2.7 - PyQt4 4.9.6-3) (Version: 4.9.6-3 - pythonxy.com)
Python 2.7 - pyreadline 2.0-1 (HKLM-x32\...\Python 2.7 - pyreadline 2.0-1) (Version: 2.0-1 - pythonxy)
Python 2.7 - pytables 2.4.0 (HKLM-x32\...\Python 2.7 - pytables 2.4.0) (Version: 2.4.0 - pythonxy.com)
Python 2.7 - pywin32 218-1 (HKLM-x32\...\Python 2.7 - pywin32 218-1) (Version: 218-1 - pythonxy.com)
Python 2.7 - pyzmq 13.1.0-5 (HKLM-x32\...\Python 2.7 - pyzmq 13.1.0-5) (Version: 13.1.0-5 - pythonxy)
Python 2.7 - reportlab 2.7-1 (HKLM-x32\...\Python 2.7 - reportlab 2.7-1) (Version: 2.7-1 - pythonxy)
Python 2.7 - scipy 0.12.0-1 (HKLM-x32\...\Python 2.7 - scipy 0.12.0-1) (Version: 0.12.0-1 - pythonxy)
Python 2.7 - sphinx 1.1.3.1 (HKLM-x32\...\Python 2.7 - sphinx 1.1.3.1) (Version: 1.1.3.1 - pythonxy.com)
Python 2.7 - spyder 2.2.0-5 (HKLM-x32\...\Python 2.7 - spyder 2.2.0-5) (Version: 2.2.0-5 - pythonxy)
Python 2.7 - sqlalchemy 0.8.1-5 (HKLM-x32\...\Python 2.7 - sqlalchemy 0.8.1-5) (Version: 0.8.1-5 - pythonxy)
Python 2.7 - tornado 3.0.1-2 (HKLM-x32\...\Python 2.7 - tornado 3.0.1-2) (Version: 3.0.1-2 - pythonxy)
Python 2.7 - veusz 1.17.1-3 (HKLM-x32\...\Python 2.7 - veusz 1.17.1-3) (Version: 1.17.1-3 - pythonxy)
Python 2.7 - virtualenv 1.9.1-3 (HKLM-x32\...\Python 2.7 - virtualenv 1.9.1-3) (Version: 1.9.1-3 - pythonxy.com)
Python 2.7 - vitables 2.1.0.3 (HKLM-x32\...\Python 2.7 - vitables 2.1.0.3) (Version: 2.1.0.3 - pythonxy.com)
Python 2.7 - vtk 5.10.1-1 (HKLM-x32\...\Python 2.7 - vtk 5.10.1-1) (Version: 5.10.1-1 - pythonxy)
Python 2.7 - wxPython 2.8.12.1-1 (HKLM-x32\...\Python 2.7 - wxPython 2.8.12.1-1) (Version: 2.8.12.1-1 - pythonxy)
Python 2.7 - xy 1.3.1-3 (HKLM-x32\...\Python 2.7 - xy 1.3.1-3) (Version: 1.3.1-3 - hxxp://pythonxy.googlecode.com)
Python 2.7.5 (x32 Version: 2.7.5150 - Python Software Foundation) Hidden
Python(x,y) - console 2.0.148-8 (HKLM-x32\...\Python(x,y) - console 2.0.148-8) (Version: 2.0.148-8 - pythonxy.com)
Python(x,y) - mingw 4.5.2.3 (HKLM-x32\...\Python(x,y) - mingw 4.5.2.3) (Version: 4.5.2.3 - pythonxy.com)
Python(x,y) - SciTE 3.3.2-3 (HKLM-x32\...\Python(x,y) - SciTE 3.3.2-3) (Version: 3.3.2-3 - pythonxy)
Python(x,y) - xydoc 1.0.5.1 (HKLM-x32\...\Python(x,y) - xydoc 1.0.5.1) (Version: 1.0.5.1 - pythonxy.com)
Python(x,y) (HKLM-x32\...\Python(x,y)) (Version: 2.7.5.0 - Python(x,y))
QtiPlot 0.9.9-rc6 (HKLM\...\QtiPlot_is1) (Version: - Ion Vasilief)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SNS-HDR Pro v1.4.22 (HKLM\...\SNS-HDR Pro_is1) (Version: - Sebastian Nibisz)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
TeX Live 2014 (HKLM-x32\...\TeXLive2014) (Version: 2014 - )
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
The Photographer's Ephemeris (HKLM-x32\...\Flexrise.9F3FBFC56E7DF11606748B3513468A7A7FB809D1.1) (Version: 1.1.1 - UNKNOWN)
The Photographer's Ephemeris (x32 Version: 1.1.1 - UNKNOWN) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
Warhammer 40,000: Dawn Of War - Gold Edition (HKLM-x32\...\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}) (Version: 1.51 - THQ)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Cel\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\ooofilt_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01D5A7A4-5EE6-45D6-8DBE-5182C0D36E54} - System32\Tasks\AdobeAAMUpdater-1.0-Ira2-Timba => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {16B33B23-FAA5-4229-A32A-98436229EBEE} - System32\Tasks\AdobeAAMUpdater-1.0-Ira2-Cel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {27BC4578-4391-429D-B23B-3CB3926C5AB3} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {4E5ED7A2-1CD2-4D52-BDA7-A505B4892425} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20] (Adobe Systems Incorporated)
Task: {5928A2DE-F6E2-443B-AB47-C532F144977B} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-11-10] (ASUS)
Task: {5ADCFF04-6CCD-410D-923A-B5DF5471A858} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-11-01] (AVAST Software)
Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {7356920F-F7D3-4BFB-A7E5-5D036450C111} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {77BD2382-42A0-4D14-B3F5-5BFEA51C060D} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-12] ()
Task: {82B69EBA-AF10-442F-BE48-C7576555D48A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {A9F54FD1-7702-4E7A-A864-18D73B6711E5} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {AF5B7AC3-7DF3-47BB-BE9C-B31FDCDC71C1} - System32\Tasks\{2F399389-4DE6-4C22-8BDC-012C53538E2E} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {C9B2C724-B823-4F6E-929F-AC7D32ACDD5F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001UA => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {F15B09C8-A5D5-451D-BA77-12156FB65268} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001Core => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {F233F6A6-F986-459B-A88C-2AED6D4352A3} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001Core.job => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001UA.job => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-12 01:35 - 2010-05-12 01:35 - 00489392 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2010-04-03 03:21 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2011-05-20 08:17 - 2011-01-27 01:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-07-04 23:19 - 2014-01-13 17:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2016-10-26 15:54 - 2016-10-20 09:47 - 01819240 _____ () C:\Users\Cel\AppData\Local\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-26 15:54 - 2016-10-20 09:47 - 00093288 _____ () C:\Users\Cel\AppData\Local\Google\Chrome\Application\54.0.2840.71\libegl.dll
2015-12-02 17:58 - 2015-11-16 19:32 - 00919040 _____ () C:\Windows\mod_frst.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:gs5sys [2560]
AlternateDataStreams: C:\Users\All Users:gs5sys [2560]
AlternateDataStreams: C:\Users\Cel:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Temp:3E7393FC [120]
AlternateDataStreams: C:\ProgramData\Temp:52DBE86F [141]
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63 [133]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Anwendungsdaten:gs5sys [1792]
AlternateDataStreams: C:\Users\Cel\Cookies:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Lokale Einstellungen:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Vorlagen:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\AppData\Roaming:gs5sys [1792]
AlternateDataStreams: C:\Users\Cel\AppData\Local\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Users\Timba\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\Cookies:gs5sys [1792]
AlternateDataStreams: C:\Users\Timba\Lokale Einstellungen:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\Vorlagen:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\AppData\Local\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\Documents\desktop.ini:gs5sys [3074]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3318948826-2183189698-3215584185-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Timba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fsssvc => 3
MSCONFIG\Services: GoogleDesktopManager => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Memeo AutoSync => C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{50D76052-134E-46DB-AF8E-63827F883C0F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}] => (Allow) LPort=2869
FirewallRules: [{B827E1C7-5A7A-484C-9653-2FE388A8B888}] => (Allow) LPort=1900
FirewallRules: [{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}] => (Allow) LPort=5353
FirewallRules: [{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}] => (Allow) LPort=8182
FirewallRules: [{FED1FC28-F56F-4C3B-8B26-ED8A9D399D15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E0484D80-9ADE-4363-AC52-C40B6C461ADA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7AC4AB0C-3DFB-4FA9-BEB6-E2FC3FD190CB}] => (Allow) C:\Users\Cel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9A2261A0-75B8-49F7-9002-C0F9F711A0D0}] => (Allow) C:\Users\Cel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{3A2CA2BD-959C-40CD-820F-68732E7344E2}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{DEC81975-466B-47A2-90E9-295D014DC09F}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{3B3F9CBF-7738-4386-86EC-C20B5CB47798}C:\users\cel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\cel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{AF7E16B5-CFD4-4839-BD7A-F3DBD8674FCC}C:\users\cel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\cel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0C0EBE63-CAED-4ED5-AFF6-6340ECF65F36}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [UDP Query User{08B5F222-3C0F-4A47-ADF6-DF8E56FE0270}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [{C3F84B40-22FD-47EE-9037-4064D6F57B0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{54FF1FAF-1F93-4A4A-9383-2B80D4EF1C38}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{78A3A9FB-D7A5-4A81-A2A5-38FD0E862EB0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{7184A63B-41A2-4BCA-9AFB-38950D6F66CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{95807503-325C-416E-919A-FA343B3426C2}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{207432C9-17BF-43D5-84CA-7F3C9CC56A1D}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{43CD4628-84C9-4617-9D07-8A3BA58E6F20}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39E3EBF0-095C-4A2B-B14B-46665EFB57C6}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0A02F083-E5C5-4746-84E8-26DAFEF4FB17}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{7E797BA3-9F6F-4345-A1BB-C5B9D04E8DBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{F8F6FBDD-EF89-4444-8CA1-B13BC1166857}] => (Allow) C:\Diablo III\Diablo III.exe
FirewallRules: [{7BBDDBB3-261A-4180-B9F8-9EBBC61616C4}] => (Allow) C:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{9AE58A58-709E-40FB-AC79-D52545C7A3D9}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{97CEF59C-4DAE-4C53-ABF8-B24C6D28302D}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{EA0340F7-6B34-44C4-9727-B1C374CF1D2F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{0EECE465-29F5-4BE1-85AD-42DF3CCD4A31}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B95F542A-2F75-460B-92CA-6CDA94AFA40C}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{81BB230B-D8A0-4514-852B-45DFBC75BAF9}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{235FF395-FF99-47D3-998D-4D35E925BE5F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B76D2254-D130-4FFF-8D30-1FA860AC5125}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{D96E8C0A-52EC-4145-AFFE-106B66D9656B}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{24798290-8F76-4DE7-9DF8-94A159DF0869}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{08B00A40-6619-4E8E-BA7C-1CE7482B1D17}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B1586537-2217-4953-9241-53A8D40EA666}D:\lan games\valve\hl.exe] => (Allow) D:\lan games\valve\hl.exe
FirewallRules: [UDP Query User{627A91CB-33BA-4AB5-AB44-42EA8314B591}D:\lan games\valve\hl.exe] => (Allow) D:\lan games\valve\hl.exe
FirewallRules: [TCP Query User{A0D887AC-E08E-4460-B871-E5028CFA2A82}D:\lan games\valve\hl.exe] => (Allow) D:\lan games\valve\hl.exe
FirewallRules: [UDP Query User{90DC3973-C450-4A80-A933-0997159203AF}D:\lan games\valve\hl.exe] => (Allow) D:\lan games\valve\hl.exe
FirewallRules: [TCP Query User{CA591BA1-12D4-4556-8513-E7346F298B16}D:\lan games\call of duty 2(unmodifiziert)\cod2mp_s.exe] => (Allow) D:\lan games\call of duty 2(unmodifiziert)\cod2mp_s.exe
FirewallRules: [UDP Query User{F0BDAC1E-B131-4825-8967-7BF7823D8607}D:\lan games\call of duty 2(unmodifiziert)\cod2mp_s.exe] => (Allow) D:\lan games\call of duty 2(unmodifiziert)\cod2mp_s.exe
FirewallRules: [TCP Query User{B4E31010-5831-45A0-9E50-BCE9BD6D5296}D:\lan games\serious sam\bin\serioussam.exe] => (Allow) D:\lan games\serious sam\bin\serioussam.exe
FirewallRules: [UDP Query User{0FACCF2C-4FA7-4566-966B-A39FC7095443}D:\lan games\serious sam\bin\serioussam.exe] => (Allow) D:\lan games\serious sam\bin\serioussam.exe
FirewallRules: [TCP Query User{16598008-8DC7-4BB2-A804-2440AB955A00}D:\lan games\left for dead 2\left4dead2.exe] => (Allow) D:\lan games\left for dead 2\left4dead2.exe
FirewallRules: [UDP Query User{F91376B0-90DE-43B2-87CD-6A1DF99A7035}D:\lan games\left for dead 2\left4dead2.exe] => (Allow) D:\lan games\left for dead 2\left4dead2.exe
FirewallRules: [{997680EB-876A-4B43-9187-E7C3161B8FBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{2AC1C873-C04E-4E96-9EC4-25D3854013FB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{2A83EF70-CACB-4208-876A-6DA5610273E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{05D4E010-0475-4C29-9F29-9906EACBA7E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [TCP Query User{54CF9A82-65FA-4C1B-A1D3-014AB5EDCE75}D:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) D:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{D2A7FBC1-7BA6-4DDE-A42F-E13209A1087C}D:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) D:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{E38833B2-CAFE-4388-8D79-C0059930D20A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C367F679-9404-45D8-8028-EA4F7A9ACF36}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{EDB351D0-716E-4D02-AF30-8F521BF7604D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{291F7567-5DA5-4897-BDFD-28B6E8B9808D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{001B5C0A-F766-43B0-BE54-1370B5479761}] => (Allow) F:\GAMES\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{B6F39FED-4283-400C-A23F-5D733FD16BA3}] => (Allow) F:\GAMES\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{065F712D-8EA0-4EB8-96F2-17C3EDC18163}] => (Allow) F:\GAMES\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{2C6F7B4C-8E95-484C-9CA3-9CEEB3848D24}] => (Allow) F:\GAMES\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{9639C0A5-5F19-4DB9-A5FA-E711AAE0FD48}] => (Allow) F:\GAMES\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{640602EC-B55F-4F1D-A656-2E5808AB2DD1}] => (Allow) F:\GAMES\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{AA3D1449-6149-4FD9-B4C2-BE72EEB2036E}] => (Allow) F:\GAMES\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D9525AB8-0391-402F-ABDB-EE28C0EAE5D6}] => (Allow) F:\GAMES\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{E9C6733E-9CC1-49F2-9F10-1AB539F0EFCB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{630C9084-89BB-46DD-AB02-F3ABEED06DB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{CB7C2DD0-51B4-4E86-BD5C-536F0866F202}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{72A5BBB0-C69C-431D-97FC-AA4A71762E18}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{2F44C744-8188-4706-A2A4-C57C25E7FB90}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{912258F3-2FB4-4142-82D9-7C3B8D05281B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{910B6A40-2CCA-432A-AF28-2D9C6A9882E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{5DC87795-DC29-468C-87CE-00CF37C5B11D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E1AFA14C-C1A5-443A-B8C3-62E6D28087D0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{B23C1CEB-6163-4DFC-B6CC-1639537B7E4F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{AF39C1ED-D4B2-4DE6-BBAD-E4AB84B9A6F0}D:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{4B8FB3A9-AD2F-484A-AF6D-9CA352052BC9}D:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{DCBB6479-86C1-4B52-9966-2C6DD8B60C1A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{80C69812-5F55-477D-8F73-36B6019968B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{5CFE2DF1-2599-4BFD-A575-33667DED0F76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{EF141A72-352F-41D3-AC01-6FDE2C35DC78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{D6E57FDC-3616-472C-B596-634630DA5E2C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{435577DA-004E-4419-AB04-6BA94D94B4B6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F96680E7-9F86-4FE3-A32B-E0898EFD230A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{03E6E309-9D20-40B2-AC71-5E6996F76A47}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{73287D78-6200-4CE4-8D4B-0B1C2BDCAE74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{D770DC2F-C2E2-44D3-9F9C-3D3F26B9C532}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{DFC86F79-654C-4C09-8EE5-CC5EACC798ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{80E2A420-646B-4080-86DE-54D337B7C73D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{DE848CC5-A9F0-41C8-AB37-A0E8E3DF73C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{6504B097-D983-44BA-9090-0602C7749CBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{8912D763-E0B5-48B2-9DAA-5AA798AFB77B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{11FA025A-7DA8-454E-873A-5CFA3AE5CF23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{8421811C-06E4-4985-9A78-1799CD8D87AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C39E0353-FB30-4AA5-AEBE-3BECA28A2731}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C66C4A29-7855-44D4-BC8A-49CFF32003AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{E7A6CEFF-0C9C-4696-BAD7-4C53BA810F00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{3874F974-BEAD-4924-8C8C-3C885B1E1A69}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{28FA3F39-5D3E-4AE3-95F1-C9E2A6478C58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{D51123BB-DCE5-46F9-B1EA-C6D06A3B3DBB}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{B9E9F2BC-DFB4-4795-B9CB-C230C2F066AA}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{73B2E4E3-D353-4EC6-B2F3-92D69CA23512}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{F1B9102E-949E-46B4-9D98-82753AF9302D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{FA6D9E90-3387-45EE-8C36-A65939FD1DA4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{43E5FBE6-1F18-419E-B78E-DE8C59A7B7E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2784BBDA-4751-4842-B06C-DEE32B6207FD}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E13EB274-9EDF-4055-9D30-901E056CFE19}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39BE90F2-D7CC-455A-85B1-3C421F3148EF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{932A3869-82E5-4CBD-9086-D513361032D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{1336B3B3-72C2-4368-BECE-39D9B8728893}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4ACB12DF-5D65-4F05-9F49-E68F8E1EF680}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{C4E201CF-D7DA-4C72-A14F-EB0B60A82C14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{C68BB9E7-E38F-4ABE-9754-E8CE83644B84}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{BC4FAC5E-61C0-4ADF-A9CF-E22E31D39C67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{44D17A72-4D71-4DC6-89BD-BF44871324C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{6A4B6142-A671-4B7C-9C25-1A68992CB224}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{03E444FB-3834-4DD6-AF73-992C6812D332}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{256835AE-B2D1-46D5-BA19-D8580B8D2DF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{AA0645EB-9830-421A-8EEE-BA2D2363BF45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{C0A8B3DC-514F-42B8-94B6-130DC1E1013F