| |
| |||||||
Log-Analyse und Auswertung: Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähigWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.11.2016, 22:28
| #16 |
 |  Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Hallo, der Speicherfresser ist wieder da, mein Festplattenspeicher hatte gestern noch ca. 45 GB, heute früh 36 GB und jetzt nur noch 0 GB!!! Da kann man Angst kriegen! War ca. 12 Stunden online und wartete auf Antworten. Ich habe nichts installiert und schalte jetzt den Computer aus, bevor alles zu spät ist. mfG Ronald |
|
20.11.2016, 22:36
| #17 |
| /// Malwareteam   | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig ich check nich so wirklich was du hier postest...
__________________Hast du jetzt mal einen "SCAN" auf Malwarebytes durchgeführt oder nicht?? Dann kann ja auch das Log nichts so schwer zu finden sein. Dass du keinen Festplattenspeicher hast, ist ja nicht weiter tragisch eigentlich, geht ja nichts kaputt dadurch. Ich glaube ja fast, dass bei dir einfach das Windows Update kaputt ist... Schritt: 0 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt: 1 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ |
|
21.11.2016, 22:53
| #18 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Hallo Rafael,
__________________komme erst jetzt an den Computer meines Sohnes. Werde versuchen, meinen Computer zu starten und die Dateien auszuführen. Ist die Datei meines letzten Postings (Beitrag 14 vom 17.11.)nicht die von Dir gewünschte Datei?. Bis nachher. mfG Ronald Hallo Rafael,[CODE] da die Dateien zu lang sind, versuch ich es noch mal. Code:
ATTFilter 19:35:08.0984 0x1764 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
19:35:18.0325 0x1764 ============================================================
19:35:18.0325 0x1764 Current date / time: 2016/11/21 19:35:18.0325
19:35:18.0325 0x1764 SystemInfo:
19:35:18.0325 0x1764
19:35:18.0325 0x1764 OS Version: 6.1.7601 ServicePack: 1.0
19:35:18.0325 0x1764 Product type: Workstation
19:35:18.0325 0x1764 ComputerName: RONALDARNO-PC
19:35:18.0325 0x1764 UserName: Ronald Brauer
19:35:18.0325 0x1764 Windows directory: C:\Windows
19:35:18.0325 0x1764 System windows directory: C:\Windows
19:35:18.0325 0x1764 Running under WOW64
19:35:18.0325 0x1764 Processor architecture: Intel x64
19:35:18.0325 0x1764 Number of processors: 4
19:35:18.0325 0x1764 Page size: 0x1000
19:35:18.0325 0x1764 Boot type: Normal boot
19:35:18.0325 0x1764 CodeIntegrityOptions = 0x00000001
19:35:18.0325 0x1764 ============================================================
19:35:24.0637 0x1764 KLMD registered as C:\Windows\system32\drivers\13417694.sys
19:35:24.0637 0x1764 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23569, osProperties = 0x1
19:35:26.0287 0x1764 System UUID: {11D8AEFE-EC40-D22B-A494-5B07DBD22A7B}
19:35:29.0198 0x1764 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:35:29.0228 0x1764 Drive \Device\Harddisk1\DR2 - Size: 0xEA6000000 ( 58.59 Gb ), SectorSize: 0x200, Cylinders: 0x1DE0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:35:29.0238 0x1764 ============================================================
19:35:29.0238 0x1764 \Device\Harddisk0\DR0:
19:35:29.0248 0x1764 MBR partitions:
19:35:29.0248 0x1764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82
19:35:29.0248 0x1764 \Device\Harddisk1\DR2:
19:35:29.0248 0x1764 MBR partitions:
19:35:29.0248 0x1764 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x80, BlocksNum 0x752FF80
19:35:29.0248 0x1764 ============================================================
19:35:29.0428 0x1764 C: <-> \Device\Harddisk0\DR0\Partition1
19:35:29.0428 0x1764 ============================================================
19:35:29.0428 0x1764 Initialize success
19:35:29.0428 0x1764 ============================================================
19:35:52.0800 0x1274 ============================================================
19:35:52.0800 0x1274 Scan started
19:35:52.0800 0x1274 Mode: Manual; SigCheck; TDLFS;
19:35:52.0800 0x1274 ============================================================
19:35:52.0800 0x1274 KSN ping started
19:35:53.0320 0x1274 KSN ping finished: false
19:35:56.0800 0x1274 ================ Scan system memory ========================
19:35:56.0800 0x1274 System memory - ok
19:35:56.0810 0x1274 ================ Scan services =============================
19:35:57.0301 0x1274 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:35:57.0671 0x1274 1394ohci - ok
19:35:57.0771 0x1274 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:35:57.0781 0x1274 ACPI - ok
19:35:57.0861 0x1274 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:35:57.0921 0x1274 AcpiPmi - ok
19:35:58.0221 0x1274 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:35:58.0231 0x1274 AdobeARMservice - ok
19:35:58.0651 0x1274 [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:35:58.0661 0x1274 AdobeFlashPlayerUpdateSvc - ok
19:35:58.0851 0x1274 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:35:58.0871 0x1274 adp94xx - ok
19:35:58.0941 0x1274 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:35:58.0961 0x1274 adpahci - ok
19:35:59.0001 0x1274 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:35:59.0011 0x1274 adpu320 - ok
19:35:59.0061 0x1274 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:35:59.0121 0x1274 AeLookupSvc - ok
19:35:59.0231 0x1274 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
19:35:59.0281 0x1274 AFD - ok
19:35:59.0351 0x1274 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:35:59.0361 0x1274 agp440 - ok
19:35:59.0451 0x1274 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:35:59.0531 0x1274 ALG - ok
19:35:59.0581 0x1274 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:35:59.0591 0x1274 aliide - ok
19:35:59.0741 0x1274 [ 6BF0147A7A924E5A3AE049A95ECC9B34, 129F0E0FD165C66FEAAA9438F91001AD89AEF39CD655FE60973B7E97146A12C6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:35:59.0811 0x1274 AMD External Events Utility - ok
19:35:59.0851 0x1274 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:35:59.0861 0x1274 amdide - ok
19:35:59.0911 0x1274 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:35:59.0941 0x1274 AmdK8 - ok
19:36:00.0041 0x1274 amdkmdag - ok
19:36:00.0111 0x1274 [ 50228D17A34A1E5CF93084A6AE70870B, BF8967C3178F4BC2DF2DDAF272C9598B6E53E6C312B7304D44AC66E3592C63D1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:36:00.0231 0x1274 amdkmdap - ok
19:36:00.0271 0x1274 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:36:00.0311 0x1274 AmdPPM - ok
19:36:00.0381 0x1274 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:36:00.0391 0x1274 amdsata - ok
19:36:00.0421 0x1274 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:36:00.0441 0x1274 amdsbs - ok
19:36:00.0481 0x1274 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:36:00.0491 0x1274 amdxata - ok
19:36:00.0531 0x1274 AntiVirSchedulerService - ok
19:36:00.0551 0x1274 AntiVirService - ok
19:36:00.0551 0x1274 AntiVirWebService - ok
19:36:00.0631 0x1274 [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
19:36:00.0671 0x1274 Apowersoft_AudioDevice - ok
19:36:00.0781 0x1274 [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID C:\Windows\system32\drivers\appid.sys
19:36:00.0811 0x1274 AppID - ok
19:36:00.0901 0x1274 [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:36:00.0951 0x1274 AppIDSvc - ok
19:36:01.0021 0x1274 [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo C:\Windows\System32\appinfo.dll
19:36:01.0071 0x1274 Appinfo - ok
19:36:01.0251 0x1274 [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:36:01.0261 0x1274 Apple Mobile Device - ok
19:36:01.0501 0x1274 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:36:01.0511 0x1274 arc - ok
19:36:01.0601 0x1274 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:36:01.0611 0x1274 arcsas - ok
19:36:02.0071 0x1274 [ A1B24E5CA0F816D3649043E5E30D0B9C, A16D1562C8198169A649060C964437ADD40BC6FFF8BC930D9D37A66C8DFF6CFA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:36:02.0231 0x1274 aspnet_state - ok
19:36:02.0311 0x1274 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:36:02.0361 0x1274 AsyncMac - ok
19:36:02.0421 0x1274 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:36:02.0431 0x1274 atapi - ok
19:36:02.0511 0x1274 [ E265A0DFE19E601D604D469CC53076EE, B6142D9D550C2464336A67DA520C9E56C81ED20529A90A33C22704EE7518C137 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:36:02.0541 0x1274 AtiHDAudioService - ok
19:36:02.0601 0x1274 [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
19:36:02.0641 0x1274 AtiHdmiService - ok
19:36:02.0741 0x1274 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:36:02.0861 0x1274 AudioEndpointBuilder - ok
19:36:02.0901 0x1274 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:36:02.0931 0x1274 AudioSrv - ok
19:36:03.0071 0x1274 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:36:03.0081 0x1274 avgntflt - ok
19:36:03.0101 0x1274 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:36:03.0111 0x1274 avipbb - ok
19:36:03.0131 0x1274 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:36:03.0141 0x1274 avkmgr - ok
19:36:03.0271 0x1274 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
19:36:03.0341 0x1274 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
19:36:03.0401 0x1274 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
19:36:03.0511 0x1274 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
19:36:03.0531 0x1274 avmeject - ok
19:36:03.0551 0x1274 [ 09036D9F85BE6B659D375D2F0BAD0AD2, CCF4D28F60CF8E2B0F781D41F9E9FA84739AC6F948C09203D2498D64222CF990 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
19:36:03.0561 0x1274 avnetflt - ok
19:36:03.0861 0x1274 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
19:36:03.0871 0x1274 AVP16.0.0 - ok
19:36:03.0921 0x1274 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:36:03.0941 0x1274 AxInstSV - ok
19:36:04.0031 0x1274 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:36:04.0111 0x1274 b06bdrv - ok
19:36:04.0181 0x1274 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:36:04.0211 0x1274 b57nd60a - ok
19:36:04.0341 0x1274 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:36:04.0371 0x1274 BDESVC - ok
19:36:04.0411 0x1274 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:36:04.0471 0x1274 Beep - ok
19:36:04.0611 0x1274 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:36:04.0651 0x1274 BFE - ok
19:36:04.0831 0x1274 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:36:05.0142 0x1274 BITS - ok
19:36:05.0212 0x1274 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:36:05.0242 0x1274 blbdrive - ok
19:36:05.0632 0x1274 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:36:05.0642 0x1274 Bonjour Service - ok
19:36:05.0712 0x1274 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:36:05.0752 0x1274 bowser - ok
19:36:05.0882 0x1274 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:36:05.0912 0x1274 BrFiltLo - ok
19:36:05.0942 0x1274 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:36:05.0982 0x1274 BrFiltUp - ok
19:36:06.0052 0x1274 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:36:06.0132 0x1274 BridgeMP - ok
19:36:06.0222 0x1274 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:36:06.0282 0x1274 Browser - ok
19:36:06.0402 0x1274 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:36:06.0412 0x1274 Brserid - ok
19:36:06.0442 0x1274 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:36:06.0462 0x1274 BrSerWdm - ok
19:36:06.0542 0x1274 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:36:06.0572 0x1274 BrUsbMdm - ok
19:36:06.0602 0x1274 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:36:06.0662 0x1274 BrUsbSer - ok
19:36:06.0702 0x1274 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:36:06.0752 0x1274 BTHMODEM - ok
19:36:06.0912 0x1274 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:36:06.0962 0x1274 bthserv - ok
19:36:07.0062 0x1274 catchme - ok
19:36:07.0152 0x1274 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:36:07.0202 0x1274 cdfs - ok
19:36:07.0332 0x1274 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:36:07.0352 0x1274 cdrom - ok
19:36:07.0452 0x1274 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:36:07.0502 0x1274 CertPropSvc - ok
19:36:07.0552 0x1274 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:36:07.0562 0x1274 circlass - ok
19:36:07.0662 0x1274 [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS C:\Windows\system32\CLFS.sys
19:36:07.0672 0x1274 CLFS - ok
19:36:07.0922 0x1274 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:36:07.0952 0x1274 clr_optimization_v2.0.50727_32 - ok
19:36:08.0082 0x1274 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:36:08.0102 0x1274 clr_optimization_v2.0.50727_64 - ok
19:36:08.0422 0x1274 [ 3CB2944297E7A762F9665A63D7876A3C, 696B8D5FD1DC5E662072CBF1C7CD6270B56643802783013C22848E1BB697625D ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:36:09.0032 0x1274 clr_optimization_v4.0.30319_32 - ok
19:36:09.0152 0x1274 [ 418F28441EF2D4DBF67C878DC4F5CA5E, 940FB0F5A06D0570A51364EEC5B7E6E825F10F8EE544CB31FA991DF4357CBBAD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:36:09.0272 0x1274 clr_optimization_v4.0.30319_64 - ok
19:36:09.0342 0x1274 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:36:09.0382 0x1274 CmBatt - ok
19:36:09.0432 0x1274 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:36:09.0442 0x1274 cmdide - ok
19:36:09.0662 0x1274 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
19:36:09.0682 0x1274 cm_km - ok
19:36:09.0882 0x1274 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
19:36:09.0902 0x1274 CNG - ok
19:36:09.0972 0x1274 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:36:09.0972 0x1274 Compbatt - ok
19:36:10.0062 0x1274 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:36:10.0102 0x1274 CompositeBus - ok
19:36:10.0152 0x1274 COMSysApp - ok
19:36:10.0532 0x1274 cpuz130 - ok
19:36:10.0602 0x1274 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:36:10.0612 0x1274 crcdisk - ok
19:36:10.0732 0x1274 [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:36:10.0782 0x1274 CryptSvc - ok
19:36:10.0992 0x1274 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
19:36:11.0032 0x1274 DcomLaunch - ok
19:36:11.0092 0x1274 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:36:11.0132 0x1274 defragsvc - ok
19:36:11.0232 0x1274 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:36:11.0262 0x1274 DfsC - ok
19:36:11.0472 0x1274 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:36:11.0522 0x1274 Dhcp - ok
19:36:11.0872 0x1274 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
19:36:11.0942 0x1274 DiagTrack - ok
19:36:12.0042 0x1274 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:36:12.0092 0x1274 discache - ok
19:36:12.0183 0x1274 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
19:36:12.0193 0x1274 Disk - ok
19:36:12.0293 0x1274 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:36:12.0363 0x1274 Dnscache - ok
19:36:12.0463 0x1274 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:36:12.0513 0x1274 dot3svc - ok
19:36:12.0603 0x1274 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:36:12.0653 0x1274 DPS - ok
19:36:12.0703 0x1274 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:36:12.0743 0x1274 drmkaud - ok
19:36:13.0143 0x1274 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:36:13.0173 0x1274 DXGKrnl - ok
19:36:13.0393 0x1274 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
19:36:13.0423 0x1274 E1G60 - ok
19:36:13.0483 0x1274 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:36:13.0543 0x1274 EapHost - ok
19:36:14.0073 0x1274 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:36:14.0233 0x1274 ebdrv - ok
19:36:14.0263 0x1274 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS C:\Windows\System32\lsass.exe
19:36:14.0303 0x1274 EFS - ok
19:36:14.0623 0x1274 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:36:14.0673 0x1274 ehRecvr - ok
19:36:14.0783 0x1274 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:36:14.0813 0x1274 ehSched - ok
19:36:14.0983 0x1274 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:36:15.0003 0x1274 elxstor - ok
19:36:15.0043 0x1274 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:36:15.0083 0x1274 ErrDev - ok
19:36:15.0213 0x1274 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:36:15.0273 0x1274 EventSystem - ok
19:36:15.0393 0x1274 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:36:15.0433 0x1274 exfat - ok
19:36:15.0473 0x1274 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:36:15.0543 0x1274 fastfat - ok