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{0AE44207-107B-4FBB-B6C1-19069C074A61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{91545EE3-63D9-46B3-8564-004D31FF3D36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B32A3F01-0E38-4252-9853-14409CC25B57}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{E1FA80EF-0B59-40D9-BF13-83C7C6C9DD49}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{DAFA4F86-916D-4BCE-8528-5B3D4388D146}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{487FBAE5-68D0-497E-BB71-E7E92988F187}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{FB276E18-BEE5-4710-AC08-D13AFC14966D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{E845B059-EB7C-450E-8C22-16A8EE9EAFDD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{AD495F60-2208-49E3-9036-6E64E55A22DC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{C029993C-3A84-474E-9DD8-FCD0FBF15BAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{C2BDD343-56EC-4B62-94A0-49B82B1EF8FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{E2D645AF-D939-4A33-950D-710766C89BA0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{EC7D4CCC-88CF-4732-914C-E2AD7A8DEF8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{0D60B663-E25A-421C-9E96-34E93111D6E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{E7F49941-F47D-4331-B826-D7E9CBD6C7D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{7173D924-F532-48C3-8DC2-6EB46CF667E4}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BCC8C44D-56C6-4023-96F6-82FE65EA1A5B}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{27A880E5-F7DB-421D-9F50-AA75C3D719DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{2CE1796C-8060-4A3B-9364-3E1D8FCEF323}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1DCCBB09-D52A-40ED-9CC5-4838502CD247}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{804BDDA8-0EAA-42C1-9B6A-611AC190E819}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{75C9E25A-4EFC-47B5-8321-46A0E9112986}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{D5D30D7F-C437-43A5-9364-07430563AAAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{CE609E0C-CE4F-4551-9E68-6B02A9EF75D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{670794AD-A579-4F88-BF1F-B42155BB2C25}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{5CAEAD05-A4B8-4E23-8D28-83328162F460}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{052E1539-9E56-4853-8CB2-038C0F5F8ED0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7663DF67-5872-495A-9C52-14D4E1C4DF6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{191EC9BA-91B2-4454-95A8-4308143B900B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9ECF4816-6BB8-40D2-A958-A4E1C3FAE8F6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{1CE58FBF-A286-461D-AFA3-EBE5EB1A21D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{07088C5B-C129-4A70-88F8-3865216B734F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{30A02051-D094-4FCA-8EA1-903A7BF39F77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{FF461AF5-7754-4618-B74F-30BFE2F008B5}D:\program files\imagej\imagej.exe] => (Allow) D:\program files\imagej\imagej.exe
FirewallRules: [UDP Query User{5D11F3DD-8E8C-4F5A-B912-1093BD261F53}D:\program files\imagej\imagej.exe] => (Allow) D:\program files\imagej\imagej.exe
FirewallRules: [{797E5B6D-5278-4E93-BF29-0680DE7CC45A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{53718755-3097-4A1E-8DA4-CF057EF98F70}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A2C36EBA-C811-46CD-93D5-9EC77EB66982}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{8AC5625D-7C28-4D7E-9910-D3E61F7D0F0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{863E0B3C-B21A-4B19-A815-194941B9B174}] => (Allow) D:\Diablo III\Diablo III.exe
FirewallRules: [{834513DC-69D9-443B-A9AC-EC8422FD6349}] => (Allow) D:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{D7099B15-63F3-4D6E-9259-3C5C5570AD5A}D:\program files\imagej\imagej.exe] => (Block) D:\program files\imagej\imagej.exe
FirewallRules: [UDP Query User{51C92E19-DB0F-4416-A09D-1C0120994C52}D:\program files\imagej\imagej.exe] => (Block) D:\program files\imagej\imagej.exe
FirewallRules: [TCP Query User{AD95A7BE-0B44-4FA0-BDF3-630D42CA926B}C:\users\cel\downloads\tiberiansun_online\cncnet5.exe] => (Allow) C:\users\cel\downloads\tiberiansun_online\cncnet5.exe
FirewallRules: [UDP Query User{6922C823-441D-4F00-A477-821028CE8FE8}C:\users\cel\downloads\tiberiansun_online\cncnet5.exe] => (Allow) C:\users\cel\downloads\tiberiansun_online\cncnet5.exe
FirewallRules: [TCP Query User{7BEA7A76-C61F-401E-9824-D559FDFFAFC9}C:\users\cel\downloads\tiberiansun_online\ts-spawn.exe] => (Allow) C:\users\cel\downloads\tiberiansun_online\ts-spawn.exe
FirewallRules: [UDP Query User{B1860600-676E-41F8-876B-C4208272B9F6}C:\users\cel\downloads\tiberiansun_online\ts-spawn.exe] => (Allow) C:\users\cel\downloads\tiberiansun_online\ts-spawn.exe
FirewallRules: [TCP Query User{6F61D4E5-5C44-4BDE-AEEA-746870608C30}C:\users\cel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\cel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6DC69B71-5C53-4343-A78B-C5028A39A838}C:\users\cel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\cel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{78180CAE-D74A-49F2-B105-C9A004AF04C8}D:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{99F39B98-8131-4474-B824-6DC619108901}D:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4B9DC810-9DF2-46F5-ADF0-BEFB9CBDF93F}D:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5B66006C-8A79-45AD-9F52-F8DAE353B3A0}D:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E6244335-96B9-4868-BE5A-8527278673F8}D:\diablo iii public test\diablo iii.exe] => (Allow) D:\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{D18B8548-F5F9-44F2-881C-FC1800F02E2B}D:\diablo iii public test\diablo iii.exe] => (Allow) D:\diablo iii public test\diablo iii.exe
FirewallRules: [{4E30F4CC-8F6A-41F6-AED6-89594164D398}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{60166383-59E0-40C4-B432-20B52E879D70}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{66DE0CF0-ADFD-44DE-ABF4-9A5F34E6FAA9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6CA8586-E5DF-403D-9139-FA6BD36AE6FD}] => (Allow) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
25-10-2016 08:13:51 Windows Update
28-10-2016 14:21:18 Windows Update
01-11-2016 12:03:20 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Slimtype DVD A DS8A5SH
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Description: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: USB2.0 UVC VGA WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/01/2016 12:32:29 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "/", file "d:/program files (x86)/national instruments/shared/ni webserver/www/": Can't access URL .
Error: (11/01/2016 12:27:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/01/2016 11:47:28 AM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (11/01/2016 11:47:28 AM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/31/2016 06:18:42 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/31/2016 06:18:42 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/30/2016 02:04:59 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/30/2016 02:04:59 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/26/2016 01:58:51 PM) (Source: MsiInstaller) (EventID: 11606) (User: Ira2)
Description: Produkt: Pokémon Trading Card Game Online -- Fehler 1606. Zugriff auf die Netzwerkadresse Property.USER_PROFILE war nicht möglich.
Error: (10/26/2016 01:58:50 PM) (Source: MsiInstaller) (EventID: 11606) (User: Ira2)
Description: Produkt: Pokémon Trading Card Game Online -- Fehler 1606. Zugriff auf die Netzwerkadresse Property.USER_PROFILE war nicht möglich.
Systemfehler:
=============
Error: (11/01/2016 02:10:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (11/01/2016 12:38:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (11/01/2016 12:08:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (11/01/2016 11:47:34 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (11/01/2016 09:04:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (11/01/2016 09:03:28 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.11.2016 um 01:44:36 unerwartet heruntergefahren.
Error: (10/31/2016 06:18:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (10/31/2016 02:16:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (10/30/2016 02:05:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (10/29/2016 04:25:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8104.16 MB
Verfügbarer physikalischer RAM: 5437.59 MB
Summe virtueller Speicher: 16206.5 MB
Verfügbarer virtueller Speicher: 13618.21 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:125.03 GB) (Free:33.1 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:148.06 GB) (Free:81.77 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 38601C96)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
10.11.2016, 15:44
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt 1. Schritt: Malwarebytes Anti-Rootkit (MBAR)
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
12.11.2016, 18:38
| #4 |
| | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt mbar log file: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.11.12.07
rootkit: v2016.10.31.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18524
Cel :: IRA2 [administrator]
12.11.2016 17:03:02
mbar-log-2016-11-12 (17-03-02).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 385550
Time elapsed: 57 minute(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Werde jetzt Schritt 2 folgen. TDSSKiller log file, 1 verdächtiges Objekt gefunden: Code:
ATTFilter 18:31:22.0622 0x0e70 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
18:31:45.0380 0x0e70 ============================================================
18:31:45.0380 0x0e70 Current date / time: 2016/11/12 18:31:45.0380
18:31:45.0380 0x0e70 SystemInfo:
18:31:45.0380 0x0e70
18:31:45.0380 0x0e70 OS Version: 6.1.7601 ServicePack: 1.0
18:31:45.0380 0x0e70 Product type: Workstation
18:31:45.0380 0x0e70 ComputerName: IRA2
18:31:45.0381 0x0e70 UserName: Cel
18:31:45.0381 0x0e70 Windows directory: C:\Windows
18:31:45.0381 0x0e70 System windows directory: C:\Windows
18:31:45.0381 0x0e70 Running under WOW64
18:31:45.0381 0x0e70 Processor architecture: Intel x64
18:31:45.0381 0x0e70 Number of processors: 4
18:31:45.0381 0x0e70 Page size: 0x1000
18:31:45.0381 0x0e70 Boot type: Normal boot
18:31:45.0381 0x0e70 CodeIntegrityOptions = 0x00000001
18:31:45.0381 0x0e70 ============================================================
18:31:45.0689 0x0e70 KLMD registered as C:\Windows\system32\drivers\93004603.sys
18:31:45.0689 0x0e70 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23569, osProperties = 0x1
18:31:46.0256 0x0e70 System UUID: {C9B4917F-0620-1AEB-00EE-C0C7CF44D7B7}
18:31:46.0828 0x0e70 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:31:46.0838 0x0e70 ============================================================
18:31:46.0838 0x0e70 \Device\Harddisk0\DR0:
18:31:46.0838 0x0e70 MBR partitions:
18:31:46.0839 0x0e70 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xFA0E000
18:31:46.0867 0x0e70 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12C0F000, BlocksNum 0x1281F000
18:31:46.0867 0x0e70 ============================================================
18:31:46.0895 0x0e70 C: <-> \Device\Harddisk0\DR0\Partition1
18:31:46.0933 0x0e70 D: <-> \Device\Harddisk0\DR0\Partition2
18:31:46.0933 0x0e70 ============================================================
18:31:46.0933 0x0e70 Initialize success
18:31:46.0934 0x0e70 ============================================================
18:32:34.0376 0x0a20 ============================================================
18:32:34.0376 0x0a20 Scan started
18:32:34.0376 0x0a20 Mode: Manual; SigCheck; TDLFS;
18:32:34.0376 0x0a20 ============================================================
18:32:34.0376 0x0a20 KSN ping started
18:32:34.0538 0x0a20 KSN ping finished: true
18:32:35.0835 0x0a20 ================ Scan system memory ========================
18:32:35.0836 0x0a20 System memory - ok
18:32:35.0837 0x0a20 ================ Scan services =============================
18:32:36.0031 0x0a20 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:32:36.0136 0x0a20 1394ohci - ok
18:32:36.0200 0x0a20 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:32:36.0229 0x0a20 ACPI - ok
18:32:36.0268 0x0a20 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:32:36.0319 0x0a20 AcpiPmi - ok
18:32:36.0495 0x0a20 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:32:36.0524 0x0a20 AdobeARMservice - ok
18:32:36.0681 0x0a20 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:32:36.0698 0x0a20 AdobeFlashPlayerUpdateSvc - ok
18:32:36.0757 0x0a20 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:32:36.0787 0x0a20 adp94xx - ok
18:32:36.0832 0x0a20 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:32:36.0855 0x0a20 adpahci - ok
18:32:36.0888 0x0a20 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:32:36.0905 0x0a20 adpu320 - ok
18:32:36.0943 0x0a20 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:32:36.0998 0x0a20 AeLookupSvc - ok
18:32:37.0083 0x0a20 [ 079CBA3C5C9AB11B2B4E6BD729A860F2, 86D58003D34E93D1C9154940B5DF2BD8AD77A6840FB52BF81978420A5FC68370 ] AFBAgent C:\Windows\system32\FBAgent.exe
18:32:37.0119 0x0a20 AFBAgent - ok
18:32:37.0200 0x0a20 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
18:32:37.0249 0x0a20 AFD - ok
18:32:37.0299 0x0a20 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:32:37.0311 0x0a20 agp440 - ok
18:32:37.0353 0x0a20 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:32:37.0381 0x0a20 ALG - ok
18:32:37.0421 0x0a20 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:32:37.0436 0x0a20 aliide - ok
18:32:37.0459 0x0a20 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:32:37.0474 0x0a20 amdide - ok
18:32:37.0510 0x0a20 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:32:37.0548 0x0a20 AmdK8 - ok
18:32:37.0573 0x0a20 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:32:37.0612 0x0a20 AmdPPM - ok
18:32:37.0672 0x0a20 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:32:37.0703 0x0a20 amdsata - ok
18:32:37.0739 0x0a20 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:32:37.0762 0x0a20 amdsbs - ok
18:32:37.0773 0x0a20 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:32:37.0784 0x0a20 amdxata - ok
18:32:37.0834 0x0a20 [ 92A848F962DA91C631147D566414BB7E, 8F3161A7C1930610819DA3529635B1D28C27E37BE75B2552402C97C78CA33477 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
18:32:37.0856 0x0a20 AmUStor - ok
18:32:37.0909 0x0a20 [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID C:\Windows\system32\drivers\appid.sys
18:32:37.0942 0x0a20 AppID - ok
18:32:37.0961 0x0a20 [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:32:38.0021 0x0a20 AppIDSvc - ok
18:32:38.0067 0x0a20 [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo C:\Windows\System32\appinfo.dll
18:32:38.0118 0x0a20 Appinfo - ok
18:32:38.0157 0x0a20 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:32:38.0175 0x0a20 arc - ok
18:32:38.0196 0x0a20 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:32:38.0211 0x0a20 arcsas - ok
18:32:38.0285 0x0a20 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
18:32:38.0307 0x0a20 ASLDRService - ok
18:32:38.0347 0x0a20 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
18:32:38.0361 0x0a20 ASMMAP64 - ok
18:32:38.0462 0x0a20 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:32:38.0491 0x0a20 aspnet_state - ok
18:32:38.0548 0x0a20 [ A7E7AE771A2FCDBD5F28910A38D9A82C, 09890C6C04895187499215FF9849513913431207D58F2E180B5E34F0A7040D2D ] assd C:\Windows\system32\drivers\assd.sys
18:32:38.0567 0x0a20 assd - ok
18:32:38.0596 0x0a20 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:32:38.0662 0x0a20 AsyncMac - ok
18:32:38.0705 0x0a20 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:32:38.0716 0x0a20 atapi - ok
18:32:38.0777 0x0a20 [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
18:32:38.0850 0x0a20 AthBTPort - ok
18:32:38.0917 0x0a20 [ A6307F356D778E18A76E7783EF98C6AA, BD8326AA08B669517BDB54BAF53E6D3D6AFFE69359C67EF857114587A9064BA6 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
18:32:38.0955 0x0a20 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
18:32:39.0142 0x0a20 Detect skipped due to KSN trusted
18:32:39.0143 0x0a20 Atheros Bt&Wlan Coex Agent - ok
18:32:39.0211 0x0a20 [ 749FF240DEDAFAFF94288E0307104DF3, 834BEC88DC3B90C8DE7E126CC3AEB599B09FFB20865C1D941302303E42634F8F ] AtherosSvc C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
18:32:39.0231 0x0a20 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:32:39.0362 0x0a20 Detect skipped due to KSN trusted
18:32:39.0363 0x0a20 AtherosSvc - ok
18:32:39.0527 0x0a20 [ B4174564AD5834A1680610572477878C, EA8687C90FE871AA427B4139BEE425E6DC4CFBC4CF3DCE29695EB9B967D9872F ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:32:39.0659 0x0a20 athr - ok
18:32:39.0687 0x0a20 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
18:32:39.0698 0x0a20 ATKGFNEXSrv - ok
18:32:39.0745 0x0a20 [ 1F7238A37389ED92E9D8EEE975CABD54, AFEE4B89A330C106651BB230920FC623813B075D2B75DFEDCC68A3207B291365 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
18:32:39.0764 0x0a20 ATKWMIACPIIO - ok
18:32:39.0855 0x0a20 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:32:39.0904 0x0a20 AudioEndpointBuilder - ok
18:32:39.0928 0x0a20 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:32:39.0962 0x0a20 AudioSrv - ok
18:32:40.0017 0x0a20 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:32:40.0053 0x0a20 AxInstSV - ok
18:32:40.0103 0x0a20 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:32:40.0160 0x0a20 b06bdrv - ok
18:32:40.0215 0x0a20 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:32:40.0248 0x0a20 b57nd60a - ok
18:32:40.0295 0x0a20 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:32:40.0333 0x0a20 BDESVC - ok
18:32:40.0370 0x0a20 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:32:40.0454 0x0a20 Beep - ok
18:32:40.0528 0x0a20 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:32:40.0580 0x0a20 BFE - ok
18:32:40.0673 0x0a20 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:32:40.0759 0x0a20 BITS - ok
18:32:40.0791 0x0a20 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:32:40.0847 0x0a20 blbdrive - ok
18:32:40.0889 0x0a20 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:32:40.0920 0x0a20 bowser - ok
18:32:40.0954 0x0a20 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:32:41.0004 0x0a20 BrFiltLo - ok
18:32:41.0028 0x0a20 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:32:41.0073 0x0a20 BrFiltUp - ok
18:32:41.0130 0x0a20 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:32:41.0173 0x0a20 Browser - ok
18:32:41.0208 0x0a20 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:32:41.0264 0x0a20 Brserid - ok
18:32:41.0292 0x0a20 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:32:41.0330 0x0a20 BrSerWdm - ok
18:32:41.0364 0x0a20 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:32:41.0408 0x0a20 BrUsbMdm - ok
18:32:41.0443 0x0a20 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:32:41.0489 0x0a20 BrUsbSer - ok
18:32:41.0575 0x0a20 [ 227C8F308DE4AF4808E587465CEAB838, 7CF9FB82C979551E82F06F9D4003704E786CF2EAB4BE0836CB0BE9E735C48942 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
18:32:41.0612 0x0a20 BTATH_A2DP - ok
18:32:41.0660 0x0a20 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
18:32:41.0698 0x0a20 BTATH_BUS - ok
18:32:41.0742 0x0a20 [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
18:32:41.0782 0x0a20 BTATH_HCRP - ok
18:32:41.0816 0x0a20 [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:32:41.0849 0x0a20 BTATH_LWFLT - ok
18:32:41.0883 0x0a20 [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
18:32:41.0917 0x0a20 BTATH_RCP - ok
18:32:41.0982 0x0a20 [ 486720DA2B3BB13D1080C83140C18B56, 19AE32903198E8183E4FD9E09151E8F1B3799BBCD693AB25DFD23C467FE3246D ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
18:32:42.0023 0x0a20 BtFilter - ok
18:32:42.0070 0x0a20 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:32:42.0096 0x0a20 BthEnum - ok
18:32:42.0137 0x0a20 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:32:42.0179 0x0a20 BTHMODEM - ok
18:32:42.0201 0x0a20 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:32:42.0243 0x0a20 BthPan - ok
18:32:42.0334 0x0a20 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:32:42.0371 0x0a20 BTHPORT - ok
18:32:42.0422 0x0a20 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:32:42.0517 0x0a20 bthserv - ok
18:32:42.0555 0x0a20 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:32:42.0586 0x0a20 BTHUSB - ok
18:32:42.0627 0x0a20 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:32:42.0714 0x0a20 cdfs - ok
18:32:42.0752 0x0a20 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:32:42.0769 0x0a20 cdrom - ok
18:32:42.0799 0x0a20 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:32:42.0861 0x0a20 CertPropSvc - ok
18:32:42.0903 0x0a20 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:32:42.0962 0x0a20 circlass - ok
18:32:43.0030 0x0a20 [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS C:\Windows\system32\CLFS.sys
18:32:43.0060 0x0a20 CLFS - ok
18:32:43.0142 0x0a20 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:32:43.0167 0x0a20 clr_optimization_v2.0.50727_32 - ok
18:32:43.0232 0x0a20 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:32:43.0257 0x0a20 clr_optimization_v2.0.50727_64 - ok
18:32:43.0340 0x0a20 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:32:43.0375 0x0a20 clr_optimization_v4.0.30319_32 - ok
18:32:43.0394 0x0a20 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:32:43.0417 0x0a20 clr_optimization_v4.0.30319_64 - ok
18:32:43.0446 0x0a20 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:32:43.0471 0x0a20 CmBatt - ok
18:32:43.0499 0x0a20 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:32:43.0514 0x0a20 cmdide - ok
18:32:43.0581 0x0a20 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
18:32:43.0628 0x0a20 CNG - ok
18:32:43.0681 0x0a20 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:32:43.0704 0x0a20 Compbatt - ok
18:32:43.0726 0x0a20 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:32:43.0766 0x0a20 CompositeBus - ok
18:32:43.0784 0x0a20 COMSysApp - ok
18:32:43.0807 0x0a20 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:32:43.0823 0x0a20 crcdisk - ok
18:32:43.0878 0x0a20 [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:32:43.0914 0x0a20 CryptSvc - ok
18:32:44.0007 0x0a20 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
18:32:44.0042 0x0a20 DcomLaunch - ok
18:32:44.0088 0x0a20 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:32:44.0137 0x0a20 defragsvc - ok
18:32:44.0195 0x0a20 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:32:44.0252 0x0a20 DfsC - ok
18:32:44.0318 0x0a20 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:32:44.0349 0x0a20 Dhcp - ok
18:32:44.0531 0x0a20 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
18:32:44.0604 0x0a20 DiagTrack - ok
18:32:44.0644 0x0a20 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:32:44.0699 0x0a20 discache - ok
18:32:44.0758 0x0a20 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
18:32:44.0785 0x0a20 Disk - ok
18:32:44.0839 0x0a20 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:32:44.0863 0x0a20 Dnscache - ok
18:32:44.0901 0x0a20 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:32:44.0967 0x0a20 dot3svc - ok
18:32:45.0002 0x0a20 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:32:45.0061 0x0a20 DPS - ok
18:32:45.0103 0x0a20 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:32:45.0145 0x0a20 drmkaud - ok
18:32:45.0211 0x0a20 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:32:45.0258 0x0a20 DXGKrnl - ok
18:32:45.0297 0x0a20 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:32:45.0393 0x0a20 EapHost - ok
18:32:45.0573 0x0a20 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:32:45.0732 0x0a20 ebdrv - ok
18:32:45.0787 0x0a20 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS C:\Windows\System32\lsass.exe
18:32:45.0805 0x0a20 EFS - ok
18:32:45.0912 0x0a20 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:32:45.0967 0x0a20 ehRecvr - ok
18:32:46.0000 0x0a20 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:32:46.0037 0x0a20 ehSched - ok
18:32:46.0109 0x0a20 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:32:46.0139 0x0a20 elxstor - ok
18:32:46.0253 0x0a20 [ 8783EDE26F315555EFE697239D337910, 344232F0018A942B57AF40FBE00AEB89F55A8F412CD20A2174024117F95B2BE9 ] epp C:\EEK\bin64\epp.sys
18:32:46.0286 0x0a20 epp - ok
18:32:46.0301 0x0a20 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:32:46.0333 0x0a20 ErrDev - ok
18:32:46.0409 0x0a20 [ 05B0DCDA418E297A1B4CD8D7B8ADE403, 100F8093B3772563AD42F4C167E2A7C6ED65603FBB610804DBA0CAFAA7658520 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:32:46.0446 0x0a20 ETD - ok
18:32:46.0507 0x0a20 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:32:46.0569 0x0a20 EventSystem - ok
18:32:46.0593 0x0a20 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:32:46.0649 0x0a20 exfat - ok
18:32:46.0679 0x0a20 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:32:46.0736 0x0a20 fastfat - ok
18:32:46.0837 0x0a20 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:32:46.0893 0x0a20 Fax - ok
18:32:46.0929 0x0a20 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:32:46.0943 0x0a20 fdc - ok
18:32:46.0980 0x0a20 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:32:47.0061 0x0a20 fdPHost - ok
18:32:47.0087 0x0a20 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:32:47.0153 0x0a20 FDResPub - ok
18:32:47.0194 0x0a20 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:32:47.0207 0x0a20 FileInfo - ok
18:32:47.0238 0x0a20 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:32:47.0317 0x0a20 Filetrace - ok
18:32:47.0353 0x0a20 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:32:47.0385 0x0a20 flpydisk - ok
18:32:47.0418 0x0a20 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:32:47.0439 0x0a20 FltMgr - ok
18:32:47.0556 0x0a20 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
18:32:47.0626 0x0a20 FontCache - ok
18:32:47.0697 0x0a20 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:32:47.0721 0x0a20 FontCache3.0.0.0 - ok
18:32:47.0742 0x0a20 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:32:47.0755 0x0a20 FsDepends - ok
18:32:47.0797 0x0a20 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:32:47.0808 0x0a20 fssfltr - ok
18:32:47.0927 0x0a20 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:32:47.0990 0x0a20 fsssvc - ok
18:32:48.0027 0x0a20 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:32:48.0051 0x0a20 Fs_Rec - ok
18:32:48.0093 0x0a20 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:32:48.0115 0x0a20 fvevol - ok
18:32:48.0151 0x0a20 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:32:48.0164 0x0a20 gagp30kx - ok
18:32:48.0355 0x0a20 [ 6E1A910BB776E726C05BEA92FB55D008, B35FF95242DB244B1F03E78A03CBF3CE76DBBE56936C3F8023176FE5626D7443 ] GoogleDesktopManager C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
18:32:48.0443 0x0a20 GoogleDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
18:32:48.0727 0x0a20 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning
18:32:48.0983 0x0a20 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
18:32:49.0024 0x0a20 gpsvc - ok
18:32:49.0096 0x0a20 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:32:49.0124 0x0a20 gupdate - ok
18:32:49.0196 0x0a20 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:32:49.0222 0x0a20 gupdatem - ok
18:32:49.0263 0x0a20 [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:32:49.0280 0x0a20 gusvc - ok
18:32:49.0324 0x0a20 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:32:49.0367 0x0a20 hcw85cir - ok
18:32:49.0418 0x0a20 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:32:49.0465 0x0a20 HdAudAddService - ok
18:32:49.0504 0x0a20 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:32:49.0542 0x0a20 HDAudBus - ok
18:32:49.0578 0x0a20 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:32:49.0615 0x0a20 HidBatt - ok
18:32:49.0640 0x0a20 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:32:49.0673 0x0a20 HidBth - ok
18:32:49.0709 0x0a20 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:32:49.0762 0x0a20 HidIr - ok
18:32:49.0786 0x0a20 [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
18:32:49.0796 0x0a20 hidkmdf - ok
18:32:49.0824 0x0a20 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:32:49.0886 0x0a20 hidserv - ok
18:32:49.0925 0x0a20 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:32:49.0938 0x0a20 HidUsb - ok
18:32:49.0976 0x0a20 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:32:50.0031 0x0a20 hkmsvc - ok
18:32:50.0055 0x0a20 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:32:50.0095 0x0a20 HomeGroupListener - ok
18:32:50.0132 0x0a20 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:32:50.0153 0x0a20 HomeGroupProvider - ok
18:32:50.0175 0x0a20 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:32:50.0189 0x0a20 HpSAMD - ok
18:32:50.0283 0x0a20 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:32:50.0345 0x0a20 HTTP - ok
18:32:50.0387 0x0a20 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:32:50.0398 0x0a20 hwpolicy - ok
18:32:50.0425 0x0a20 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:32:50.0442 0x0a20 i8042prt - ok
18:32:50.0533 0x0a20 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:32:50.0560 0x0a20 iaStor - ok
18:32:50.0600 0x0a20 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:32:50.0626 0x0a20 iaStorV - ok
18:32:50.0734 0x0a20 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:32:50.0777 0x0a20 idsvc - ok
18:32:50.0800 0x0a20 IEEtwCollectorService - ok
18:32:51.0381 0x0a20 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0, 92F264325C3B1F70E0ACDBC886F7DC4C32371759EA94CE359B0FABD89573DCA4 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:32:51.0982 0x0a20 igfx - ok
18:32:52.0034 0x0a20 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:32:52.0046 0x0a20 iirsp - ok
18:32:52.0106 0x0a20 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:32:52.0163 0x0a20 IKEEXT - ok
18:32:52.0296 0x0a20 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:32:52.0345 0x0a20 IntcDAud - ok
18:32:52.0369 0x0a20 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:32:52.0380 0x0a20 intelide - ok
18:32:52.0421 0x0a20 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:32:52.0452 0x0a20 intelppm - ok
18:32:52.0499 0x0a20 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:32:52.0555 0x0a20 IPBusEnum - ok
18:32:52.0577 0x0a20 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:32:52.0635 0x0a20 IpFilterDriver - ok
18:32:52.0677 0x0a20 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:32:52.0723 0x0a20 iphlpsvc - ok
18:32:52.0771 0x0a20 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:32:52.0821 0x0a20 IPMIDRV - ok
18:32:52.0850 0x0a20 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:32:52.0915 0x0a20 IPNAT - ok
18:32:52.0958 0x0a20 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:32:52.0988 0x0a20 IRENUM - ok
18:32:53.0018 0x0a20 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:32:53.0030 0x0a20 isapnp - ok
18:32:53.0081 0x0a20 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:32:53.0107 0x0a20 iScsiPrt - ok
18:32:53.0137 0x0a20 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:32:53.0149 0x0a20 kbdclass - ok
18:32:53.0175 0x0a20 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:32:53.0207 0x0a20 kbdhid - ok
18:32:53.0255 0x0a20 [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
18:32:53.0274 0x0a20 kbfiltr - ok
18:32:53.0300 0x0a20 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso C:\Windows\system32\lsass.exe
18:32:53.0330 0x0a20 KeyIso - ok
18:32:53.0366 0x0a20 [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:32:53.0395 0x0a20 KSecDD - ok
18:32:53.0422 0x0a20 [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:32:53.0443 0x0a20 KSecPkg - ok
18:32:53.0480 0x0a20 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:32:53.0552 0x0a20 ksthunk - ok
18:32:53.0600 0x0a20 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:32:53.0669 0x0a20 KtmRm - ok
18:32:53.0715 0x0a20 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
18:32:53.0727 0x0a20 L1C - ok
18:32:53.0763 0x0a20 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:32:53.0828 0x0a20 LanmanServer - ok
18:32:53.0862 0x0a20 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:32:53.0906 0x0a20 LanmanWorkstation - ok
18:32:53.0944 0x0a20 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:32:54.0006 0x0a20 lltdio - ok
18:32:54.0054 0x0a20 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:32:54.0126 0x0a20 lltdsvc - ok
18:32:54.0147 0x0a20 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:32:54.0189 0x0a20 lmhosts - ok
18:32:54.0267 0x0a20 [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:32:54.0299 0x0a20 LMS - ok
18:32:54.0342 0x0a20 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:32:54.0357 0x0a20 LSI_FC - ok
18:32:54.0384 0x0a20 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:32:54.0399 0x0a20 LSI_SAS - ok
18:32:54.0439 0x0a20 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:32:54.0452 0x0a20 LSI_SAS2 - ok
18:32:54.0482 0x0a20 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:32:54.0497 0x0a20 LSI_SCSI - ok
18:32:54.0519 0x0a20 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:32:54.0576 0x0a20 luafv - ok
18:32:54.0607 0x0a20 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:32:54.0624 0x0a20 Mcx2Svc - ok
18:32:54.0646 0x0a20 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:32:54.0658 0x0a20 megasas - ok
18:32:54.0684 0x0a20 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:32:54.0705 0x0a20 MegaSR - ok
18:32:54.0757 0x0a20 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:32:54.0780 0x0a20 MEIx64 - ok
18:32:54.0816 0x0a20 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:32:54.0893 0x0a20 MMCSS - ok
18:32:54.0912 0x0a20 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:32:54.0966 0x0a20 Modem - ok
18:32:55.0010 0x0a20 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:32:55.0040 0x0a20 monitor - ok
18:32:55.0104 0x0a20 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:32:55.0131 0x0a20 mouclass - ok
18:32:55.0168 0x0a20 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:32:55.0210 0x0a20 mouhid - ok
18:32:55.0240 0x0a20 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:32:55.0255 0x0a20 mountmgr - ok
18:32:55.0353 0x0a20 [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:32:55.0379 0x0a20 MozillaMaintenance - ok
18:32:55.0413 0x0a20 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:32:55.0430 0x0a20 mpio - ok
18:32:55.0448 0x0a20 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:32:55.0491 0x0a20 mpsdrv - ok
18:32:55.0564 0x0a20 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:32:55.0650 0x0a20 MpsSvc - ok
18:32:55.0699 0x0a20 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:32:55.0741 0x0a20 MRxDAV - ok
18:32:55.0785 0x0a20 [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:32:55.0824 0x0a20 mrxsmb - ok
18:32:55.0862 0x0a20 [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:32:55.0889 0x0a20 mrxsmb10 - ok
18:32:55.0908 0x0a20 [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:32:55.0940 0x0a20 mrxsmb20 - ok
18:32:55.0970 0x0a20 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:32:55.0982 0x0a20 msahci - ok
18:32:56.0018 0x0a20 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:32:56.0034 0x0a20 msdsm - ok
18:32:56.0051 0x0a20 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:32:56.0088 0x0a20 MSDTC - ok
18:32:56.0121 0x0a20 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:32:56.0174 0x0a20 Msfs - ok
18:32:56.0191 0x0a20 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:32:56.0264 0x0a20 mshidkmdf - ok
18:32:56.0287 0x0a20 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:32:56.0298 0x0a20 msisadrv - ok
18:32:56.0348 0x0a20 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:32:56.0429 0x0a20 MSiSCSI - ok
18:32:56.0433 0x0a20 msiserver - ok
18:32:56.0466 0x0a20 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:32:56.0507 0x0a20 MSKSSRV - ok
18:32:56.0523 0x0a20 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:32:56.0596 0x0a20 MSPCLOCK - ok
18:32:56.0618 0x0a20 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:32:56.0685 0x0a20 MSPQM - ok
18:32:56.0711 0x0a20 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:32:56.0734 0x0a20 MsRPC - ok
18:32:56.0760 0x0a20 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:32:56.0772 0x0a20 mssmbios - ok
18:32:56.0799 0x0a20 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:32:56.0859 0x0a20 MSTEE - ok
18:32:56.0878 0x0a20 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:32:56.0917 0x0a20 MTConfig - ok
18:32:56.0946 0x0a20 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:32:56.0959 0x0a20 Mup - ok
18:32:57.0023 0x0a20 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:32:57.0098 0x0a20 napagent - ok
18:32:57.0155 0x0a20 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:32:57.0210 0x0a20 NativeWifiP - ok
18:32:57.0275 0x0a20 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:32:57.0321 0x0a20 NDIS - ok
18:32:57.0357 0x0a20 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:32:57.0434 0x0a20 NdisCap - ok
18:32:57.0466 0x0a20 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:32:57.0525 0x0a20 NdisTapi - ok
18:32:57.0554 0x0a20 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:32:57.0608 0x0a20 Ndisuio - ok
18:32:57.0631 0x0a20 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:32:57.0690 0x0a20 NdisWan - ok
18:32:57.0720 0x0a20 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:32:57.0766 0x0a20 NDProxy - ok
18:32:57.0793 0x0a20 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:32:57.0835 0x0a20 NetBIOS - ok
18:32:57.0874 0x0a20 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:32:57.0896 0x0a20 NetBT - ok
18:32:57.0921 0x0a20 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon C:\Windows\system32\lsass.exe
18:32:57.0934 0x0a20 Netlogon - ok
18:32:57.0982 0x0a20 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:32:58.0058 0x0a20 Netman - ok