19:36:15.0673 0x1274 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:36:15.0773 0x1274 Fax - ok
19:36:15.0823 0x1274 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:36:15.0833 0x1274 fdc - ok
19:36:15.0973 0x1274 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:36:16.0033 0x1274 fdPHost - ok
19:36:16.0063 0x1274 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:36:16.0093 0x1274 FDResPub - ok
19:36:16.0213 0x1274 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:36:16.0223 0x1274 FileInfo - ok
19:36:16.0233 0x1274 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:36:16.0283 0x1274 Filetrace - ok
19:36:16.0353 0x1274 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:36:16.0383 0x1274 flpydisk - ok
19:36:16.0463 0x1274 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:36:16.0483 0x1274 FltMgr - ok
19:36:16.0803 0x1274 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
19:36:16.0863 0x1274 FontCache - ok
19:36:16.0963 0x1274 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:36:16.0973 0x1274 FontCache3.0.0.0 - ok
19:36:17.0283 0x1274 [ 82F0F3554CE07CEDB749D79CBC5A599E, 6BD2C14CAAF6299158A1D9A6B639B1D355E883FD8D1D6387EC3A682AF1939654 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
19:36:17.0283 0x1274 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
19:36:17.0283 0x1274 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
19:36:17.0333 0x1274 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:36:17.0343 0x1274 FsDepends - ok
19:36:17.0393 0x1274 [ 53DAB1791917A72738539AD25C4EED7F, 3DE667E8B894EE1A1A814AF2153901AFE2A320BDB3B2A51330D987636B1BC6BE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:36:17.0403 0x1274 fssfltr - ok
19:36:17.0623 0x1274 [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:36:17.0643 0x1274 fsssvc - ok
19:36:17.0703 0x1274 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:36:18.0003 0x1274 Fs_Rec - ok
19:36:18.0143 0x1274 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:36:18.0163 0x1274 fvevol - ok
19:36:18.0343 0x1274 [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
19:36:18.0393 0x1274 fwlanusbn - ok
19:36:18.0423 0x1274 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:36:18.0433 0x1274 gagp30kx - ok
19:36:18.0443 0x1274 gdrv - ok
19:36:18.0543 0x1274 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:36:18.0553 0x1274 GEARAspiWDM - ok
19:36:18.0733 0x1274 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
19:36:18.0763 0x1274 gpsvc - ok
19:36:19.0193 0x1274 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:36:19.0203 0x1274 gupdate - ok
19:36:19.0253 0x1274 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:36:19.0263 0x1274 gupdatem - ok
19:36:19.0353 0x1274 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:36:19.0393 0x1274 hcw85cir - ok
19:36:19.0473 0x1274 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:36:19.0523 0x1274 HdAudAddService - ok
19:36:19.0633 0x1274 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:36:19.0653 0x1274 HDAudBus - ok
19:36:19.0783 0x1274 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:36:19.0793 0x1274 HECIx64 - ok
19:36:19.0813 0x1274 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:36:19.0843 0x1274 HidBatt - ok
19:36:19.0953 0x1274 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:36:19.0993 0x1274 HidBth - ok
19:36:20.0033 0x1274 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:36:20.0063 0x1274 HidIr - ok
19:36:20.0113 0x1274 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
19:36:20.0173 0x1274 hidserv - ok
19:36:20.0253 0x1274 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:36:20.0263 0x1274 HidUsb - ok
19:36:20.0433 0x1274 [ 5CAD2DEBCFD174574EF29588D7D52618, 2DE11C97B745C2AC11E14B9E96C016F86C5EFA8A182FDDAA869488D5EF5BA994 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
19:36:20.0443 0x1274 HitmanProScheduler - ok
19:36:20.0503 0x1274 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:36:20.0553 0x1274 hkmsvc - ok
19:36:20.0653 0x1274 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:36:20.0683 0x1274 HomeGroupListener - ok
19:36:20.0763 0x1274 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:36:20.0823 0x1274 HomeGroupProvider - ok
19:36:20.0913 0x1274 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:36:20.0923 0x1274 HpSAMD - ok
19:36:21.0063 0x1274 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:36:21.0113 0x1274 HTTP - ok
19:36:21.0213 0x1274 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:36:21.0223 0x1274 hwpolicy - ok
19:36:21.0263 0x1274 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:36:21.0283 0x1274 i8042prt - ok
19:36:22.0083 0x1274 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:36:22.0093 0x1274 IAANTMON - ok
19:36:22.0263 0x1274 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:36:22.0283 0x1274 iaStor - ok
19:36:22.0413 0x1274 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:36:22.0433 0x1274 iaStorV - ok
19:36:22.0703 0x1274 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:36:22.0753 0x1274 idsvc - ok
19:36:22.0863 0x1274 IEEtwCollectorService - ok
19:36:22.0993 0x1274 [ E28602C9E17B0DDCE9F5DEB3B3E2A635, 9885A68A3DCE6F047982935B9546DD09FFAA11FE6CC749083ADA0A8ED2383306 ] IGDCTRL C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
19:36:22.0993 0x1274 IGDCTRL - ok
19:36:23.0033 0x1274 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:36:23.0043 0x1274 iirsp - ok
19:36:23.0354 0x1274 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:36:23.0424 0x1274 IKEEXT - ok
19:36:24.0084 0x1274 [ 181E4FF75674A7105ECD0A02C35EF43A, 4316523F23C591B9314DC087256D44F96D2C3543D6F84F3D662C466D744FA86A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:36:24.0134 0x1274 IntcAzAudAddService - ok
19:36:24.0194 0x1274 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:36:24.0204 0x1274 intelide - ok
19:36:24.0284 0x1274 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:36:24.0314 0x1274 intelppm - ok
19:36:24.0364 0x1274 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:36:24.0414 0x1274 IPBusEnum - ok
19:36:24.0454 0x1274 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:36:24.0504 0x1274 IpFilterDriver - ok
19:36:24.0614 0x1274 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:36:24.0634 0x1274 iphlpsvc - ok
19:36:24.0704 0x1274 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:36:24.0724 0x1274 IPMIDRV - ok
19:36:24.0794 0x1274 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:36:24.0844 0x1274 IPNAT - ok
19:36:25.0404 0x1274 [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:36:25.0424 0x1274 iPod Service - ok
19:36:25.0484 0x1274 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:36:25.0514 0x1274 IRENUM - ok
19:36:25.0574 0x1274 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:36:25.0584 0x1274 isapnp - ok
19:36:25.0614 0x1274 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:36:25.0624 0x1274 iScsiPrt - ok
19:36:25.0644 0x1274 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:36:25.0654 0x1274 kbdclass - ok
19:36:25.0714 0x1274 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:36:25.0754 0x1274 kbdhid - ok
19:36:25.0814 0x1274 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso C:\Windows\system32\lsass.exe
19:36:25.0864 0x1274 KeyIso - ok
19:36:26.0204 0x1274 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
19:36:26.0224 0x1274 kl1 - ok
19:36:26.0384 0x1274 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
19:36:26.0394 0x1274 klbackupdisk - ok
19:36:26.0564 0x1274 [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
19:36:26.0584 0x1274 klbackupflt - ok
19:36:26.0844 0x1274 [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
19:36:26.0854 0x1274 kldisk - ok
19:36:27.0024 0x1274 [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
19:36:27.0034 0x1274 klflt - ok
19:36:27.0194 0x1274 [ 84A66A73DD916014D240E9DE8864B84B, B3DB8E168E4B8249C953B05623EEAEEB4ED827BC867760DC8E118C4FE05F70B1 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
19:36:27.0204 0x1274 klhk - ok
19:36:27.0464 0x1274 [ B54F93308794842E37173152CE92F62C, 407C88B2596B753810346D91282E8FD89B031DF15596EDBC41FFDA9949F5F6FC ] KLIF C:\Windows\system32\DRIVERS\klif.sys
19:36:27.0494 0x1274 KLIF - ok
19:36:27.0564 0x1274 [ 4F50FD68F7F1A21AA1F811AF992574E6, 9683A48F454FEB187ED1DC1A14600E250283C9D757DAEBAEF983214916B11830 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