18:32:58.0118 0x0a20 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:58.0157 0x0a20 NetMsmqActivator - ok
18:32:58.0166 0x0a20 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:58.0183 0x0a20 NetPipeActivator - ok
18:32:58.0242 0x0a20 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:32:58.0321 0x0a20 netprofm - ok
18:32:58.0359 0x0a20 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:58.0376 0x0a20 NetTcpActivator - ok
18:32:58.0383 0x0a20 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:58.0400 0x0a20 NetTcpPortSharing - ok
18:32:58.0441 0x0a20 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:32:58.0465 0x0a20 nfrd960 - ok
18:32:58.0498 0x0a20 NIApplicationWebServer64 - ok
18:32:58.0526 0x0a20 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:32:58.0570 0x0a20 NlaSvc - ok
18:32:58.0633 0x0a20 [ 9573223E205907247AE6D948E3453770, 35D32A415F74863D7408229508F134D53CA0FA7EDD8B0E5FEEFC9DE588D0607B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
18:32:58.0708 0x0a20 nmwcdnsux64 - ok
18:32:58.0725 0x0a20 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:32:58.0766 0x0a20 Npfs - ok
18:32:58.0787 0x0a20 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:32:58.0829 0x0a20 nsi - ok
18:32:58.0863 0x0a20 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:32:58.0904 0x0a20 nsiproxy - ok
18:32:59.0029 0x0a20 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:32:59.0094 0x0a20 Ntfs - ok
18:32:59.0122 0x0a20 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:32:59.0179 0x0a20 Null - ok
18:32:59.0751 0x0a20 [ D5DEA2C1865CAB9EE6AA29CF9E79A2CE, A53624AA3863DBF6AB3CAFA5E0950D6F2FEA30832D4DCFB28509B269333ACAF9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:33:00.0394 0x0a20 nvlddmkm - ok
18:33:00.0457 0x0a20 [ 5EF70F7714C664BCF50EDFC141DEA9B8, 61D36E5EAD0D2E5B8441A6DEF4706965D9A10D3F26DF5966B27105B25FA90099 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
18:33:00.0477 0x0a20 nvpciflt - ok
18:33:00.0538 0x0a20 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:33:00.0566 0x0a20 nvraid - ok
18:33:00.0588 0x0a20 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:33:00.0605 0x0a20 nvstor - ok
18:33:00.0716 0x0a20 [ 5A4AF8EA634B4FEEAF6F16BB1845715A, 342215DEFE7AB9DE8258F67F03226D0E9FE4BB1960376CB2D0D394017FB9215E ] NVSvc C:\Windows\system32\nvvsvc.exe
18:33:00.0757 0x0a20 NVSvc - ok
18:33:00.0885 0x0a20 [ 4B7636C52A359AB0783B350A5FBDBB49, B283964E5B07DCAF9006CDD0A5E8D7A386A264D1DCEA9B8E743FF8B13A0AC0B3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:33:00.0957 0x0a20 nvUpdatusService - ok
18:33:00.0994 0x0a20 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:33:01.0009 0x0a20 nv_agp - ok
18:33:01.0027 0x0a20 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:33:01.0063 0x0a20 ohci1394 - ok
18:33:01.0130 0x0a20 OpcEnum - ok
18:33:01.0188 0x0a20 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:33:01.0243 0x0a20 p2pimsvc - ok
18:33:01.0287 0x0a20 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:33:01.0324 0x0a20 p2psvc - ok
18:33:01.0349 0x0a20 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:33:01.0384 0x0a20 Parport - ok
18:33:01.0417 0x0a20 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:33:01.0430 0x0a20 partmgr - ok
18:33:01.0482 0x0a20 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
18:33:01.0521 0x0a20 PcaSvc - ok
18:33:01.0552 0x0a20 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:33:01.0572 0x0a20 pci - ok
18:33:01.0591 0x0a20 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:33:01.0603 0x0a20 pciide - ok
18:33:01.0633 0x0a20 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:33:01.0654 0x0a20 pcmcia - ok
18:33:01.0678 0x0a20 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:33:01.0692 0x0a20 pcw - ok
18:33:01.0782 0x0a20 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:33:01.0835 0x0a20 PEAUTH - ok
18:33:01.0872 0x0a20 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:33:01.0898 0x0a20 PerfHost - ok
18:33:01.0999 0x0a20 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:33:02.0099 0x0a20 pla - ok
18:33:02.0182 0x0a20 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:33:02.0234 0x0a20 PlugPlay - ok
18:33:02.0274 0x0a20 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:33:02.0326 0x0a20 PNRPAutoReg - ok
18:33:02.0358 0x0a20 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:33:02.0389 0x0a20 PNRPsvc - ok
18:33:02.0453 0x0a20 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:33:02.0495 0x0a20 PolicyAgent - ok
18:33:02.0526 0x0a20 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:33:02.0592 0x0a20 Power - ok
18:33:02.0638 0x0a20 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:33:02.0710 0x0a20 PptpMiniport - ok
18:33:02.0733 0x0a20 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:33:02.0761 0x0a20 Processor - ok
18:33:02.0799 0x0a20 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:33:02.0834 0x0a20 ProfSvc - ok
18:33:02.0854 0x0a20 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\Windows\system32\lsass.exe
18:33:02.0867 0x0a20 ProtectedStorage - ok
18:33:02.0914 0x0a20 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:33:03.0006 0x0a20 Psched - ok
18:33:03.0058 0x0a20 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:33:03.0081 0x0a20 PxHlpa64 - ok
18:33:03.0198 0x0a20 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:33:03.0265 0x0a20 ql2300 - ok
18:33:03.0285 0x0a20 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:33:03.0301 0x0a20 ql40xx - ok
18:33:03.0343 0x0a20 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:33:03.0370 0x0a20 QWAVE - ok
18:33:03.0383 0x0a20 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:33:03.0415 0x0a20 QWAVEdrv - ok
18:33:03.0450 0x0a20 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:33:03.0490 0x0a20 RasAcd - ok
18:33:03.0517 0x0a20 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:33:03.0577 0x0a20 RasAgileVpn - ok
18:33:03.0610 0x0a20 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:33:03.0667 0x0a20 RasAuto - ok
18:33:03.0698 0x0a20 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:33:03.0759 0x0a20 Rasl2tp - ok
18:33:03.0826 0x0a20 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:33:03.0887 0x0a20 RasMan - ok
18:33:03.0924 0x0a20 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:33:03.0984 0x0a20 RasPppoe - ok
18:33:04.0014 0x0a20 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:33:04.0057 0x0a20 RasSstp - ok
18:33:04.0085 0x0a20 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:33:04.0144 0x0a20 rdbss - ok
18:33:04.0167 0x0a20 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:33:04.0197 0x0a20 rdpbus - ok
18:33:04.0234 0x0a20 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:33:04.0305 0x0a20 RDPCDD - ok
18:33:04.0332 0x0a20 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:33:04.0402 0x0a20 RDPENCDD - ok
18:33:04.0435 0x0a20 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:33:04.0476 0x0a20 RDPREFMP - ok
18:33:04.0514 0x0a20 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:33:04.0534 0x0a20 RDPWD - ok
18:33:04.0577 0x0a20 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:33:04.0596 0x0a20 rdyboost - ok
18:33:04.0631 0x0a20 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:33:04.0697 0x0a20 RemoteAccess - ok
18:33:04.0751 0x0a20 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:33:04.0812 0x0a20 RemoteRegistry - ok
18:33:04.0846 0x0a20 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:33:04.0889 0x0a20 RFCOMM - ok
18:33:04.0907 0x0a20 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:33:04.0967 0x0a20 RpcEptMapper - ok
18:33:04.0990 0x0a20 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:33:05.0033 0x0a20 RpcLocator - ok
18:33:05.0091 0x0a20 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
18:33:05.0130 0x0a20 RpcSs - ok
18:33:05.0172 0x0a20 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:33:05.0215 0x0a20 rspndr - ok
18:33:05.0243 0x0a20 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs C:\Windows\system32\lsass.exe
18:33:05.0256 0x0a20 SamSs - ok
18:33:05.0284 0x0a20 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:33:05.0298 0x0a20 sbp2port - ok
18:33:05.0326 0x0a20 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:33:05.0389 0x0a20 SCardSvr - ok
18:33:05.0417 0x0a20 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:33:05.0474 0x0a20 scfilter - ok
18:33:05.0557 0x0a20 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
18:33:05.0625 0x0a20 Schedule - ok
18:33:05.0655 0x0a20 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:33:05.0696 0x0a20 SCPolicySvc - ok
18:33:05.0731 0x0a20 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:33:05.0769 0x0a20 SDRSVC - ok
18:33:05.0808 0x0a20 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:33:05.0845 0x0a20 secdrv - ok
18:33:05.0893 0x0a20 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
18:33:05.0926 0x0a20 seclogon - ok
18:33:05.0952 0x0a20 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:33:06.0028 0x0a20 SENS - ok
18:33:06.0055 0x0a20 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:33:06.0080 0x0a20 SensrSvc - ok
18:33:06.0102 0x0a20 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:33:06.0126 0x0a20 Serenum - ok
18:33:06.0167 0x0a20 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:33:06.0205 0x0a20 Serial - ok
18:33:06.0242 0x0a20 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:33:06.0276 0x0a20 sermouse - ok
18:33:06.0315 0x0a20 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:33:06.0359 0x0a20 SessionEnv - ok
18:33:06.0379 0x0a20 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:33:06.0413 0x0a20 sffdisk - ok
18:33:06.0429 0x0a20 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:33:06.0445 0x0a20 sffp_mmc - ok
18:33:06.0459 0x0a20 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:33:06.0475 0x0a20 sffp_sd - ok
18:33:06.0488 0x0a20 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:33:06.0514 0x0a20 sfloppy - ok
18:33:06.0560 0x0a20 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:33:06.0633 0x0a20 SharedAccess - ok
18:33:06.0684 0x0a20 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:33:06.0750 0x0a20 ShellHWDetection - ok
18:33:06.0799 0x0a20 [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
18:33:06.0842 0x0a20 SiSGbeLH - ok
18:33:06.0869 0x0a20 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:33:06.0894 0x0a20 SiSRaid2 - ok
18:33:06.0902 0x0a20 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:33:06.0920 0x0a20 SiSRaid4 - ok
18:33:07.0026 0x0a20 [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:33:07.0059 0x0a20 SkypeUpdate - ok
18:33:07.0098 0x0a20 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:33:07.0180 0x0a20 Smb - ok
18:33:07.0224 0x0a20 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:33:07.0270 0x0a20 SNMPTRAP - ok
18:33:07.0309 0x0a20 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:33:07.0331 0x0a20 spldr - ok
18:33:07.0378 0x0a20 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:33:07.0432 0x0a20 Spooler - ok
18:33:07.0628 0x0a20 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:33:07.0876 0x0a20 sppsvc - ok
18:33:07.0896 0x0a20 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:33:07.0940 0x0a20 sppuinotify - ok
18:33:08.0012 0x0a20 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:33:08.0051 0x0a20 srv - ok
18:33:08.0083 0x0a20 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:33:08.0110 0x0a20 srv2 - ok
18:33:08.0130 0x0a20 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:33:08.0164 0x0a20 srvnet - ok
18:33:08.0210 0x0a20 [ ED161B91FDF7EAA39469D72D463D5F4E, FC793E378FB709313D0AC44F59BF5C9488D73235AA2B1A21C50C3DED91C6BE62 ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
18:33:08.0239 0x0a20 sscdbus - ok
18:33:08.0252 0x0a20 [ 4CB09E77593DBD8D7AF33B37375CA715, 7B14851A8EDAA996D28335FD4DA812C6114DD5012E1E929F4813797CDC77E5BC ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
18:33:08.0261 0x0a20 sscdmdfl - ok
18:33:08.0287 0x0a20 [ C7B4CF53497A6E5363F3439427663882, 993278ADAAC18F12FE00CCF76681461451DA335F67BB581FC7326045048EC085 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
18:33:08.0302 0x0a20 sscdmdm - ok
18:33:08.0324 0x0a20 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:33:08.0373 0x0a20 SSDPSRV - ok
18:33:08.0393 0x0a20 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:33:08.0452 0x0a20 SstpSvc - ok
18:33:08.0514 0x0a20 Steam Client Service - ok
18:33:08.0539 0x0a20 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:33:08.0566 0x0a20 stexstor - ok
18:33:08.0621 0x0a20 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:33:08.0677 0x0a20 stisvc - ok
18:33:08.0701 0x0a20 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:33:08.0713 0x0a20 swenum - ok
18:33:08.0823 0x0a20 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:33:08.0864 0x0a20 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:33:08.0973 0x0a20 Detect skipped due to KSN trusted
18:33:08.0973 0x0a20 SwitchBoard - ok
18:33:09.0045 0x0a20 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:33:09.0133 0x0a20 swprv - ok
18:33:09.0261 0x0a20 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
18:33:09.0338 0x0a20 SysMain - ok
18:33:09.0374 0x0a20 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:33:09.0397 0x0a20 TabletInputService - ok
18:33:09.0422 0x0a20 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:33:09.0485 0x0a20 TapiSrv - ok
18:33:09.0624 0x0a20 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:33:09.0704 0x0a20 Tcpip - ok
18:33:09.0835 0x0a20 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:33:09.0914 0x0a20 TCPIP6 - ok
18:33:09.0958 0x0a20 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:33:10.0005 0x0a20 tcpipreg - ok
18:33:10.0047 0x0a20 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:33:10.0103 0x0a20 TDPIPE - ok
18:33:10.0135 0x0a20 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:33:10.0176 0x0a20 TDTCP - ok
18:33:10.0217 0x0a20 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:33:10.0245 0x0a20 tdx - ok
18:33:10.0290 0x0a20 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:33:10.0315 0x0a20 TermDD - ok
18:33:10.0383 0x0a20 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:33:10.0418 0x0a20 TermService - ok
18:33:10.0444 0x0a20 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:33:10.0482 0x0a20 Themes - ok
18:33:10.0517 0x0a20 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:33:10.0559 0x0a20 THREADORDER - ok
18:33:10.0591 0x0a20 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:33:10.0652 0x0a20 TrkWks - ok
18:33:10.0738 0x0a20 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:33:10.0800 0x0a20 TrustedInstaller - ok
18:33:10.0822 0x0a20 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:33:10.0836 0x0a20 tssecsrv - ok
18:33:10.0877 0x0a20 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:33:10.0894 0x0a20 TsUsbFlt - ok
18:33:10.0900 0x0a20 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:33:10.0915 0x0a20 TsUsbGD - ok
18:33:10.0949 0x0a20 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:33:11.0009 0x0a20 tunnel - ok
18:33:11.0065 0x0a20 [ B355581A9DA34C92E2DBAFA410D2F829, 2EB97A055CB41898CA9FB7A58C6EEE5653CF18FD54123B346F8A664A3BE62874 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
18:33:11.0088 0x0a20 TurboB - ok
18:33:11.0152 0x0a20 [ 6564E84B1522C12EA1C3A181ED03276F, BADCCD3F28149427FEFCB0CF5011A87B0ED32752B81D211A9551983A4BD3699E ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:33:11.0174 0x0a20 TurboBoost - ok
18:33:11.0193 0x0a20 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:33:11.0207 0x0a20 uagp35 - ok
18:33:11.0242 0x0a20 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:33:11.0313 0x0a20 udfs - ok
18:33:11.0344 0x0a20 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:33:11.0361 0x0a20 UI0Detect - ok
18:33:11.0393 0x0a20 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:33:11.0422 0x0a20 uliagpkx - ok
18:33:11.0453 0x0a20 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:33:11.0471 0x0a20 umbus - ok
18:33:11.0501 0x0a20 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:33:11.0534 0x0a20 UmPass - ok
18:33:11.0756 0x0a20 [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:33:11.0848 0x0a20 UNS - ok
18:33:11.0894 0x0a20 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:33:11.0948 0x0a20 upnphost - ok
18:33:11.0985 0x0a20 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
18:33:12.0017 0x0a20 usbccgp - ok
18:33:12.0052 0x0a20 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:33:12.0104 0x0a20 usbcir - ok
18:33:12.0140 0x0a20 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:33:12.0182 0x0a20 usbehci - ok
18:33:12.0256 0x0a20 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
18:33:12.0293 0x0a20 usbhub - ok
18:33:12.0336 0x0a20 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:33:12.0360 0x0a20 usbohci - ok
18:33:12.0401 0x0a20 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:33:12.0439 0x0a20 usbprint - ok
18:33:12.0473 0x0a20 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:33:12.0501 0x0a20 usbscan - ok
18:33:12.0542 0x0a20 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:33:12.0569 0x0a20 USBSTOR - ok
18:33:12.0603 0x0a20 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:33:12.0619 0x0a20 usbuhci - ok
18:33:12.0673 0x0a20 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:33:12.0713 0x0a20 usbvideo - ok
18:33:12.0736 0x0a20 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:33:12.0803 0x0a20 UxSms - ok
18:33:12.0822 0x0a20 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc C:\Windows\system32\lsass.exe
18:33:12.0835 0x0a20 VaultSvc - ok
18:33:12.0872 0x0a20 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:33:12.0885 0x0a20 vdrvroot - ok
18:33:12.0944 0x0a20 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:33:13.0006 0x0a20 vds - ok
18:33:13.0021 0x0a20 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:33:13.0037 0x0a20 vga - ok
18:33:13.0050 0x0a20 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:33:13.0111 0x0a20 VgaSave - ok
18:33:13.0134 0x0a20 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:33:13.0153 0x0a20 vhdmp - ok
18:33:13.0304 0x0a20 [ 0486728D26398FB1D085C293233A8B8B, 7D6689EE7D553C8578F124C38242CA65A073C475932AB7FABB19C05D4DC0819C ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
18:33:13.0383 0x0a20 VIAHdAudAddService - ok
18:33:13.0414 0x0a20 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:33:13.0426 0x0a20 viaide - ok
18:33:13.0469 0x0a20 [ 5364870E77E1841AE55DDE2B75E9A52C, 159A0D35502A9408A2D81E47D71F8C05E341324917D27345E0C1597D66EDA32D ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
18:33:13.0493 0x0a20 VIAKaraokeService - ok
18:33:13.0532 0x0a20 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:33:13.0547 0x0a20 volmgr - ok
18:33:13.0574 0x0a20 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:33:13.0598 0x0a20 volmgrx - ok
18:33:13.0625 0x0a20 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:33:13.0647 0x0a20 volsnap - ok
18:33:13.0690 0x0a20 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
18:33:13.0702 0x0a20 vpnva - ok
18:33:13.0743 0x0a20 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:33:13.0760 0x0a20 vsmraid - ok
18:33:13.0860 0x0a20 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:33:13.0958 0x0a20 VSS - ok
18:33:13.0976 0x0a20 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:33:13.0992 0x0a20 vwifibus - ok
18:33:14.0006 0x0a20 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:33:14.0042 0x0a20 vwififlt - ok
18:33:14.0065 0x0a20 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:33:14.0099 0x0a20 vwifimp - ok
18:33:14.0142 0x0a20 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:33:14.0212 0x0a20 W32Time - ok
18:33:14.0259 0x0a20 [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
18:33:14.0271 0x0a20 WacHidRouter - ok
18:33:14.0311 0x0a20 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:33:14.0340 0x0a20 WacomPen - ok
18:33:14.0381 0x0a20 [ 1042B08B4336EF3CE34E09435BB33A4A, A42B447B4A9B364BAE329F75D36A906999E8CB754F1B10DE322B6611FF9764F7 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
18:33:14.0398 0x0a20 wacomrouterfilter - ok
18:33:14.0426 0x0a20 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:33:14.0477 0x0a20 WANARP - ok
18:33:14.0482 0x0a20 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:33:14.0522 0x0a20 Wanarpv6 - ok
18:33:14.0673 0x0a20 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:33:14.0724 0x0a20 WatAdminSvc - ok
18:33:14.0805 0x0a20 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:33:14.0888 0x0a20 wbengine - ok
18:33:14.0917 0x0a20 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:33:14.0943 0x0a20 WbioSrvc - ok
18:33:14.0986 0x0a20 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:33:15.0031 0x0a20 wcncsvc - ok
18:33:15.0053 0x0a20 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:33:15.0069 0x0a20 WcsPlugInService - ok
18:33:15.0091 0x0a20 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:33:15.0102 0x0a20 Wd - ok
18:33:15.0178 0x0a20 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:33:15.0218 0x0a20 Wdf01000 - ok
18:33:15.0254 0x0a20 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:33:15.0286 0x0a20 WdiServiceHost - ok
18:33:15.0291 0x0a20 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:33:15.0308 0x0a20 WdiSystemHost - ok
18:33:15.0367 0x0a20 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
18:33:15.0414 0x0a20 WebClient - ok
18:33:15.0450 0x0a20 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:33:15.0519 0x0a20 Wecsvc - ok
18:33:15.0540 0x0a20 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:33:15.0603 0x0a20 wercplsupport - ok
18:33:15.0648 0x0a20 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:33:15.0692 0x0a20 WerSvc - ok
18:33:15.0730 0x0a20 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:33:15.0770 0x0a20 WfpLwf - ok
18:33:15.0830 0x0a20 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
18:33:15.0864 0x0a20 WimFltr - ok
18:33:15.0891 0x0a20 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:33:15.0903 0x0a20 WIMMount - ok
18:33:15.0921 0x0a20 WinDefend - ok
18:33:15.0942 0x0a20 WinHttpAutoProxySvc - ok
18:33:16.0015 0x0a20 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:33:16.0088 0x0a20 Winmgmt - ok
18:33:16.0219 0x0a20 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
18:33:16.0324 0x0a20 WinRM - ok
18:33:16.0370 0x0a20 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:33:16.0388 0x0a20 WinUsb - ok
18:33:16.0448 0x0a20 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:33:16.0499 0x0a20 Wlansvc - ok
18:33:16.0565 0x0a20 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:33:16.0587 0x0a20 wlcrasvc - ok
18:33:16.0774 0x0a20 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:33:16.0856 0x0a20 wlidsvc - ok
18:33:16.0885 0x0a20 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:33:16.0911 0x0a20 WmiAcpi - ok
18:33:16.0948 0x0a20 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:33:16.0982 0x0a20 wmiApSrv - ok
18:33:17.0027 0x0a20 WMPNetworkSvc - ok
18:33:17.0062 0x0a20 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:33:17.0107 0x0a20 WPCSvc - ok
18:33:17.0131 0x0a20 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:33:17.0152 0x0a20 WPDBusEnum - ok
18:33:17.0169 0x0a20 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:33:17.0228 0x0a20 ws2ifsl - ok
18:33:17.0260 0x0a20 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:33:17.0305 0x0a20 wscsvc - ok
18:33:17.0309 0x0a20 WSearch - ok
18:33:17.0444 0x0a20 [ CD16EB55F78AB1C92A0711F92B04B570, 387FCC84DD142AF66E15871F9D9EF67096EDFBECC6DEB9A8FB75A09168737723 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
18:33:17.0476 0x0a20 WTabletServiceCon - ok
18:33:17.0625 0x0a20 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
18:33:17.0732 0x0a20 wuauserv - ok
18:33:17.0776 0x0a20 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:33:17.0791 0x0a20 WudfPf - ok
18:33:17.0817 0x0a20 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:33:17.0835 0x0a20 WUDFRd - ok
18:33:17.0862 0x0a20 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:33:17.0878 0x0a20 wudfsvc - ok
18:33:17.0917 0x0a20 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:33:17.0952 0x0a20 WwanSvc - ok
18:33:17.0987 0x0a20 ================ Scan global ===============================
18:33:18.0029 0x0a20 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:33:18.0087 0x0a20 [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
18:33:18.0119 0x0a20 [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
18:33:18.0160 0x0a20 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:33:18.0223 0x0a20 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:33:18.0238 0x0a20 [ Global ] - ok
18:33:18.0238 0x0a20 ================ Scan MBR ==================================
18:33:18.0254 0x0a20 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:33:18.0693 0x0a20 \Device\Harddisk0\DR0 - ok
18:33:18.0694 0x0a20 ================ Scan VBR ==================================
18:33:18.0719 0x0a20 [ 60D74EEEEB33B8FCE1FD1B9636E0AB86 ] \Device\Harddisk0\DR0\Partition1
18:33:18.0723 0x0a20 \Device\Harddisk0\DR0\Partition1 - ok
18:33:18.0752 0x0a20 [ 4FAB1603501CA528BFA8299DB74F025F ] \Device\Harddisk0\DR0\Partition2
18:33:18.0756 0x0a20 \Device\Harddisk0\DR0\Partition2 - ok
18:33:18.0757 0x0a20 ================ Scan generic autorun ======================
18:33:18.0757 0x0a20 ETDWare - ok
18:33:18.0817 0x0a20 [ 4490896F4491FD5F1BE601BA9C8245BD, 53709493AFDDE795A08F5E54FCF210479304B998522A06054AA9FAF514C8F1C6 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
18:33:18.0854 0x0a20 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
18:33:18.0969 0x0a20 Detect skipped due to KSN trusted
18:33:18.0969 0x0a20 AmIcoSinglun64 - ok
18:33:18.0974 0x0a20 IntelTBRunOnce - ok
18:33:19.0021 0x0a20 [ 70D2D88F5301B21488708A1F1A263D4F, 1F9B7617757A13C1E6CEE94F4714AE58CD087E550883AFE125E4C9BE379008F6 ] C:\Windows\system32\igfxtray.exe
18:33:19.0047 0x0a20 IgfxTray - ok
18:33:19.0076 0x0a20 [ 68B83F92E02584FF5CB7B80CACDC8C24, 3457D61A7F15C2EE508203A93AE0171AA153EB5A6FF671556387B1965AA07F0E ] C:\Windows\system32\hkcmd.exe
18:33:19.0097 0x0a20 HotKeysCmds - ok
18:33:19.0127 0x0a20 [ 2AC55814155D090E84EB8188F73CDBA7, B4D49C2E8AE191901D38CA32C58B390F7735F60E17B080B061C3347E504AE188 ] C:\Windows\system32\igfxpers.exe
18:33:19.0150 0x0a20 Persistence - ok
18:33:19.0278 0x0a20 [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:33:19.0303 0x0a20 AdobeAAMUpdater-1.0 - ok
18:33:19.0459 0x0a20 [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
18:33:19.0566 0x0a20 CanonMyPrinter - ok
18:33:19.0749 0x0a20 [ C8627BEAE8BDBB826FB7C0DF57892E7C, 06FCBCE4DCA251F2A29B890FFA24BD001985EF5A314740D94C5CBCF81509DEDF ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
18:33:19.0867 0x0a20 HDAudDeck - ok
18:33:19.0978 0x0a20 [ 79A3B950988F8D2B81906D0C0473158B, 7D9EDB4F9A4800D31C103CF2BBC93C0F5F31888E93E899C43EC5984B4807C3D8 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
18:33:20.0004 0x0a20 ATKMEDIA - ok
18:33:20.0064 0x0a20 [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
18:33:20.0090 0x0a20 HControlUser - ok
18:33:20.0232 0x0a20 [ FD22B00049F775E952371E9C3DAC631B, CBC3BF5DBF3E0D5EA4095F9FE90D8688D43BEF352B657D5EF5D843267ED35388 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
18:33:20.0315 0x0a20 Wireless Console 3 - detected UnsignedFile.Multi.Generic ( 1 )
18:33:20.0425 0x0a20 Detect skipped due to KSN trusted
18:33:20.0425 0x0a20 Wireless Console 3 - ok
18:33:20.0430 0x0a20 StopDefragment - ok
18:33:20.0528 0x0a20 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
18:33:20.0551 0x0a20 UpdateLBPShortCut - ok
18:33:20.0626 0x0a20 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
18:33:20.0648 0x0a20 UpdateP2GoShortCut - ok
18:33:20.0782 0x0a20 [ 00AB2B491C7037BB219BEB26FAD34C72, 95EDBBE07EB85EEE1376252AA975BAA61235C80FC03036357BD4786E5D6B9703 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
18:33:20.0849 0x0a20 CanonSolutionMenuEx - ok
18:33:20.0949 0x0a20 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:33:21.0017 0x0a20 Sidebar - ok
18:33:21.0042 0x0a20 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:33:21.0074 0x0a20 mctadmin - ok
18:33:21.0135 0x0a20 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:33:21.0186 0x0a20 Sidebar - ok
18:33:21.0208 0x0a20 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:33:21.0229 0x0a20 mctadmin - ok
18:33:21.0307 0x0a20 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:33:21.0357 0x0a20 Sidebar - ok
18:33:21.0375 0x0a20 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:33:21.0396 0x0a20 mctadmin - ok
18:33:21.0545 0x0a20 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe
18:33:21.0568 0x0a20 Google Update - ok
18:33:21.0641 0x0a20 NIRegistrationWizard - ok
18:33:21.0677 0x0a20 Skype - ok
18:33:21.0682 0x0a20 Waiting for KSN requests completion. In queue: 113
18:33:22.0739 0x0a20 Win FW state via NFP2: enabled ( trusted )
18:33:22.0862 0x0a20 ============================================================
18:33:22.0862 0x0a20 Scan finished
18:33:22.0862 0x0a20 ============================================================
18:33:22.0883 0x0db0 Detected object count: 1
18:33:22.0883 0x0db0 Actual detected object count: 1
18:35:09.0285 0x0db0 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user
18:35:09.0286 0x0db0 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.11.2016, 22:02
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.11.2016, 21:45
| #6 |
| | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt Beim nachschauen ob AdwCleaner noch vorhanden ist, habe ich gemerkt, dass sich ältere Dateien in der Quarantäne befinden. Über jetzige AdwCleaner Version kann ich diese nicht verwalten. AdwCleaner Log: Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 13/11/2016 um 21:05:25
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-13.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Cel - IRA2
# Gestartet von : C:\Users\Cel\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.alias" - "mystartsearch"
[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.iconURL" - "hxxp://www.mystartsearch.com/favicon.ico"
[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.name" - "mystartsearch"
[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.url" - "hxxp://www.mystartsearch.com/web/?type=ds&ts=1423142878&from=smt&uid=HitachiXHTS543232A7A384_E2434243K671PKK671PKX&q={searchTerms}"
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [2817 Bytes] - [04/01/2016 04:51:15]
C:\AdwCleaner\AdwCleaner[C2].txt - [1527 Bytes] - [13/11/2016 21:05:25]
C:\AdwCleaner\AdwCleaner[S1].txt - [2609 Bytes] - [04/01/2016 04:45:24]
C:\AdwCleaner\AdwCleaner[S2].txt - [711 Bytes] - [04/01/2016 04:55:13]
C:\AdwCleaner\AdwCleaner[S3].txt - [2244 Bytes] - [13/11/2016 21:03:58]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1818 Bytes] ##########
Code:
ATTFilter C:\ProgramData\Partner\debug.log->C:\AdwCleaner\Quarantine\C\ProgramData\Partner\debug.log.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download and Sa\Download and Sa.lnk->C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Download and Sa\Download and Sa.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download and Sa\Uninstall.lnk->C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\Download and Sa\Uninstall.lnk.vir
C:\Users\Cel\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll->C:\AdwCleaner\Quarantine\C\Users\Cel\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll.vir
C:\Users\Cel\AppData\Local\Temp\OCS\ocs_v71a.exe->C:\AdwCleaner\Quarantine\C\Users\Cel\AppData\Local\Temp\OCS\ocs_v71a.exe.vir
C:\Users\Cel\AppData\Local\Temp\OCS\wdhkenqlfdxqymqf.dat->C:\AdwCleaner\Quarantine\C\Users\Cel\AppData\Local\Temp\OCS\wdhkenqlfdxqymqf.dat.vir
JRT log file: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64
Ran by Cel (Administrator) on 13.11.2016 at 21:28:00,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 33
Successfully deleted: C:\Users\Cel\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MY2V380 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MU7YDDW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LO4Q4JV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C3UR2VPY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EBPBMYXC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQK7U2P8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJREORYN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0KTHMCM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6IYNG56 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WX1O6G2O (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3CYF7R0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YY58FAXQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MY2V380 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MU7YDDW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9LO4Q4JV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C3UR2VPY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EBPBMYXC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQK7U2P8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJREORYN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0KTHMCM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6IYNG56 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WX1O6G2O (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3CYF7R0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YY58FAXQ (Temporary Internet Files Folder)
Deleted the following from C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default\prefs.js
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, smt);
user_pref(browser.search.searchengine.uid, HitachiXHTS543232A7A384_E2434243K671PKK671PKX);
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.11.2016 at 21:32:44,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
13.11.2016, 22:48
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.11.2016, 22:55
| #8 |
| | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt FRST file: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
durchgeführt von Cel (Administrator) auf IRA2 (13-11-2016 22:49:48)
Gestartet von C:\Users\Cel\Desktop
Geladene Profile: UpdatusUser & Cel (Verfügbare Profile: UpdatusUser & Cel & Timba)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3037808 2011-05-12] (VIA)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [StopDefragment] => Install\StopDefragment.exe
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Run: [Google Update] => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc.)
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Run: [NIRegistrationWizard] => D:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1031
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\MountPoints2: {206bbce5-ad38-11e4-9e59-742f683d34fd} - E:\autorun.exe
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [145408 2013-06-14] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{5875688E-489D-4FDF-9BBF-2D4BB8963D23}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{EC018F6B-62B4-4D5F-B524-123AEEABE859}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-03-01] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll [2010-11-26] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll => Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-26] (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default [2016-11-07]
FF Extension: (Ghostery) - C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default\Extensions\firefox@ghostery.com.xpi [2016-06-11]
FF Extension: (NoScript) - C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-06-11]
FF Extension: (Adblock Plus) - C:\Users\Cel\AppData\Roaming\Mozilla\Firefox\Profiles\gpa9bu0d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-20] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-03-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-26] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll [2012-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll [2012-02-03] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin HKU\S-1-5-21-3318948826-2183189698-3215584185-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3318948826-2183189698-3215584185-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3318948826-2183189698-3215584185-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3318948826-2183189698-3215584185-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default [2015-04-07]
CHR Extension: (Adblock Plus) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Ghostery) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-05]
CHR Extension: (NotScripts) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn [2014-01-28]
CHR Profile: C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-13]
CHR Extension: (Google Präsentationen) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-07]
CHR Extension: (Google Docs) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07]
CHR Extension: (Google Drive) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Google-Suche) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Tabellen) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-07]
CHR Extension: (Google Docs Offline) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Ghostery) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-10-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\Cel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
StartMenuInternet: Google Chrome.DV3TY6PAKHB5U4QJW2P2RK4QD4 - C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [52896 2010-11-26] (Atheros Commnucations) [Datei ist nicht signiert]
S4 GoogleDesktopManager; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [1838592 2013-06-14] (Google) [Datei ist nicht signiert]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-05-09] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
S4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [X]
S3 OpcEnum; C:\Windows\SysWOW64\OpcEnum.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp; C:\EEK\bin64\epp.sys [116944 2016-06-30] (Emsisoft Ltd)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] ()
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-01-28] (Cisco Systems, Inc.)