19:36:27.0574 0x1274 KLIM6 - ok
19:36:27.0654 0x1274 [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
19:36:27.0664 0x1274 klkbdflt - ok
19:36:27.0774 0x1274 [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
19:36:27.0784 0x1274 klmouflt - ok
19:36:27.0824 0x1274 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
19:36:27.0834 0x1274 klpd - ok
19:36:27.0934 0x1274 [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
19:36:27.0944 0x1274 kltdi - ok
19:36:28.0034 0x1274 [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
19:36:28.0054 0x1274 Klwtp - ok
19:36:28.0124 0x1274 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
19:36:28.0134 0x1274 kneps - ok
19:36:28.0244 0x1274 [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:36:28.0254 0x1274 KSecDD - ok
19:36:28.0334 0x1274 [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:36:28.0354 0x1274 KSecPkg - ok
19:36:28.0424 0x1274 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:36:28.0444 0x1274 ksthunk - ok
19:36:28.0504 0x1274 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:36:28.0564 0x1274 KtmRm - ok
19:36:28.0704 0x1274 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:36:28.0894 0x1274 LanmanServer - ok
19:36:28.0954 0x1274 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:36:28.0994 0x1274 LanmanWorkstation - ok
19:36:29.0064 0x1274 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:36:29.0144 0x1274 lltdio - ok
19:36:29.0254 0x1274 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:36:29.0304 0x1274 lltdsvc - ok
19:36:29.0344 0x1274 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:36:29.0404 0x1274 lmhosts - ok
19:36:29.0524 0x1274 [ D0E7FF91B52FE9FD2F9522B91F27CB09, 6123B81EA394E81C2CD4D1BA0562E87CB0A1E18FD32B214A82E4E18300879CCD ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:36:29.0534 0x1274 LMS - ok
19:36:29.0714 0x1274 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:36:29.0724 0x1274 LSI_FC - ok
19:36:29.0764 0x1274 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:36:29.0784 0x1274 LSI_SAS - ok
19:36:29.0824 0x1274 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:36:29.0834 0x1274 LSI_SAS2 - ok
19:36:29.0864 0x1274 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:36:29.0874 0x1274 LSI_SCSI - ok
19:36:29.0934 0x1274 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:36:30.0004 0x1274 luafv - ok
19:36:30.0064 0x1274 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:36:30.0074 0x1274 MBAMProtector - ok
19:36:30.0294 0x1274 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
19:36:30.0334 0x1274 MBAMScheduler - ok
19:36:30.0484 0x1274 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:36:30.0514 0x1274 MBAMService - ok
19:36:31.0034 0x1274 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:36:31.0044 0x1274 MBAMSwissArmy - ok
19:36:31.0154 0x1274 [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:36:31.0164 0x1274 MBAMWebAccessControl - ok
19:36:31.0214 0x1274 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:36:31.0254 0x1274 Mcx2Svc - ok
19:36:31.0294 0x1274 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:36:31.0304 0x1274 megasas - ok
19:36:31.0444 0x1274 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:36:31.0454 0x1274 MegaSR - ok
19:36:31.0514 0x1274 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:36:31.0574 0x1274 MMCSS - ok
19:36:31.0624 0x1274 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:36:31.0654 0x1274 Modem - ok
19:36:31.0734 0x1274 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:36:31.0764 0x1274 monitor - ok
19:36:31.0864 0x1274 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:36:31.0874 0x1274 mouclass - ok
19:36:31.0994 0x1274 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:36:32.0004 0x1274 mouhid - ok
19:36:32.0074 0x1274 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:36:32.0084 0x1274 mountmgr - ok
19:36:32.0264 0x1274 [ C01441BA6F99890B7FF6CD0260B7750A, E02FFB1E8A3E423C9392ADAA9DF5FECF800DFAB3E09B74A029106DC337995539 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:36:32.0274 0x1274 MozillaMaintenance - ok
19:36:32.0414 0x1274 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:36:32.0424 0x1274 mpio - ok
19:36:32.0614 0x1274 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:36:32.0644 0x1274 mpsdrv - ok
19:36:32.0864 0x1274 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:36:32.0924 0x1274 MpsSvc - ok
19:36:33.0084 0x1274 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:36:33.0094 0x1274 MRxDAV - ok
19:36:33.0194 0x1274 [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:36:33.0244 0x1274 mrxsmb - ok
19:36:33.0314 0x1274 [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:36:33.0364 0x1274 mrxsmb10 - ok
19:36:33.0454 0x1274 [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:36:33.0474 0x1274 mrxsmb20 - ok
19:36:33.0494 0x1274 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:36:33.0504 0x1274 msahci - ok
19:36:33.0624 0x1274 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:36:33.0634 0x1274 msdsm - ok
19:36:33.0694 0x1274 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:36:33.0734 0x1274 MSDTC - ok
19:36:33.0884 0x1274 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:36:34.0134 0x1274 Msfs - ok
19:36:34.0184 0x1274 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:36:34.0244 0x1274 mshidkmdf - ok
19:36:34.0294 0x1274 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:36:34.0304 0x1274 msisadrv - ok
19:36:34.0414 0x1274 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:36:34.0464 0x1274 MSiSCSI - ok
19:36:34.0464 0x1274 msiserver - ok
19:36:34.0504 0x1274 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:36:34.0554 0x1274 MSKSSRV - ok
19:36:34.0604 0x1274 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:36:34.0654 0x1274 MSPCLOCK - ok
19:36:34.0674 0x1274 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:36:34.0734 0x1274 MSPQM - ok
19:36:34.0874 0x1274 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:36:34.0904 0x1274 MsRPC - ok
19:36:34.0954 0x1274 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:36:34.0964 0x1274 mssmbios - ok
19:36:35.0084 0x1274 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:36:35.0114 0x1274 MSTEE - ok
19:36:35.0214 0x1274 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:36:35.0254 0x1274 MTConfig - ok
19:36:35.0434 0x1274 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
19:36:35.0444 0x1274 MTsensor - ok
19:36:35.0534 0x1274 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:36:35.0544 0x1274 Mup - ok
19:36:35.0704 0x1274 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:36:35.0784 0x1274 napagent - ok
19:36:35.0964 0x1274 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:36:36.0004 0x1274 NativeWifiP - ok
19:36:36.0505 0x1274 [ 988CDC4DAE2186F3A5ED6EE7D3E6B5CA, DB40F7705F0475FF774452E365152EBEDDC77D8ACE48419DABE02DD385C6B725 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
19:36:36.0525 0x1274 NAUpdate - ok
19:36:36.0815 0x1274 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:36:36.0845 0x1274 NDIS - ok
19:36:36.0925 0x1274 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:36:36.0995 0x1274 NdisCap - ok
19:36:37.0085 0x1274 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:36:37.0135 0x1274 NdisTapi - ok
19:36:37.0255 0x1274 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:36:37.0305 0x1274 Ndisuio - ok
19:36:37.0365 0x1274 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:36:37.0435 0x1274 NdisWan - ok
19:36:37.0495 0x1274 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:36:37.0555 0x1274 NDProxy - ok
19:36:37.0665 0x1274 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:36:37.0695 0x1274 NetBIOS - ok
19:36:37.0755 0x1274 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:36:37.0775 0x1274 NetBT - ok
19:36:37.0825 0x1274 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon C:\Windows\system32\lsass.exe
19:36:37.0855 0x1274 Netlogon - ok
19:36:38.0035 0x1274 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:36:38.0065 0x1274 Netman - ok
19:36:39.0215 0x1274 [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:36:39.0915 0x1274 NetMsmqActivator - ok