U0 aswVmm; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-13 22:49 - 2016-11-13 22:49 - 00000000 ____D C:\Users\Cel\Desktop\FRST-OlderVersion
2016-11-13 21:32 - 2016-11-13 21:32 - 00006308 _____ C:\Users\Cel\Desktop\JRT.txt
2016-11-13 21:25 - 2016-11-13 21:25 - 01631928 _____ (Malwarebytes) C:\Users\Cel\Desktop\JRT.exe
2016-11-13 20:50 - 2016-11-13 20:51 - 03910208 _____ C:\Users\Cel\Desktop\AdwCleaner_6.030.exe
2016-11-12 18:31 - 2016-11-12 18:40 - 00212928 _____ C:\TDSSKiller.3.1.0.12_12.11.2016_18.31.22_log.txt
2016-11-12 17:02 - 2016-11-12 18:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-12 16:59 - 2016-11-12 18:17 - 00000000 ____D C:\Users\Cel\Desktop\mbar
2016-11-12 07:43 - 2016-11-12 07:43 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Cel\Desktop\mbar-1.09.3.1001.exe
2016-11-12 07:43 - 2016-11-12 07:43 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Cel\Desktop\tdsskiller.exe
2016-11-09 12:24 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 12:24 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 12:24 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 12:24 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 12:24 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 12:24 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 12:24 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 12:24 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 12:24 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 12:24 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 12:24 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 12:24 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 12:24 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-09 12:24 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-09 12:24 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-09 12:24 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-09 12:24 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-09 12:24 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 12:24 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-09 12:24 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 12:24 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-09 12:24 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-09 12:24 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-09 12:24 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 12:24 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-09 12:24 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-09 12:24 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-09 12:24 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 12:24 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 12:24 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-09 12:24 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 12:24 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 12:24 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-09 12:24 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-09 12:24 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 12:24 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 12:24 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-09 12:24 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 12:24 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 12:24 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 12:24 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 12:24 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-09 12:24 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 12:24 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 12:24 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 12:24 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 12:24 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 12:24 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 12:24 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-09 12:24 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-09 12:24 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-09 12:24 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 12:24 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-09 12:24 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 12:24 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 12:24 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-09 12:24 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-09 12:24 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-09 12:24 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 12:24 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-09 12:24 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 12:24 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-09 12:24 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-09 12:24 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-09 12:24 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-09 12:24 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 12:24 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 12:24 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-09 12:24 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 12:24 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 12:24 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 12:24 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 12:24 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-09 12:24 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 12:24 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 12:24 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 12:24 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 12:24 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 12:24 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 12:24 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 12:24 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 12:24 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 12:24 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 12:24 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 12:24 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 12:24 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 12:24 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 12:24 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 12:24 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 12:24 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 12:24 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 12:24 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 12:24 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 12:24 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 12:24 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 12:24 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 12:24 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 12:24 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 12:24 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 12:24 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 12:24 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 12:24 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 12:24 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 12:24 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 12:24 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 12:24 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 12:24 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 12:24 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 12:24 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 12:24 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 12:24 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-09 12:24 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-09 12:24 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 12:24 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-09 12:24 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-09 12:24 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-09 12:24 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-09 12:24 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 12:24 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 12:24 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 12:24 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-09 12:24 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-09 12:24 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-09 12:24 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 12:24 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 12:24 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 12:24 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-09 12:24 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-09 12:24 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-09 12:24 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-09 12:24 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-09 12:24 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-09 12:24 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-09 12:24 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-09 12:24 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-09 12:24 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-09 12:24 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-09 12:24 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-09 12:24 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 12:24 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-09 12:24 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 12:24 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-09 12:24 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-09 12:24 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-09 12:24 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 12:24 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-09 12:24 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-02 21:04 - 2016-11-02 21:04 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-11-02 21:04 - 2016-11-02 21:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-02 21:04 - 2016-11-02 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-11-02 21:00 - 2016-11-02 21:00 - 43760768 _____ (Skype Technologies S.A.) C:\Users\Cel\Downloads\SkypeSetupFull (1).exe
2016-11-02 20:56 - 2016-11-12 18:27 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-02 20:56 - 2016-11-12 17:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-02 20:56 - 2016-11-02 20:56 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-11-02 20:56 - 2016-11-02 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-11-02 20:56 - 2016-11-02 20:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-11-02 20:56 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-02 20:56 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-02 20:52 - 2016-11-02 20:53 - 22851472 _____ (Malwarebytes ) C:\Users\Cel\Downloads\mbam-setup-2.2.1.1043 (2).exe
2016-11-01 21:49 - 2016-11-01 21:50 - 00000000 ____D C:\Users\Timba\AppData\Roaming\WTablet
2016-11-01 19:07 - 2016-11-01 19:08 - 00073664 _____ C:\Users\Cel\Desktop\Addition.txt
2016-11-01 19:06 - 2016-11-13 22:51 - 00019790 _____ C:\Users\Cel\Desktop\FRST.txt
2016-11-01 18:46 - 2016-11-01 18:46 - 00002595 _____ C:\Users\Public\Desktop\Scene Switch.lnk
2016-11-01 18:46 - 2016-11-01 18:46 - 00000000 ____D C:\Users\Cel\Documents\ASUS
2016-11-01 14:42 - 2016-11-01 14:43 - 00000000 ____D C:\Users\Cel\Desktop\report2
2016-11-01 14:22 - 2016-11-01 14:22 - 00000000 ____D C:\Users\Cel\Desktop\report
2016-11-01 14:17 - 2016-11-01 14:17 - 22851472 _____ (Malwarebytes ) C:\Users\Cel\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-11-01 13:43 - 2016-11-01 14:40 - 00073499 _____ C:\Users\Cel\Downloads\Addition.txt
2016-11-01 13:41 - 2016-11-01 14:40 - 00071061 _____ C:\Users\Cel\Downloads\FRST.txt
2016-11-01 13:40 - 2016-11-13 22:49 - 02411520 _____ (Farbar) C:\Users\Cel\Desktop\FRST64.exe
2016-11-01 13:40 - 2016-11-13 22:49 - 00000000 ____D C:\FRST
2016-11-01 12:49 - 2016-11-04 00:24 - 00000000 ____D C:\EEK
2016-11-01 12:48 - 2016-11-01 12:48 - 259371000 _____ C:\Users\Cel\Downloads\EmsisoftEmergencyKit.exe
2016-11-01 12:26 - 2016-11-01 12:26 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-11-01 12:26 - 2016-11-01 12:26 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-01 12:25 - 2016-11-01 12:38 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-01 12:23 - 2016-11-01 12:23 - 06253536 _____ (AVAST Software) C:\Users\Cel\Downloads\avast123_free_antivirus_setup_online.exe
2016-11-01 11:51 - 2016-11-01 11:51 - 22851472 _____ (Malwarebytes ) C:\Users\Cel\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-31 19:25 - 2016-10-31 19:25 - 00136363 _____ C:\Users\Cel\Downloads\AnaIV10.pdf
2016-10-30 22:44 - 2016-10-30 22:47 - 00000000 ____D C:\Users\Cel\Downloads\MfP3
2016-10-26 14:04 - 2016-10-26 14:04 - 00001771 _____ C:\Users\Cel\Desktop\Pokémon Trading Card Game Online.lnk
2016-10-26 14:04 - 2016-10-26 14:04 - 00000000 ____D C:\Users\Cel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2016-10-26 14:04 - 2016-10-26 14:04 - 00000000 ____D C:\Program Files (x86)\PokeGame
2016-10-25 19:02 - 2016-10-25 19:02 - 00000000 ____D C:\Users\Cel\Tracing
2016-10-25 18:57 - 2016-10-25 18:58 - 43762816 _____ (Skype Technologies S.A.) C:\Users\Cel\Downloads\SkypeSetupFull.exe
2016-10-16 21:56 - 2016-10-16 22:00 - 341096448 _____ C:\Users\Cel\Downloads\PokemonInstaller.msi
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-13 22:32 - 2012-11-09 23:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-13 21:56 - 2011-04-13 03:33 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-13 21:53 - 2012-09-20 14:38 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001UA.job
2016-11-13 21:27 - 2011-11-26 14:14 - 00000000 ____D C:\Users\Cel\AppData\Roaming\Skype
2016-11-13 21:16 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-13 21:16 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-13 21:08 - 2011-04-13 03:33 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-13 21:06 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-13 21:05 - 2016-01-04 04:45 - 00000000 ____D C:\AdwCleaner
2016-11-13 20:42 - 2014-03-02 13:53 - 00000000 ____D C:\Users\Cel\AppData\Local\Battle.net
2016-11-13 20:15 - 2014-03-02 13:53 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-11-13 15:41 - 2011-11-26 15:08 - 00000000 ____D C:\Users\Cel\AppData\Local\Adobe
2016-11-13 15:31 - 2011-11-22 18:56 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2016-11-12 16:57 - 2016-04-27 01:00 - 00000000 ____D C:\Users\Cel\Desktop\Neuer Ordner
2016-11-12 15:44 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-12 07:31 - 2013-05-11 11:43 - 00001456 _____ C:\Users\Cel\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-11-10 12:55 - 2012-09-20 14:38 - 00002358 _____ C:\Users\Cel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-09 18:00 - 2011-02-19 05:24 - 00711094 _____ C:\Windows\system32\perfh007.dat
2016-11-09 18:00 - 2011-02-19 05:24 - 00153542 _____ C:\Windows\system32\perfc007.dat
2016-11-09 18:00 - 2009-07-14 06:13 - 01651444 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-09 18:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-09 13:06 - 2009-07-14 05:45 - 04914552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-09 12:37 - 2013-08-14 20:51 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 12:27 - 2011-11-26 13:52 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-09 12:00 - 2014-12-25 21:08 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-06 02:36 - 2015-11-11 22:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-02 21:04 - 2011-11-26 14:14 - 00000000 ____D C:\ProgramData\Skype
2016-11-01 21:49 - 2012-11-24 14:53 - 00066648 _____ C:\Users\Timba\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-01 18:46 - 2011-07-09 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2016-11-01 14:04 - 2015-02-05 14:40 - 00000000 ____D C:\ProgramData\National Instruments
2016-11-01 09:53 - 2012-09-20 14:38 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001Core.job
2016-10-28 12:21 - 2011-11-22 19:01 - 00000000 ____D C:\Users\Cel\AppData\Local\Google
2016-10-26 16:29 - 2011-11-27 14:14 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-26 14:04 - 2016-06-17 17:14 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-10-25 19:02 - 2014-03-10 09:40 - 00000000 ____D C:\Users\Cel\AppData\Local\Skype
2016-10-25 19:02 - 2011-11-22 18:55 - 00000000 ____D C:\Users\Cel
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-09-09 01:12 - 2016-07-01 21:36 - 0000132 _____ () C:\Users\Cel\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2011-12-09 19:36 - 2012-01-15 22:13 - 0000132 _____ () C:\Users\Cel\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-05-16 14:11 - 2016-05-16 14:27 - 0001935 _____ () C:\Users\Cel\AppData\Roaming\gnuplot_history
2013-05-11 11:43 - 2016-11-12 07:31 - 0001456 _____ () C:\Users\Cel\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-01-18 21:38 - 2015-01-18 21:38 - 0003390 _____ () C:\Users\Cel\AppData\Local\recently-used.xbel
2013-01-05 07:44 - 2015-05-01 14:06 - 0007623 _____ () C:\Users\Cel\AppData\Local\Resmon.ResmonCfg
2011-04-13 03:48 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-07-09 07:31 - 2011-07-09 07:31 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-07-09 07:31 - 2011-07-09 07:31 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Einige Dateien in TEMP:
====================
C:\Users\Cel\AppData\Local\Temp\binkw32.dll
C:\Users\Cel\AppData\Local\Temp\contentDATs.exe
C:\Users\Cel\AppData\Local\Temp\Core.dll
C:\Users\Cel\AppData\Local\Temp\d2l_Install.exe
C:\Users\Cel\AppData\Local\Temp\d2l_PlayD2.exe
C:\Users\Cel\AppData\Local\Temp\dbghelp.dll
C:\Users\Cel\AppData\Local\Temp\Engine.dll
C:\Users\Cel\AppData\Local\Temp\FastDownload.exe
C:\Users\Cel\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Cel\AppData\Local\Temp\IFC23.dll
C:\Users\Cel\AppData\Local\Temp\InstallAX.exe
C:\Users\Cel\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Cel\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Cel\AppData\Local\Temp\MSVCR71.dll
C:\Users\Cel\AppData\Local\Temp\ogg.dll
C:\Users\Cel\AppData\Local\Temp\recycle.exe
C:\Users\Cel\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Cel\AppData\Local\Temp\SIntf16.dll
C:\Users\Cel\AppData\Local\Temp\SIntf32.dll
C:\Users\Cel\AppData\Local\Temp\SIntfNT.dll
C:\Users\Cel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Cel\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Cel\AppData\Local\Temp\uninstall.exe
C:\Users\Cel\AppData\Local\Temp\vorbis.dll
C:\Users\Cel\AppData\Local\Temp\vorbisfile.dll
C:\Users\Cel\AppData\Local\Temp\Window.dll
C:\Users\Cel\AppData\Local\Temp\_is5BA8.exe
C:\Users\Cel\AppData\Local\Temp\_isC60C.exe
C:\Users\Timba\AppData\Local\Temp\SecurityScan_Release.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-05 10:25
==================== Ende von FRST.txt ============================
|
|
13.11.2016, 22:56
| #9 |
| | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt Addition file: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von Cel (13-11-2016 22:52:07)
Gestartet von C:\Users\Cel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-11-22 17:55:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3318948826-2183189698-3215584185-500 - Administrator - Disabled)
Cel (S-1-5-21-3318948826-2183189698-3215584185-1001 - Administrator - Enabled) => C:\Users\Cel
Gast (S-1-5-21-3318948826-2183189698-3215584185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3318948826-2183189698-3215584185-1006 - Limited - Enabled)
Timba (S-1-5-21-3318948826-2183189698-3215584185-1004 - Limited - Enabled) => C:\Users\Timba
UpdatusUser (S-1-5-21-3318948826-2183189698-3215584185-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B001064C-D061-4BAE-9031-416A838D5536}) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.42 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.45 - Atheros Communications)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.0.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Data Lifeguard Diagnostic for Windows (HKLM-x32\...\{75B61CF0-B8A8-46E2-8709-C4A79898AC1D}) (Version: 1.17 - Western Digital Corporation)
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.8 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
gnuplot 4.6.6 (HKLM\...\{AB419AC3-9BC1-4EC5-A75B-4D8870DD651F}_is1) (Version: 4.6.6 - gnuplot development team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 17.0.963.78 - Google Inc.)
Google Chrome (HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.99 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
ImageJ 1.48v (HKLM\...\ImageJ_is1) (Version: - NIH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 7 Update 3 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417003FF}) (Version: 7.0.30 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Memeo AutoSync (HKLM-x32\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version: - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version: - NCsoft)
NVIDIA Graphics Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.36 - VIA Technologies, Inc.) Hidden
Pokémon Trading Card Game Online (HKLM-x32\...\{2C962E04-B2C1-4698-AE6C-1D338EA60E93}) (Version: 2.39.0 - The Pokémon Company International)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
PyQt4 - PyQwt5 5.2.1-5 (HKLM-x32\...\PyQt4 - PyQwt5 5.2.1-5) (Version: 5.2.1-5 - pythonxy.com)
PyQt4 - QtHelp 4.8.4-2 (HKLM-x32\...\PyQt4 - QtHelp 4.8.4-2) (Version: 4.8.4-2 - pythonxy.com)
Python 2.7 - babel 0.9.6-1 (HKLM-x32\...\Python 2.7 - babel 0.9.6-1) (Version: 0.9.6-1 - pythonxy)
Python 2.7 - base_libraries 1.1.0-5 (HKLM-x32\...\Python 2.7 - base_libraries 1.1.0-5) (Version: 1.1.0-5 - pythonxy)
Python 2.7 - base_python 1.3.0-5 (HKLM-x32\...\Python 2.7 - base_python 1.3.0-5) (Version: 1.3.0-5 - pythonxy)
Python 2.7 - bottleneck 0.6.0-1 (HKLM-x32\...\Python 2.7 - bottleneck 0.6.0-1) (Version: 0.6.0-1 - pythonxy)
Python 2.7 - cffi 0.5.0-2 (HKLM-x32\...\Python 2.7 - cffi 0.5.0-2) (Version: 0.5.0-2 - pythonxy)
Python 2.7 - cx_Freeze 4.3.1-1 (HKLM-x32\...\Python 2.7 - cx_Freeze 4.3.1-1) (Version: 4.3.1-1 - pythonxy.com)
Python 2.7 - distribute 0.6.45-8 (HKLM-x32\...\Python 2.7 - distribute 0.6.45-8) (Version: 0.6.45-8 - pythonxy)
Python 2.7 - docutils 0.10-1 (HKLM-x32\...\Python 2.7 - docutils 0.10-1) (Version: 0.10-1 - pythonxy.com)
Python 2.7 - EnthoughtToolSuite 4.3.0-2 (HKLM-x32\...\Python 2.7 - EnthoughtToolSuite 4.3.0-2) (Version: 4.3.0-2 - hxxp://pythonxy.googlecode.com)
Python 2.7 - formlayout 1.0.13-2 (HKLM-x32\...\Python 2.7 - formlayout 1.0.13-2) (Version: 1.0.13-2 - pythonxy)
Python 2.7 - freeimage 3.5.14-2 (HKLM-x32\...\Python 2.7 - freeimage 3.5.14-2) (Version: 3.5.14-2 - pythonxy.com)
Python 2.7 - gevent 1.0.0-1 (HKLM-x32\...\Python 2.7 - gevent 1.0.0-1) (Version: 1.0.0-1 - pythonxy.com)
Python 2.7 - Gnuplot 1.8.0.3 (HKLM-x32\...\Python 2.7 - Gnuplot 1.8.0.3) (Version: 1.8.0.3 - pythonxy.com)
Python 2.7 - guidata 1.6.1-2 (HKLM-x32\...\Python 2.7 - guidata 1.6.1-2) (Version: 1.6.1-2 - pythonxy)
Python 2.7 - guiqwt 2.3.1-3 (HKLM-x32\...\Python 2.7 - guiqwt 2.3.1-3) (Version: 2.3.1-3 - pythonxy)
Python 2.7 - h5py 2.1.3-2 (HKLM-x32\...\Python 2.7 - h5py 2.1.3-2) (Version: 2.1.3-2 - pythonxy)
Python 2.7 - IPython 0.13.2-2 (HKLM-x32\...\Python 2.7 - IPython 0.13.2-2) (Version: 0.13.2-2 - pythonxy)
Python 2.7 - jinja2 2.7-1 (HKLM-x32\...\Python 2.7 - jinja2 2.7-1) (Version: 2.7-1 - pythonxy)
Python 2.7 - lxml 3.2.0-5 (HKLM-x32\...\Python 2.7 - lxml 3.2.0-5) (Version: 3.2.0-5 - pythonxy)
Python 2.7 - mahotas 0.99-4 (HKLM-x32\...\Python 2.7 - mahotas 0.99-4) (Version: 0.99-4 - pythonxy)
Python 2.7 - matplotlib 1.2.1-1 (HKLM-x32\...\Python 2.7 - matplotlib 1.2.1-1) (Version: 1.2.1-1 - pythonxy)
Python 2.7 - nose 1.3.0-1 (HKLM-x32\...\Python 2.7 - nose 1.3.0-1) (Version: 1.3.0-1 - pythonxy)
Python 2.7 - numexpr 2.1-1 (HKLM-x32\...\Python 2.7 - numexpr 2.1-1) (Version: 2.1-1 - pythonxy)
Python 2.7 - numpy 1.7.1-2 (HKLM-x32\...\Python 2.7 - numpy 1.7.1-2) (Version: 1.7.1-2 - pythonxy)
Python 2.7 - pandas 0.11.0-6 (HKLM-x32\...\Python 2.7 - pandas 0.11.0-6) (Version: 0.11.0-6 - pythonxy)
Python 2.7 - paramiko 1.10.1-1 (HKLM-x32\...\Python 2.7 - paramiko 1.10.1-1) (Version: 1.10.1-1 - pythonxy)
Python 2.7 - PIL 2.0.0-1 (HKLM-x32\...\Python 2.7 - PIL 2.0.0-1) (Version: 2.0.0-1 - pythonxy)
Python 2.7 - pip 1.3.1-2 (HKLM-x32\...\Python 2.7 - pip 1.3.1-2) (Version: 1.3.1-2 - pythonxy.com)
Python 2.7 - ply 3.4 (HKLM-x32\...\Python 2.7 - ply 3.4) (Version: 3.4 - pythonxy.com)
Python 2.7 - psutil 0.7.1-2 (HKLM-x32\...\Python 2.7 - psutil 0.7.1-2) (Version: 0.7.1-2 - pythonxy)
Python 2.7 - py2exe 0.6.9 (HKLM-x32\...\Python 2.7 - py2exe 0.6.9) (Version: 0.6.9 - pythonxy.com)
Python 2.7 - pycparser 2.90.1-1 (HKLM-x32\...\Python 2.7 - pycparser 2.90.1-1) (Version: 2.90.1-1 - pythonxy.com)
Python 2.7 - pycrypto 2.6-1 (HKLM-x32\...\Python 2.7 - pycrypto 2.6-1) (Version: 2.6-1 - pythonxy)
Python 2.7 - pyfits 3.1.1-1 (HKLM-x32\...\Python 2.7 - pyfits 3.1.1-1) (Version: 3.1.1-1 - pythonxy.com)
Python 2.7 - pygments 1.6-1 (HKLM-x32\...\Python 2.7 - pygments 1.6-1) (Version: 1.6-1 - pythonxy.com)
Python 2.7 - PyICU 1.5-1 (HKLM-x32\...\Python 2.7 - PyICU 1.5-1) (Version: 1.5-1 - pythonxy.com)
Python 2.7 - pylint 0.28.0-5 (HKLM-x32\...\Python 2.7 - pylint 0.28.0-5) (Version: 0.28.0-5 - pythonxy)
Python 2.7 - PyOpenGL 3.0.2-2 (HKLM-x32\...\Python 2.7 - PyOpenGL 3.0.2-2) (Version: 3.0.2-2 - pythonxy)
Python 2.7 - PyQt4 4.9.6-3 (HKLM-x32\...\Python 2.7 - PyQt4 4.9.6-3) (Version: 4.9.6-3 - pythonxy.com)
Python 2.7 - pyreadline 2.0-1 (HKLM-x32\...\Python 2.7 - pyreadline 2.0-1) (Version: 2.0-1 - pythonxy)
Python 2.7 - pytables 2.4.0 (HKLM-x32\...\Python 2.7 - pytables 2.4.0) (Version: 2.4.0 - pythonxy.com)
Python 2.7 - pywin32 218-1 (HKLM-x32\...\Python 2.7 - pywin32 218-1) (Version: 218-1 - pythonxy.com)
Python 2.7 - pyzmq 13.1.0-5 (HKLM-x32\...\Python 2.7 - pyzmq 13.1.0-5) (Version: 13.1.0-5 - pythonxy)
Python 2.7 - reportlab 2.7-1 (HKLM-x32\...\Python 2.7 - reportlab 2.7-1) (Version: 2.7-1 - pythonxy)
Python 2.7 - scipy 0.12.0-1 (HKLM-x32\...\Python 2.7 - scipy 0.12.0-1) (Version: 0.12.0-1 - pythonxy)
Python 2.7 - sphinx 1.1.3.1 (HKLM-x32\...\Python 2.7 - sphinx 1.1.3.1) (Version: 1.1.3.1 - pythonxy.com)
Python 2.7 - spyder 2.2.0-5 (HKLM-x32\...\Python 2.7 - spyder 2.2.0-5) (Version: 2.2.0-5 - pythonxy)
Python 2.7 - sqlalchemy 0.8.1-5 (HKLM-x32\...\Python 2.7 - sqlalchemy 0.8.1-5) (Version: 0.8.1-5 - pythonxy)
Python 2.7 - tornado 3.0.1-2 (HKLM-x32\...\Python 2.7 - tornado 3.0.1-2) (Version: 3.0.1-2 - pythonxy)
Python 2.7 - veusz 1.17.1-3 (HKLM-x32\...\Python 2.7 - veusz 1.17.1-3) (Version: 1.17.1-3 - pythonxy)
Python 2.7 - virtualenv 1.9.1-3 (HKLM-x32\...\Python 2.7 - virtualenv 1.9.1-3) (Version: 1.9.1-3 - pythonxy.com)
Python 2.7 - vitables 2.1.0.3 (HKLM-x32\...\Python 2.7 - vitables 2.1.0.3) (Version: 2.1.0.3 - pythonxy.com)
Python 2.7 - vtk 5.10.1-1 (HKLM-x32\...\Python 2.7 - vtk 5.10.1-1) (Version: 5.10.1-1 - pythonxy)
Python 2.7 - wxPython 2.8.12.1-1 (HKLM-x32\...\Python 2.7 - wxPython 2.8.12.1-1) (Version: 2.8.12.1-1 - pythonxy)
Python 2.7 - xy 1.3.1-3 (HKLM-x32\...\Python 2.7 - xy 1.3.1-3) (Version: 1.3.1-3 - hxxp://pythonxy.googlecode.com)
Python 2.7.5 (x32 Version: 2.7.5150 - Python Software Foundation) Hidden
Python(x,y) - console 2.0.148-8 (HKLM-x32\...\Python(x,y) - console 2.0.148-8) (Version: 2.0.148-8 - pythonxy.com)
Python(x,y) - mingw 4.5.2.3 (HKLM-x32\...\Python(x,y) - mingw 4.5.2.3) (Version: 4.5.2.3 - pythonxy.com)
Python(x,y) - SciTE 3.3.2-3 (HKLM-x32\...\Python(x,y) - SciTE 3.3.2-3) (Version: 3.3.2-3 - pythonxy)
Python(x,y) - xydoc 1.0.5.1 (HKLM-x32\...\Python(x,y) - xydoc 1.0.5.1) (Version: 1.0.5.1 - pythonxy.com)
Python(x,y) (HKLM-x32\...\Python(x,y)) (Version: 2.7.5.0 - Python(x,y))
QtiPlot 0.9.9-rc6 (HKLM\...\QtiPlot_is1) (Version: - Ion Vasilief)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SNS-HDR Pro v1.4.22 (HKLM\...\SNS-HDR Pro_is1) (Version: - Sebastian Nibisz)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
TeX Live 2014 (HKLM-x32\...\TeXLive2014) (Version: 2014 - )
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
The Photographer's Ephemeris (HKLM-x32\...\Flexrise.9F3FBFC56E7DF11606748B3513468A7A7FB809D1.1) (Version: 1.1.1 - UNKNOWN)
The Photographer's Ephemeris (x32 Version: 1.1.1 - UNKNOWN) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
Warhammer 40,000: Dawn Of War - Gold Edition (HKLM-x32\...\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}) (Version: 1.51 - THQ)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Cel\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\ooofilt_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3318948826-2183189698-3215584185-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Cel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01D5A7A4-5EE6-45D6-8DBE-5182C0D36E54} - System32\Tasks\AdobeAAMUpdater-1.0-Ira2-Timba => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {16B33B23-FAA5-4229-A32A-98436229EBEE} - System32\Tasks\AdobeAAMUpdater-1.0-Ira2-Cel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {27BC4578-4391-429D-B23B-3CB3926C5AB3} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {4E5ED7A2-1CD2-4D52-BDA7-A505B4892425} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20] (Adobe Systems Incorporated)
Task: {5928A2DE-F6E2-443B-AB47-C532F144977B} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-11-10] (ASUS)
Task: {5ADCFF04-6CCD-410D-923A-B5DF5471A858} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-11-01] (AVAST Software)
Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {77BD2382-42A0-4D14-B3F5-5BFEA51C060D} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-12] ()
Task: {82B69EBA-AF10-442F-BE48-C7576555D48A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {8D2E83BC-2435-478A-BDB8-E2F830517607} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {A9F54FD1-7702-4E7A-A864-18D73B6711E5} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {AF5B7AC3-7DF3-47BB-BE9C-B31FDCDC71C1} - System32\Tasks\{2F399389-4DE6-4C22-8BDC-012C53538E2E} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {C9B2C724-B823-4F6E-929F-AC7D32ACDD5F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001UA => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {F15B09C8-A5D5-451D-BA77-12156FB65268} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001Core => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {F233F6A6-F986-459B-A88C-2AED6D4352A3} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001Core.job => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3318948826-2183189698-3215584185-1001UA.job => C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-10 12:55 - 2016-11-08 21:29 - 01819240 _____ () C:\Users\Cel\AppData\Local\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-10 12:55 - 2016-11-08 21:29 - 00093288 _____ () C:\Users\Cel\AppData\Local\Google\Chrome\Application\54.0.2840.99\libegl.dll
2015-12-02 17:58 - 2015-11-16 19:32 - 00919040 _____ () C:\Windows\mod_frst.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:gs5sys [2560]
AlternateDataStreams: C:\Users\All Users:gs5sys [2560]
AlternateDataStreams: C:\Users\Cel:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Temp:3E7393FC [120]
AlternateDataStreams: C:\ProgramData\Temp:52DBE86F [141]
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63 [133]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Anwendungsdaten:gs5sys [1792]
AlternateDataStreams: C:\Users\Cel\Cookies:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Lokale Einstellungen:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Vorlagen:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\AppData\Roaming:gs5sys [1792]
AlternateDataStreams: C:\Users\Cel\AppData\Local\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\Cel\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Users\Timba\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\Cookies:gs5sys [1792]
AlternateDataStreams: C:\Users\Timba\Lokale Einstellungen:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\Vorlagen:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\AppData\Local\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\Timba\Documents\desktop.ini:gs5sys [3074]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3318948826-2183189698-3215584185-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fsssvc => 3
MSCONFIG\Services: GoogleDesktopManager => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Cel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Memeo AutoSync => C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{50D76052-134E-46DB-AF8E-63827F883C0F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}] => (Allow) LPort=2869
FirewallRules: [{B827E1C7-5A7A-484C-9653-2FE388A8B888}] => (Allow) LPort=1900
FirewallRules: [{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}] => (Allow) LPort=5353
FirewallRules: [{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}] => (Allow) LPort=8182
FirewallRules: [{FED1FC28-F56F-4C3B-8B26-ED8A9D399D15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E0484D80-9ADE-4363-AC52-C40B6C461ADA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7AC4AB0C-3DFB-4FA9-BEB6-E2FC3FD190CB}] => (Allow) C:\Users\Cel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9A2261A0-75B8-49F7-9002-C0F9F711A0D0}] => (Allow) C:\Users\Cel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{3A2CA2BD-959C-40CD-820F-68732E7344E2}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{DEC81975-466B-47A2-90E9-295D014DC09F}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{3B3F9CBF-7738-4386-86EC-C20B5CB47798}C:\users\cel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\cel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{AF7E16B5-CFD4-4839-BD7A-F3DBD8674FCC}C:\users\cel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\cel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0C0EBE63-CAED-4ED5-AFF6-6340ECF65F36}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [UDP Query User{08B5F222-3C0F-4A47-ADF6-DF8E56FE0270}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [{C3F84B40-22FD-47EE-9037-4064D6F57B0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{54FF1FAF-1F93-4A4A-9383-2B80D4EF1C38}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{78A3A9FB-D7A5-4A81-A2A5-38FD0E862EB0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{7184A63B-41A2-4BCA-9AFB-38950D6F66CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe
FirewallRules: [{95807503-325C-416E-919A-FA343B3426C2}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{207432C9-17BF-43D5-84CA-7F3C9CC56A1D}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{43CD4628-84C9-4617-9D07-8A3BA58E6F20}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39E3EBF0-095C-4A2B-B14B-46665EFB57C6}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0A02F083-E5C5-4746-84E8-26DAFEF4FB17}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{7E797BA3-9F6F-4345-A1BB-C5B9D04E8DBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe
FirewallRules: [{F8F6FBDD-EF89-4444-8CA1-B13BC1166857}] => (Allow) C:\Diablo III\Diablo III.exe
FirewallRules: [{7BBDDBB3-261A-4180-B9F8-9EBBC61616C4}] => (Allow) C:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{9AE58A58-709E-40FB-AC79-D52545C7A3D9}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{97CEF59C-4DAE-4C53-ABF8-B24C6D28302D}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{EA0340F7-6B34-44C4-9727-B1C374CF1D2F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{0EECE465-29F5-4BE1-85AD-42DF3CCD4A31}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B95F542A-2F75-460B-92CA-6CDA94AFA40C}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{81BB230B-D8A0-4514-852B-45DFBC75BAF9}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{235FF395-FF99-47D3-998D-4D35E925BE5F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B76D2254-D130-4FFF-8D30-1FA860AC5125}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{D96E8C0A-52EC-4145-AFFE-106B66D9656B}] => (Allow) D:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{24798290-8F76-4DE7-9DF8-94A159DF0869}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{08B00A40-6619-4E8E-BA7C-1CE7482B1D17}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B1586537-2217-4953-9241-53A8D40EA666}D:\lan games\valve\hl.exe] => (Allow) D:\lan games\valve\hl.exe
FirewallRules: [UDP Query User{627A91CB-33BA-4AB5-AB44-42EA8314B591}D:\lan games\valve\hl.exe] => (Allow) D:\lan games\valve\hl.exe
FirewallRules: [TCP Query User{A0D887AC-E08E-4460-B871-E5028CFA2A82}D:\lan games\valve\hl.exe] => (Allow) D:\lan games\valve\hl.exe
FirewallRules: [UDP Query User{90DC3973-C450-4A80-A933-0997159203AF}D:\lan games\valve\hl.exe] => (Allow) D:\lan games\valve\hl.exe
FirewallRules: [TCP Query User{CA591BA1-12D4-4556-8513-E7346F298B16}D:\lan games\call of duty 2(unmodifiziert)\cod2mp_s.exe] => (Allow) D:\lan games\call of duty 2(unmodifiziert)\cod2mp_s.exe
FirewallRules: [UDP Query User{F0BDAC1E-B131-4825-8967-7BF7823D8607}D:\lan games\call of duty 2(unmodifiziert)\cod2mp_s.exe] => (Allow) D:\lan games\call of duty 2(unmodifiziert)\cod2mp_s.exe
FirewallRules: [TCP Query User{B4E31010-5831-45A0-9E50-BCE9BD6D5296}D:\lan games\serious sam\bin\serioussam.exe] => (Allow) D:\lan games\serious sam\bin\serioussam.exe
FirewallRules: [UDP Query User{0FACCF2C-4FA7-4566-966B-A39FC7095443}D:\lan games\serious sam\bin\serioussam.exe] => (Allow) D:\lan games\serious sam\bin\serioussam.exe
FirewallRules: [TCP Query User{16598008-8DC7-4BB2-A804-2440AB955A00}D:\lan games\left for dead 2\left4dead2.exe] => (Allow) D:\lan games\left for dead 2\left4dead2.exe
FirewallRules: [UDP Query User{F91376B0-90DE-43B2-87CD-6A1DF99A7035}D:\lan games\left for dead 2\left4dead2.exe] => (Allow) D:\lan games\left for dead 2\left4dead2.exe