19:36:40.0025 0x1274 [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:36:40.0035 0x1274 NetPipeActivator - ok
19:36:40.0215 0x1274 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:36:40.0275 0x1274 netprofm - ok
19:36:40.0445 0x1274 [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:36:40.0455 0x1274 NetTcpActivator - ok
19:36:40.0515 0x1274 [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:36:40.0525 0x1274 NetTcpPortSharing - ok
19:36:40.0595 0x1274 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:36:40.0605 0x1274 nfrd960 - ok
19:36:41.0005 0x1274 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:36:41.0055 0x1274 NlaSvc - ok
19:36:41.0265 0x1274 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:36:41.0325 0x1274 Npfs - ok
19:36:41.0415 0x1274 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:36:41.0475 0x1274 nsi - ok
19:36:41.0535 0x1274 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:36:41.0595 0x1274 nsiproxy - ok
19:36:42.0155 0x1274 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:36:42.0205 0x1274 Ntfs - ok
19:36:42.0275 0x1274 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:36:42.0345 0x1274 Null - ok
19:36:42.0485 0x1274 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:36:42.0495 0x1274 nvraid - ok
19:36:42.0565 0x1274 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:36:42.0575 0x1274 nvstor - ok
19:36:42.0655 0x1274 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:36:42.0665 0x1274 nv_agp - ok
19:36:43.0085 0x1274 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:36:43.0105 0x1274 odserv - ok
19:36:43.0165 0x1274 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:36:43.0205 0x1274 ohci1394 - ok
19:36:43.0335 0x1274 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:36:43.0345 0x1274 ose - ok
19:36:43.0525 0x1274 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:36:43.0575 0x1274 p2pimsvc - ok
19:36:43.0735 0x1274 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:36:43.0765 0x1274 p2psvc - ok
19:36:43.0875 0x1274 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:36:43.0885 0x1274 Parport - ok
19:36:43.0965 0x1274 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:36:43.0975 0x1274 partmgr - ok
19:36:44.0095 0x1274 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
19:36:44.0135 0x1274 PcaSvc - ok
19:36:44.0225 0x1274 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:36:44.0245 0x1274 pci - ok
19:36:44.0275 0x1274 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:36:44.0285 0x1274 pciide - ok
19:36:44.0345 0x1274 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:36:44.0365 0x1274 pcmcia - ok
19:36:44.0435 0x1274 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:36:44.0445 0x1274 pcw - ok
19:36:44.0545 0x1274 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:36:44.0595 0x1274 PEAUTH - ok
19:36:45.0035 0x1274 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:36:45.0095 0x1274 PerfHost - ok
19:36:45.0185 0x1274 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:36:45.0235 0x1274 pla - ok
19:36:45.0615 0x1274 [ 9C74EDBA872A55AB9732E879C84ECBDF, 1A8850E223CBFFED761154D6ED3CE9A7A5245E56ED9A0628A2F1E492DE1FED95 ] PlaysService C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
19:36:46.0065 0x1274 PlaysService - ok
19:36:46.0235 0x1274 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:36:46.0275 0x1274 PlugPlay - ok
19:36:46.0295 0x1274 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:36:46.0305 0x1274 PNRPAutoReg - ok
19:36:46.0385 0x1274 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:36:46.0395 0x1274 PNRPsvc - ok
19:36:46.0525 0x1274 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:36:46.0545 0x1274 PolicyAgent - ok
19:36:46.0615 0x1274 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:36:46.0645 0x1274 Power - ok
19:36:46.0705 0x1274 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:36:46.0775 0x1274 PptpMiniport - ok
19:36:46.0805 0x1274 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:36:46.0835 0x1274 Processor - ok
19:36:46.0905 0x1274 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:36:46.0915 0x1274 ProfSvc - ok
19:36:46.0935 0x1274 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\Windows\system32\lsass.exe
19:36:46.0945 0x1274 ProtectedStorage - ok
19:36:47.0055 0x1274 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:36:47.0105 0x1274 Psched - ok
19:36:47.0196 0x1274 [ 23EED24B0A780863DF35B500C4EA0733, AB01485BB7C8BC1A9C86096EEEA6D31D8FAD557BF4D44072B46373D2203FAA6E ] PStrip64 C:\Windows\system32\drivers\pstrip64.sys
19:36:47.0206 0x1274 PStrip64 - ok
19:36:47.0336 0x1274 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:36:47.0376 0x1274 ql2300 - ok
19:36:47.0396 0x1274 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:36:47.0406 0x1274 ql40xx - ok
19:36:47.0476 0x1274 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:36:47.0516 0x1274 QWAVE - ok
19:36:47.0556 0x1274 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:36:47.0566 0x1274 QWAVEdrv - ok
19:36:47.0576 0x1274 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:36:47.0626 0x1274 RasAcd - ok
19:36:47.0726 0x1274 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:36:47.0746 0x1274 RasAgileVpn - ok
19:36:47.0786 0x1274 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:36:47.0816 0x1274 RasAuto - ok
19:36:47.0876 0x1274 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:36:47.0926 0x1274 Rasl2tp - ok
19:36:47.0996 0x1274 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:36:48.0056 0x1274 RasMan - ok
19:36:48.0116 0x1274 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:36:48.0156 0x1274 RasPppoe - ok
19:36:48.0186 0x1274 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:36:48.0216 0x1274 RasSstp - ok
19:36:48.0316 0x1274 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:36:48.0376 0x1274 rdbss - ok
19:36:48.0426 0x1274 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:36:48.0466 0x1274 rdpbus - ok
19:36:48.0506 0x1274 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:36:48.0556 0x1274 RDPCDD - ok
19:36:48.0596 0x1274 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:36:48.0636 0x1274 RDPENCDD - ok
19:36:48.0686 0x1274 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:36:48.0746 0x1274 RDPREFMP - ok
19:36:48.0866 0x1274 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:36:48.0906 0x1274 RdpVideoMiniport - ok
19:36:48.0996 0x1274 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:36:49.0056 0x1274 RDPWD - ok
19:36:49.0126 0x1274 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:36:49.0136 0x1274 rdyboost - ok
19:36:49.0266 0x1274 [ 6A3C19D880585B59C99FF3D3D1379763, 1D3A5315813E89C91EF7A0DEA4F238B0567F4B3C7517BF83353C9DFA0C2938CA ] RealPlayerUpdateSvc C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe
19:36:49.0276 0x1274 RealPlayerUpdateSvc - ok
19:36:49.0636 0x1274 [ C1816137E9D1C3975E9467F849D26457, 05B1EDE59A1345B443FC73A4EB695396B0D2AFDD4F8134E16752D8680E60B39E ] RealTimes Desktop Service c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
19:36:49.0656 0x1274 RealTimes Desktop Service - ok
19:36:49.0726 0x1274 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:36:49.0776 0x1274 RemoteAccess - ok
19:36:49.0846 0x1274 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:36:49.0906 0x1274 RemoteRegistry - ok
19:36:49.0926 0x1274 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:36:49.0986 0x1274 RpcEptMapper - ok
19:36:50.0016 0x1274 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:36:50.0026 0x1274 RpcLocator - ok
19:36:50.0166 0x1274 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
19:36:50.0186 0x1274 RpcSs - ok
19:36:50.0316 0x1274 [ DC73D9D076BDA93E3B48153A1B356B58, BD6D4FCA9AF25333C069DEE7D643453496ACF51840F9936850368772281239D0 ] RrNetCapFilterDriver C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys
19:36:50.0326 0x1274 RrNetCapFilterDriver - ok
19:36:50.0366 0x1274 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:36:50.0436 0x1274 rspndr - ok
19:36:50.0576 0x1274 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:36:50.0596 0x1274 RTL8167 - ok
19:36:50.0616 0x1274 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs C:\Windows\system32\lsass.exe
19:36:50.0626 0x1274 SamSs - ok
19:36:50.0666 0x1274 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:36:50.0676 0x1274 sbp2port - ok
19:36:50.0746 0x1274 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:36:50.0776 0x1274 SCardSvr - ok
19:36:50.0846 0x1274 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:36:50.0896 0x1274 scfilter - ok
19:36:50.0986 0x1274 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
19:36:51.0036 0x1274 Schedule - ok
19:36:51.0106 0x1274 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:36:51.0146 0x1274 SCPolicySvc - ok
19:36:51.0236 0x1274 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:36:51.0256 0x1274 SDRSVC - ok
19:36:51.0796 0x1274 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
19:36:51.0836 0x1274 SDScannerService - ok
19:36:52.0086 0x1274 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:36:52.0136 0x1274 SDUpdateService - ok
19:36:52.0196 0x1274 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:36:52.0216 0x1274 SDWSCService - ok
19:36:52.0286 0x1274 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:36:52.0326 0x1274 secdrv - ok
19:36:52.0386 0x1274 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
19:36:52.0436 0x1274 seclogon - ok
19:36:52.0516 0x1274 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
19:36:52.0576 0x1274 SENS - ok
19:36:52.0586 0x1274 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:36:52.0606 0x1274 SensrSvc - ok
19:36:52.0666 0x1274 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:36:52.0696 0x1274 Serenum - ok
19:36:52.0786 0x1274 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:36:52.0796 0x1274 Serial - ok
19:36:52.0876 0x1274 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:36:52.0886 0x1274 sermouse - ok
19:36:52.0936 0x1274 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:36:52.0986 0x1274 SessionEnv - ok
19:36:53.0066 0x1274 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:36:53.0106 0x1274 sffdisk - ok
19:36:53.0126 0x1274 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:36:53.0136 0x1274 sffp_mmc - ok
19:36:53.0156 0x1274 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:36:53.0166 0x1274 sffp_sd - ok
19:36:53.0186 0x1274 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:36:53.0226 0x1274 sfloppy - ok
19:36:53.0276 0x1274 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:36:53.0356 0x1274 SharedAccess - ok
19:36:53.0476 0x1274 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:36:53.0526 0x1274 ShellHWDetection - ok
19:36:53.0546 0x1274 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:36:53.0556 0x1274 SiSRaid2 - ok
19:36:53.0616 0x1274 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:36:53.0626 0x1274 SiSRaid4 - ok
19:36:53.0846 0x1274 [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:36:53.0866 0x1274 SkypeUpdate - ok
19:36:53.0946 0x1274 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:36:53.0976 0x1274 Smb - ok
19:36:54.0046 0x1274 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:36:54.0056 0x1274 SNMPTRAP - ok
19:36:54.0457 0x1274 [ A0FC32D6DB175CCE5905DF4897685188, 7F4B51B4EA968B4E96DAA92B7C2BBA5C97634F256FDB2E02D03AE2C1A2E23BFD ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
19:36:54.0567 0x1274 SNP2UVC - ok
19:36:54.0637 0x1274 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:36:54.0667 0x1274 spldr - ok
19:36:54.0827 0x1274 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:36:54.0867 0x1274 Spooler - ok
19:36:55.0517 0x1274 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:36:55.0617 0x1274 sppsvc - ok
19:36:55.0647 0x1274 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:36:55.0677 0x1274 sppuinotify - ok
19:36:55.0847 0x1274 [ 131575CDF93FDF365DE107D0242E52D8, 159B283A3BB8EA5AA17CD5937F69FE41F054B817D86F688A4924F29D30B6D987 ] sptd C:\Windows\system32\Drivers\sptd.sys
19:36:55.0847 0x1274 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 131575CDF93FDF365DE107D0242E52D8, sha256: 159B283A3BB8EA5AA17CD5937F69FE41F054B817D86F688A4924F29D30B6D987
19:36:55.0847 0x1274 sptd - detected LockedFile.Multi.Generic ( 1 )
19:36:55.0847 0x1274 sptd ( LockedFile.Multi.Generic ) - warning
19:36:55.0847 0x1274 Force sending object to P2P due to detect: sptd
19:36:55.0847 0x1274 Object send P2P result: false
19:36:55.0947 0x1274 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:36:55.0987 0x1274 srv - ok
19:36:56.0077 0x1274 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:36:56.0117 0x1274 srv2 - ok
19:36:56.0167 0x1274 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:36:56.0217 0x1274 srvnet - ok
19:36:56.0277 0x1274 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:36:56.0307 0x1274 SSDPSRV - ok
19:36:56.0317 0x1274 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:36:56.0347 0x1274 SstpSvc - ok
19:36:56.0397 0x1274 [ B1800F5DA5114148E405F21292EDF77A, F0CCE39AA15A7E8EBB8EBA72C053F6489E10601294ACD6E12DCDC6E2BE76403B ] StarPortLite C:\Windows\system32\DRIVERS\StarPortLite.sys
19:36:56.0407 0x1274 StarPortLite - ok
19:36:56.0747 0x1274 [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:36:56.0787 0x1274 Steam Client Service - ok
19:36:56.0817 0x1274 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:36:56.0827 0x1274 stexstor - ok
19:36:56.0977 0x1274 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:36:57.0027 0x1274 stisvc - ok
19:36:57.0077 0x1274 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
19:36:57.0087 0x1274 swenum - ok
19:36:57.0147 0x1274 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:36:57.0207 0x1274 swprv - ok
19:36:57.0447 0x1274 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
19:36:57.0527 0x1274 SysMain - ok
19:36:57.0577 0x1274 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:36:57.0617 0x1274 TabletInputService - ok
19:36:57.0697 0x1274 [ 3A7CABF7DE8F1325BE8F46685469AEC3, 03B2FDEA5E10B9584EFC4ED22D6C2529322FBEF0DFEC60FE12FCE5C4A2E42F9C ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
19:36:57.0717 0x1274 taphss6 - ok
19:36:57.0837 0x1274 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:36:57.0907 0x1274 TapiSrv - ok
19:36:57.0967 0x1274 [ E91BCBD521606E60C2807813D8EAC579, 9B9329535AF753E5922BD53DEF08E5E99C51927923C7DF87112A0E293DE47FAC ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
19:36:57.0977 0x1274 tbhsd - ok
19:36:58.0267 0x1274 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:36:58.0317 0x1274 Tcpip - ok
19:36:58.0427 0x1274 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:36:58.0477 0x1274 TCPIP6 - ok
19:36:58.0517 0x1274 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:36:58.0567 0x1274 tcpipreg - ok
19:36:58.0637 0x1274 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:36:58.0647 0x1274 TDPIPE - ok
19:36:58.0697 0x1274 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:36:58.0737 0x1274 TDTCP - ok
19:36:58.0767 0x1274 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:36:58.0787 0x1274 tdx - ok
19:36:58.0877 0x1274 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
19:36:58.0887 0x1274 TermDD - ok
19:36:58.0997 0x1274 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:36:59.0047 0x1274 TermService - ok
19:36:59.0127 0x1274 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:36:59.0167 0x1274 Themes - ok
19:36:59.0207 0x1274 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:36:59.0237 0x1274 THREADORDER - ok
19:36:59.0327 0x1274 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:36:59.0377 0x1274 TrkWks - ok
19:36:59.0537 0x1274 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:36:59.0567 0x1274 TrustedInstaller - ok
19:36:59.0617 0x1274 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:36:59.0667 0x1274 tssecsrv - ok
19:36:59.0787 0x1274 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:36:59.0837 0x1274 TsUsbFlt - ok
19:36:59.0897 0x1274 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:36:59.0927 0x1274 tunnel - ok
19:36:59.0987 0x1274 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:36:59.0997 0x1274 uagp35 - ok
19:37:00.0127 0x1274 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:37:00.0177 0x1274 udfs - ok
19:37:00.0217 0x1274 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:37:00.0257 0x1274 UI0Detect - ok
19:37:00.0277 0x1274 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:37:00.0287 0x1274 uliagpkx - ok
19:37:00.0337 0x1274 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