FirewallRules: [{997680EB-876A-4B43-9187-E7C3161B8FBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{2AC1C873-C04E-4E96-9EC4-25D3854013FB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{2A83EF70-CACB-4208-876A-6DA5610273E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{05D4E010-0475-4C29-9F29-9906EACBA7E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [TCP Query User{54CF9A82-65FA-4C1B-A1D3-014AB5EDCE75}D:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) D:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{D2A7FBC1-7BA6-4DDE-A42F-E13209A1087C}D:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) D:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{E38833B2-CAFE-4388-8D79-C0059930D20A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C367F679-9404-45D8-8028-EA4F7A9ACF36}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{EDB351D0-716E-4D02-AF30-8F521BF7604D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{291F7567-5DA5-4897-BDFD-28B6E8B9808D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{001B5C0A-F766-43B0-BE54-1370B5479761}] => (Allow) F:\GAMES\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{B6F39FED-4283-400C-A23F-5D733FD16BA3}] => (Allow) F:\GAMES\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{065F712D-8EA0-4EB8-96F2-17C3EDC18163}] => (Allow) F:\GAMES\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{2C6F7B4C-8E95-484C-9CA3-9CEEB3848D24}] => (Allow) F:\GAMES\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{9639C0A5-5F19-4DB9-A5FA-E711AAE0FD48}] => (Allow) F:\GAMES\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{640602EC-B55F-4F1D-A656-2E5808AB2DD1}] => (Allow) F:\GAMES\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{AA3D1449-6149-4FD9-B4C2-BE72EEB2036E}] => (Allow) F:\GAMES\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D9525AB8-0391-402F-ABDB-EE28C0EAE5D6}] => (Allow) F:\GAMES\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{E9C6733E-9CC1-49F2-9F10-1AB539F0EFCB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{630C9084-89BB-46DD-AB02-F3ABEED06DB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{CB7C2DD0-51B4-4E86-BD5C-536F0866F202}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{72A5BBB0-C69C-431D-97FC-AA4A71762E18}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{2F44C744-8188-4706-A2A4-C57C25E7FB90}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{912258F3-2FB4-4142-82D9-7C3B8D05281B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{910B6A40-2CCA-432A-AF28-2D9C6A9882E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{5DC87795-DC29-468C-87CE-00CF37C5B11D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E1AFA14C-C1A5-443A-B8C3-62E6D28087D0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{B23C1CEB-6163-4DFC-B6CC-1639537B7E4F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{AF39C1ED-D4B2-4DE6-BBAD-E4AB84B9A6F0}D:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{4B8FB3A9-AD2F-484A-AF6D-9CA352052BC9}D:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{DCBB6479-86C1-4B52-9966-2C6DD8B60C1A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{80C69812-5F55-477D-8F73-36B6019968B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{5CFE2DF1-2599-4BFD-A575-33667DED0F76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{EF141A72-352F-41D3-AC01-6FDE2C35DC78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{D6E57FDC-3616-472C-B596-634630DA5E2C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{435577DA-004E-4419-AB04-6BA94D94B4B6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F96680E7-9F86-4FE3-A32B-E0898EFD230A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{03E6E309-9D20-40B2-AC71-5E6996F76A47}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{73287D78-6200-4CE4-8D4B-0B1C2BDCAE74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{D770DC2F-C2E2-44D3-9F9C-3D3F26B9C532}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{DFC86F79-654C-4C09-8EE5-CC5EACC798ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{80E2A420-646B-4080-86DE-54D337B7C73D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{DE848CC5-A9F0-41C8-AB37-A0E8E3DF73C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{6504B097-D983-44BA-9090-0602C7749CBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{8912D763-E0B5-48B2-9DAA-5AA798AFB77B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{11FA025A-7DA8-454E-873A-5CFA3AE5CF23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{8421811C-06E4-4985-9A78-1799CD8D87AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C39E0353-FB30-4AA5-AEBE-3BECA28A2731}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C66C4A29-7855-44D4-BC8A-49CFF32003AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{E7A6CEFF-0C9C-4696-BAD7-4C53BA810F00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{3874F974-BEAD-4924-8C8C-3C885B1E1A69}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{28FA3F39-5D3E-4AE3-95F1-C9E2A6478C58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{D51123BB-DCE5-46F9-B1EA-C6D06A3B3DBB}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{B9E9F2BC-DFB4-4795-B9CB-C230C2F066AA}C:\program files (x86)\diablo iii\diablo iii.exe] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{73B2E4E3-D353-4EC6-B2F3-92D69CA23512}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{F1B9102E-949E-46B4-9D98-82753AF9302D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{FA6D9E90-3387-45EE-8C36-A65939FD1DA4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{43E5FBE6-1F18-419E-B78E-DE8C59A7B7E4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{2784BBDA-4751-4842-B06C-DEE32B6207FD}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E13EB274-9EDF-4055-9D30-901E056CFE19}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39BE90F2-D7CC-455A-85B1-3C421F3148EF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{932A3869-82E5-4CBD-9086-D513361032D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{1336B3B3-72C2-4368-BECE-39D9B8728893}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{4ACB12DF-5D65-4F05-9F49-E68F8E1EF680}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{C4E201CF-D7DA-4C72-A14F-EB0B60A82C14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{C68BB9E7-E38F-4ABE-9754-E8CE83644B84}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{BC4FAC5E-61C0-4ADF-A9CF-E22E31D39C67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{44D17A72-4D71-4DC6-89BD-BF44871324C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{6A4B6142-A671-4B7C-9C25-1A68992CB224}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{03E444FB-3834-4DD6-AF73-992C6812D332}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{256835AE-B2D1-46D5-BA19-D8580B8D2DF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{AA0645EB-9830-421A-8EEE-BA2D2363BF45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{C0A8B3DC-514F-42B8-94B6-130DC1E1013F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{0AE44207-107B-4FBB-B6C1-19069C074A61}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{91545EE3-63D9-46B3-8564-004D31FF3D36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B32A3F01-0E38-4252-9853-14409CC25B57}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{E1FA80EF-0B59-40D9-BF13-83C7C6C9DD49}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{DAFA4F86-916D-4BCE-8528-5B3D4388D146}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{487FBAE5-68D0-497E-BB71-E7E92988F187}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{FB276E18-BEE5-4710-AC08-D13AFC14966D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{E845B059-EB7C-450E-8C22-16A8EE9EAFDD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{AD495F60-2208-49E3-9036-6E64E55A22DC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{C029993C-3A84-474E-9DD8-FCD0FBF15BAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{C2BDD343-56EC-4B62-94A0-49B82B1EF8FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{E2D645AF-D939-4A33-950D-710766C89BA0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{EC7D4CCC-88CF-4732-914C-E2AD7A8DEF8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{0D60B663-E25A-421C-9E96-34E93111D6E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{E7F49941-F47D-4331-B826-D7E9CBD6C7D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{7173D924-F532-48C3-8DC2-6EB46CF667E4}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BCC8C44D-56C6-4023-96F6-82FE65EA1A5B}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{27A880E5-F7DB-421D-9F50-AA75C3D719DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{2CE1796C-8060-4A3B-9364-3E1D8FCEF323}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1DCCBB09-D52A-40ED-9CC5-4838502CD247}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{804BDDA8-0EAA-42C1-9B6A-611AC190E819}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{75C9E25A-4EFC-47B5-8321-46A0E9112986}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{D5D30D7F-C437-43A5-9364-07430563AAAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{CE609E0C-CE4F-4551-9E68-6B02A9EF75D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{670794AD-A579-4F88-BF1F-B42155BB2C25}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{5CAEAD05-A4B8-4E23-8D28-83328162F460}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{052E1539-9E56-4853-8CB2-038C0F5F8ED0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7663DF67-5872-495A-9C52-14D4E1C4DF6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{191EC9BA-91B2-4454-95A8-4308143B900B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9ECF4816-6BB8-40D2-A958-A4E1C3FAE8F6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{1CE58FBF-A286-461D-AFA3-EBE5EB1A21D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{07088C5B-C129-4A70-88F8-3865216B734F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{30A02051-D094-4FCA-8EA1-903A7BF39F77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{FF461AF5-7754-4618-B74F-30BFE2F008B5}D:\program files\imagej\imagej.exe] => (Allow) D:\program files\imagej\imagej.exe
FirewallRules: [UDP Query User{5D11F3DD-8E8C-4F5A-B912-1093BD261F53}D:\program files\imagej\imagej.exe] => (Allow) D:\program files\imagej\imagej.exe
FirewallRules: [{797E5B6D-5278-4E93-BF29-0680DE7CC45A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{53718755-3097-4A1E-8DA4-CF057EF98F70}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A2C36EBA-C811-46CD-93D5-9EC77EB66982}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{8AC5625D-7C28-4D7E-9910-D3E61F7D0F0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{863E0B3C-B21A-4B19-A815-194941B9B174}] => (Allow) D:\Diablo III\Diablo III.exe
FirewallRules: [{834513DC-69D9-443B-A9AC-EC8422FD6349}] => (Allow) D:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{D7099B15-63F3-4D6E-9259-3C5C5570AD5A}D:\program files\imagej\imagej.exe] => (Block) D:\program files\imagej\imagej.exe
FirewallRules: [UDP Query User{51C92E19-DB0F-4416-A09D-1C0120994C52}D:\program files\imagej\imagej.exe] => (Block) D:\program files\imagej\imagej.exe
FirewallRules: [TCP Query User{AD95A7BE-0B44-4FA0-BDF3-630D42CA926B}C:\users\cel\downloads\tiberiansun_online\cncnet5.exe] => (Allow) C:\users\cel\downloads\tiberiansun_online\cncnet5.exe
FirewallRules: [UDP Query User{6922C823-441D-4F00-A477-821028CE8FE8}C:\users\cel\downloads\tiberiansun_online\cncnet5.exe] => (Allow) C:\users\cel\downloads\tiberiansun_online\cncnet5.exe
FirewallRules: [TCP Query User{7BEA7A76-C61F-401E-9824-D559FDFFAFC9}C:\users\cel\downloads\tiberiansun_online\ts-spawn.exe] => (Allow) C:\users\cel\downloads\tiberiansun_online\ts-spawn.exe
FirewallRules: [UDP Query User{B1860600-676E-41F8-876B-C4208272B9F6}C:\users\cel\downloads\tiberiansun_online\ts-spawn.exe] => (Allow) C:\users\cel\downloads\tiberiansun_online\ts-spawn.exe
FirewallRules: [TCP Query User{6F61D4E5-5C44-4BDE-AEEA-746870608C30}C:\users\cel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\cel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6DC69B71-5C53-4343-A78B-C5028A39A838}C:\users\cel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\cel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{78180CAE-D74A-49F2-B105-C9A004AF04C8}D:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{99F39B98-8131-4474-B824-6DC619108901}D:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4B9DC810-9DF2-46F5-ADF0-BEFB9CBDF93F}D:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5B66006C-8A79-45AD-9F52-F8DAE353B3A0}D:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E6244335-96B9-4868-BE5A-8527278673F8}D:\diablo iii public test\diablo iii.exe] => (Allow) D:\diablo iii public test\diablo iii.exe
FirewallRules: [UDP Query User{D18B8548-F5F9-44F2-881C-FC1800F02E2B}D:\diablo iii public test\diablo iii.exe] => (Allow) D:\diablo iii public test\diablo iii.exe
FirewallRules: [{4E30F4CC-8F6A-41F6-AED6-89594164D398}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{60166383-59E0-40C4-B432-20B52E879D70}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{15FB2FD8-415B-42B4-B87A-3FF9C1AB3CDF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4C680598-5C8D-47A7-86F6-80D34E3342CE}] => (Allow) C:\Users\Cel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
02-11-2016 21:01:12 Removed Skype™ 7.29
04-11-2016 13:13:27 Windows Update
09-11-2016 12:25:12 Windows Update
13-11-2016 21:28:03 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB2.0 UVC VGA WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Slimtype DVD A DS8A5SH
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Description: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/01/2016 12:32:29 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "/", file "d:/program files (x86)/national instruments/shared/ni webserver/www/": Can't access URL .
Error: (11/01/2016 12:27:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/01/2016 11:47:28 AM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (11/01/2016 11:47:28 AM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/31/2016 06:18:42 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/31/2016 06:18:42 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/30/2016 02:04:59 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/30/2016 02:04:59 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: 404 "Not Found" for "national instruments/ninetworkdiscovery", file "d:/program files (x86)/national instruments/shared/ni webserver/www/national instruments/ninetworkdiscovery": Can't access URL .
Error: (10/26/2016 01:58:51 PM) (Source: MsiInstaller) (EventID: 11606) (User: Ira2)
Description: Produkt: Pokémon Trading Card Game Online -- Fehler 1606. Zugriff auf die Netzwerkadresse Property.USER_PROFILE war nicht möglich.
Error: (10/26/2016 01:58:50 PM) (Source: MsiInstaller) (EventID: 11606) (User: Ira2)
Description: Produkt: Pokémon Trading Card Game Online -- Fehler 1606. Zugriff auf die Netzwerkadresse Property.USER_PROFILE war nicht möglich.
Systemfehler:
=============
Error: (11/13/2016 09:29:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Driver Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/13/2016 09:06:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
PxHlpa64
Error: (11/13/2016 09:05:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (11/13/2016 09:05:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/13/2016 09:05:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/13/2016 09:05:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/13/2016 09:05:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/13/2016 09:05:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Turbo Boost Technology Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/13/2016 09:05:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AtherosSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/13/2016 09:05:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8104.16 MB
Verfügbarer physikalischer RAM: 6057.17 MB
Summe virtueller Speicher: 16206.5 MB
Verfügbarer virtueller Speicher: 14139.62 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:125.03 GB) (Free:32.32 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:148.06 GB) (Free:79.83 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 38601C96)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
13.11.2016, 23:04
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.11.2016, 23:19
| #11 |
| | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt frst fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von Cel (13-11-2016 23:13:48) Run:1
Gestartet von C:\Users\Cel\Desktop
Geladene Profile: UpdatusUser & Cel (Verfügbare Profile: UpdatusUser & Cel & Timba)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
emptytemp:
*****************
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 175129136 B
Java, Flash, Steam htmlcache => 30552984 B
Windows/system/drivers => 2240823858 B
Edge => 0 B
Chrome => 1196861705 B
Firefox => 186351740 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42337105 B
systemprofile32 => 71446 B
LocalService => 0 B
NetworkService => 450290 B
UpdatusUser => 0 B
Cel => 781409795 B
Timba => 15266592 B
RecycleBin => 156568 B
EmptyTemp: => 4.4 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 23:14:27 ====
|
|
14.11.2016, 00:08
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.11.2016, 20:18
| #13 |
| | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt mbam Scan file: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 14.11.2016 Suchlaufzeit: 15:41 Protokolldatei: mbamScanFile.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.11.14.06 Rootkit-Datenbank: v2016.10.31.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Cel Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 380632 Abgelaufene Zeit: 45 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) hat auf 3 objekte angesprochen. Eines davon aus alten AdwCleaner Quarantäne, wie behandle ich den Quarantäne Ordner fachgerecht? Edit: Wird wie bereits einmal erwähnt nicht mit dem neusten Download des AdwCleaner im Menü der Quarantäne Verwaltung angezeigt. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4eefd8336978904693865c2a75f2dc89
# end=init
# utc_time=2016-11-14 03:32:17
# local_time=2016-11-14 04:32:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31405
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4eefd8336978904693865c2a75f2dc89
# end=updated
# utc_time=2016-11-14 03:35:07
# local_time=2016-11-14 04:35:07 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4eefd8336978904693865c2a75f2dc89
# engine=31405
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-11-14 06:49:25
# local_time=2016-11-14 07:49:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 79875 230779215 0 0
# scanned=455661
# found=3
# cleaned=0
# scan_time=11657
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Cel\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=4759543B3ED7F32B3987F8DCCE1F95F94134E268 ft=1 fh=93e398a40953e8c9 vn="Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{5981F887-8476-D20D-E4F4-804B5DAD09FA}\_Setupx.dll"
sh=4759543B3ED7F32B3987F8DCCE1F95F94134E268 ft=1 fh=93e398a40953e8c9 vn="Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{5981F887-8476-D20D-E4F4-804B5DAD09FA}\_Setupx.dll"
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Python 2.7 - spyder 2.2.0-5
Java(TM) 6 Update 29
Java version 32-bit out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 17.0.0.169 Flash Player out of Date!
Mozilla Firefox (40.0.3)
Google Chrome 17.0.963.56 Google Chrome out of date!
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
 |
|
15.11.2016, 11:19
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\InstallMate
C:\Users\All Users\InstallMate
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2016, 19:16
| #15 |
| | Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt fixlog.txt: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von Cel (15-11-2016 19:11:23) Run:2
Gestartet von C:\Users\Cel\Desktop
Geladene Profile: UpdatusUser & Cel (Verfügbare Profile: UpdatusUser & Cel & Timba)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\ProgramData\InstallMate
C:\Users\All Users\InstallMate
emptytemp:
*****************
C:\ProgramData\InstallMate => erfolgreich verschoben
"C:\Users\All Users\InstallMate" => nicht gefunden.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6998461 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5162 B
Edge => 0 B
Chrome => 121289982 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1144 B
UpdatusUser => 0 B
Cel => 6791085 B
Timba => 0 B
RecycleBin => 0 B
EmptyTemp: => 136.8 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 19:11:35 ====
|
|
| Themen zu Emsisoft Emergency Kit, 1 riskohafter Fund. Symptome: möglicherweise Skype-Spam. Berichte auf 2 Beiträge verteilt |
| .dll, administrator, antivirus, avast, defender, explorer, festplatte, flash player, google, home, iexplore.exe, internet, mozilla, nvidia, programm, prozesse, registry, services.exe, software, spam, svchost.exe, system, windows, winlogon.exe, wlan |
Linear-Darstellung