19:37:00.0377 0x1274 umbus - ok
19:37:00.0397 0x1274 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:37:00.0437 0x1274 UmPass - ok
19:37:00.0907 0x1274 [ A7377410BC0D28C5A72135A4BE1A1068, D051CD79B9CD66EA6345A6DB5FAA89EC7355B615A36775A4693EF818CA816E2F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:37:00.0957 0x1274 UNS - ok
19:37:01.0027 0x1274 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:37:01.0067 0x1274 upnphost - ok
19:37:01.0147 0x1274 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:37:01.0187 0x1274 usbaudio - ok
19:37:01.0277 0x1274 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
19:37:01.0287 0x1274 usbccgp - ok
19:37:01.0397 0x1274 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:37:01.0427 0x1274 usbcir - ok
19:37:01.0487 0x1274 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:37:01.0497 0x1274 usbehci - ok
19:37:01.0677 0x1274 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:37:01.0707 0x1274 usbhub - ok
19:37:01.0757 0x1274 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:37:01.0767 0x1274 usbohci - ok
19:37:01.0817 0x1274 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:37:01.0857 0x1274 usbprint - ok
19:37:02.0037 0x1274 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
19:37:02.0057 0x1274 usbscan - ok
19:37:02.0107 0x1274 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:37:02.0117 0x1274 USBSTOR - ok
19:37:02.0177 0x1274 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:37:02.0187 0x1274 usbuhci - ok
19:37:02.0348 0x1274 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:37:02.0388 0x1274 usbvideo - ok
19:37:02.0468 0x1274 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:37:02.0498 0x1274 UxSms - ok
19:37:02.0518 0x1274 [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc C:\Windows\system32\lsass.exe
19:37:02.0528 0x1274 VaultSvc - ok
19:37:02.0548 0x1274 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:37:02.0558 0x1274 vdrvroot - ok
19:37:02.0678 0x1274 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:37:02.0708 0x1274 vds - ok
19:37:02.0818 0x1274 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:37:02.0828 0x1274 vga - ok
19:37:02.0848 0x1274 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:37:02.0898 0x1274 VgaSave - ok
19:37:02.0988 0x1274 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:37:02.0998 0x1274 vhdmp - ok
19:37:03.0058 0x1274 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:37:03.0068 0x1274 viaide - ok
19:37:03.0098 0x1274 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:37:03.0108 0x1274 volmgr - ok
19:37:03.0228 0x1274 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:37:03.0248 0x1274 volmgrx - ok
19:37:03.0308 0x1274 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:37:03.0328 0x1274 volsnap - ok
19:37:03.0418 0x1274 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:37:03.0428 0x1274 vsmraid - ok
19:37:03.0658 0x1274 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:37:03.0748 0x1274 VSS - ok
19:37:03.0938 0x1274 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
19:37:03.0948 0x1274 vssbrigde64 - ok
19:37:03.0998 0x1274 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:37:04.0038 0x1274 vwifibus - ok
19:37:04.0118 0x1274 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:37:04.0158 0x1274 W32Time - ok
19:37:04.0188 0x1274 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:37:04.0198 0x1274 WacomPen - ok
19:37:04.0308 0x1274 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:37:04.0338 0x1274 WANARP - ok
19:37:04.0348 0x1274 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:37:04.0368 0x1274 Wanarpv6 - ok
19:37:04.0668 0x1274 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:37:04.0698 0x1274 WatAdminSvc - ok
19:37:04.0858 0x1274 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:37:04.0898 0x1274 wbengine - ok
19:37:04.0978 0x1274 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:37:04.0998 0x1274 WbioSrvc - ok
19:37:05.0058 0x1274 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:37:05.0108 0x1274 wcncsvc - ok
19:37:05.0128 0x1274 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:37:05.0138 0x1274 WcsPlugInService - ok
19:37:05.0208 0x1274 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:37:05.0218 0x1274 Wd - ok
19:37:05.0358 0x1274 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:37:05.0388 0x1274 Wdf01000 - ok
19:37:05.0458 0x1274 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:37:05.0498 0x1274 WdiServiceHost - ok
19:37:05.0518 0x1274 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:37:05.0528 0x1274 WdiSystemHost - ok
19:37:05.0588 0x1274 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
19:37:05.0628 0x1274 WebClient - ok
19:37:05.0688 0x1274 [ 2CA323CF5C24A7DA9AC0FC374AED50A4, BAAA6BC43D7D50CE5F95BFE0B5E56B1032883F662A000CB54D361AE0913C325F ] Wecsvc C:\Windows\system32\wecsvc.dll
19:37:05.0708 0x1274 Wecsvc - ok
19:37:05.0768 0x1274 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:37:05.0818 0x1274 wercplsupport - ok
19:37:05.0898 0x1274 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:37:05.0948 0x1274 WerSvc - ok
19:37:06.0028 0x1274 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:37:06.0058 0x1274 WfpLwf - ok
19:37:06.0068 0x1274 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:37:06.0078 0x1274 WIMMount - ok
19:37:06.0098 0x1274 WinDefend - ok
19:37:06.0148 0x1274 WinHttpAutoProxySvc - ok
19:37:06.0238 0x1274 [ 5247036CD851AD73B5FC8E546DF78D4D, 5FC56B1CA516ED9D477AEAC5D06B2F59DF7FA9AFA207616C2E648C8348203F62 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:37:06.0258 0x1274 Winmgmt - ok
19:37:06.0398 0x1274 [ 2639C57F43CDB6B36593083CF3DF92F4, 64EE18B8C344EA67406B51724AC962934275B1769B42A03ECE56895CE8CEF05D ] WinRM C:\Windows\system32\WsmSvc.dll
19:37:06.0458 0x1274 WinRM - ok
19:37:06.0548 0x1274 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:37:06.0578 0x1274 Wlansvc - ok
19:37:06.0638 0x1274 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:37:06.0648 0x1274 WmiAcpi - ok
19:37:06.0728 0x1274 [ 43FA348D871923CC7FD28F82797AC04D, FDC8BD0732C0B11B11A19E16F75F91D09691AA8D28FB928A7918D2B080DF881A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:37:06.0738 0x1274 wmiApSrv - ok
19:37:06.0808 0x1274 WMPNetworkSvc - ok
19:37:06.0898 0x1274 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:37:06.0908 0x1274 WPCSvc - ok
19:37:06.0998 0x1274 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:37:07.0008 0x1274 WPDBusEnum - ok
19:37:07.0128 0x1274 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:37:07.0178 0x1274 ws2ifsl - ok
19:37:07.0268 0x1274 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
19:37:07.0308 0x1274 wscsvc - ok
19:37:07.0308 0x1274 WSearch - ok
19:37:07.0798 0x1274 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
19:37:07.0898 0x1274 wuauserv - ok
19:37:07.0958 0x1274 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:37:07.0968 0x1274 WudfPf - ok
19:37:08.0038 0x1274 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:37:08.0058 0x1274 WUDFRd - ok
19:37:08.0118 0x1274 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:37:08.0198 0x1274 wudfsvc - ok
19:37:08.0298 0x1274 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:37:08.0328 0x1274 WwanSvc - ok
19:37:08.0478 0x1274 ================ Scan global ===============================
19:37:08.0548 0x1274 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:37:08.0678 0x1274 [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
19:37:08.0698 0x1274 [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
19:37:08.0758 0x1274 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:37:08.0978 0x1274 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:37:08.0988 0x1274 [ Global ] - ok
19:37:08.0988 0x1274 ================ Scan MBR ==================================
19:37:08.0998 0x1274 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:37:10.0678 0x1274 \Device\Harddisk0\DR0 - ok
19:37:10.0688 0x1274 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR2
19:37:10.0878 0x1274 \Device\Harddisk1\DR2 - ok
19:37:10.0878 0x1274 ================ Scan VBR ==================================
19:37:10.0918 0x1274 [ 16FA8AE7AB8275D264D37461B124F92C ] \Device\Harddisk0\DR0\Partition1
19:37:10.0948 0x1274 \Device\Harddisk0\DR0\Partition1 - ok
19:37:10.0948 0x1274 [ 4382013C91F2D994B40004E0C997D27E ] \Device\Harddisk1\DR2\Partition1
19:37:10.0948 0x1274 \Device\Harddisk1\DR2\Partition1 - ok
19:37:10.0948 0x1274 ================ Scan generic autorun ======================
19:37:11.0068 0x1274 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
19:37:11.0078 0x1274 IAAnotif - ok
19:37:11.0758 0x1274 [ 5933FB88A73C79D8A45A74F686FB2B5B, E954751EC74BC591BFCF3D331EE535BCC8B20967D13EEA7FEC1A66EDB61EFC22 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:37:11.0968 0x1274 RtHDVCpl - ok
19:37:12.0068 0x1274 [ 0892837BF89C842D518AC3A323992B47, 5E314AD8FCB7837C415E18B7619B1220239DDF44431145800F11FA7DE4AEFB2A ] C:\Windows\vsnp2uvc.exe
19:37:12.0128 0x1274 snp2uvc - ok
19:37:12.0518 0x1274 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
19:37:12.0558 0x1274 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
19:37:12.0558 0x1274 AVMWlanClient ( UnsignedFile.Multi.Generic ) - warning
19:37:12.0558 0x1274 avgnt - ok
19:37:12.0708 0x1274 [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:37:12.0708 0x1274 APSDaemon - ok
19:37:12.0848 0x1274 [ 42CDFB2273EEC623B903C311B19FB484, D0FF021BF53FB6CB994D2455D9B5AE69EC2990216738424731D5EAFBA8EE8506 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
19:37:12.0858 0x1274 AppleSyncNotifier - ok
19:37:13.0308 0x1274 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
19:37:13.0398 0x1274 SDTray - ok
19:37:13.0498 0x1274 DelaypluginInstall - ok
19:37:13.0758 0x1274 [ 51B70CE8B46FB074154F2C144919E633, 498E5585814924778358A5D4BEA1936D2CB4D1A15FD900AE017C63D6F1A9F52B ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
19:37:13.0778 0x1274 StartCCC - ok
19:37:13.0898 0x1274 [ 0892837BF89C842D518AC3A323992B47, 5E314AD8FCB7837C415E18B7619B1220239DDF44431145800F11FA7DE4AEFB2A ] C:\Windows\vsnp2uvc.exe
19:37:13.0938 0x1274 snp2uvc - ok
19:37:14.0108 0x1274 [ 2E14AE4F0DDF9529154CDC5BD2FFEE40, D631E970F96E403A05D65A53F6A22022BE9EA3BAFB46243400A68A10DA2B4C76 ] C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
19:37:14.0118 0x1274 tsnp2uvc - detected UnsignedFile.Multi.Generic ( 1 )
19:37:14.0118 0x1274 tsnp2uvc ( UnsignedFile.Multi.Generic ) - warning
19:37:14.0118 0x1274 Force sending object to P2P due to detect: C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe
19:37:14.0118 0x1274 Object send P2P result: false
19:37:14.0268 0x1274 [ 7452C79BBE7EF695F940176C8555629F, AFF94BBAE565E228A12DBB8C5585F2B3657849ABC2357E5412FB1B72A944B143 ] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
19:37:14.0278 0x1274 TkBellExe - ok
19:37:14.0348 0x1274 [ E574DC0EA51A0DD82E8E8DD679900587, 48CA29C207D3721CDED5439F9A4D039DFF570545503A8ADCFA2D53D3923D8779 ] C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe
19:37:14.0378 0x1274 RealDownloader - ok
19:37:14.0838 0x1274 [ 8F4CD393FF165E8952D2D0AE3CF25C79, 32C328A11263495CCD20C4A4B3776675C9094609C0FFCCF740772BAAE85AC7F6 ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
19:37:14.0928 0x1274 msnmsgr - ok
19:37:14.0928 0x1274 AVG-Secure-Search-Update_JUNE2013_TB - ok
19:37:14.0928 0x1274 AVG-Secure-Search-Update_JUNE2013_HP - ok
19:37:15.0038 0x1274 [ 61F39BE0E95851F2D4E132F130DF6AED, ACBA5B1618ABD7DD01DA06B025D0491AEC9E6C4C3ECD329A1EDC47D3F1C4A836 ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
19:37:15.0038 0x1274 dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )
19:37:15.0038 0x1274 dradio-RecorderTimer ( UnsignedFile.Multi.Generic ) - warning
19:37:15.0038 0x1274 Force sending object to P2P due to detect: C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
19:37:15.0038 0x1274 Object send P2P result: false
19:37:15.0138 0x1274 [ AB3FF5AA877505B82C6F0B917CF5839B, 909006733CE97377AAD15D45C250054FCBB7A5942E28674E74373C213D2AC042 ] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
19:37:15.0178 0x1274 phonostar-PlayerTimer - detected UnsignedFile.Multi.Generic ( 1 )
19:37:15.0178 0x1274 phonostar-PlayerTimer ( UnsignedFile.Multi.Generic ) - warning
19:37:15.0609 0x1274 [ 2EDECEE71DCE4DB8A47BA1EF946EACD2, B51F74A11BEF0AF6CA08250311C51970C7D3CB52393740CD522A84B52FCCB970 ] C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
19:37:15.0659 0x1274 AudialsNotifier - ok
19:37:16.0019 0x1274 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
19:37:16.0109 0x1274 Spybot-S&D Cleaning - ok
19:37:16.0209 0x1274 Skype - ok
19:37:16.0529 0x1274 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
19:37:16.0539 0x1274 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
19:37:16.0539 0x1274 ============================================================
19:37:16.0539 0x1274 Scan finished
19:37:16.0539 0x1274 ============================================================
19:37:16.0539 0x0cd8 Detected object count: 7
19:37:16.0539 0x0cd8 Actual detected object count: 7
19:37:54.0922 0x0cd8 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:37:54.0922 0x0cd8 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:37:54.0922 0x0cd8 Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
19:37:54.0922 0x0cd8 Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:37:54.0922 0x0cd8 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:37:54.0922 0x0cd8 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:37:54.0922 0x0cd8 AVMWlanClient ( UnsignedFile.Multi.Generic ) - skipped by user
19:37:54.0922 0x0cd8 AVMWlanClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:37:54.0922 0x0cd8 tsnp2uvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:37:54.0922 0x0cd8 tsnp2uvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:37:54.0922 0x0cd8 dradio-RecorderTimer ( UnsignedFile.Multi.Generic ) - skipped by user
19:37:54.0922 0x0cd8 dradio-RecorderTimer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:37:54.0922 0x0cd8 phonostar-PlayerTimer ( UnsignedFile.Multi.Generic ) - skipped by user
19:37:54.0922 0x0cd8 phonostar-PlayerTimer ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 21.11.2016 19:14, SYSTEM, RONALDARNO-PC, Protection, Malware Protection, Starting, Protection, 21.11.2016 19:14, SYSTEM, RONALDARNO-PC, Protection, Malware Protection, Started, Protection, 21.11.2016 19:14, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Starting, Protection, 21.11.2016 19:22, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Started, Update, 21.11.2016 19:23, SYSTEM, RONALDARNO-PC, Scheduler, Failed, No Internet connection detected, Update, 21.11.2016 19:26, SYSTEM, RONALDARNO-PC, Scheduler, Failed, Unable to access update server, Protection, 21.11.2016 19:42, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopping, Protection, 21.11.2016 19:42, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopped, Protection, 21.11.2016 19:42, SYSTEM, RONALDARNO-PC, Protection, Malware Protection, Stopping, Protection, 21.11.2016 19:43, SYSTEM, RONALDARNO-PC, Protection, Malware Protection, Stopped, Update, 21.11.2016 19:44, SYSTEM, RONALDARNO-PC, Manual, Failed, No Internet connection detected, Protection, 21.11.2016 19:44, SYSTEM, RONALDARNO-PC, Protection, Malware Protection, Starting, Protection, 21.11.2016 19:44, SYSTEM, RONALDARNO-PC, Protection, Malware Protection, Started, Protection, 21.11.2016 19:44, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Starting, Protection, 21.11.2016 19:44, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Started, Update, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Manual, Remediation Database, 2016.2.12.1, 2016.9.21.1, Update, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Manual, Rootkit Database, 2016.2.8.1, 2016.11.20.1, Update, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Manual, IP Database, 2016.2.8.1, 2016.11.21.1, Update, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Manual, Domain Database, 2016.2.16.8, 2016.11.21.6, Update, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Manual, Malware Database, 2016.2.16.6, 2016.11.21.13, Protection, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Protection, Refresh, Starting, Protection, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopping, Protection, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopped, Protection, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Protection, Refresh, Success, Protection, 21.11.2016 19:46, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Starting, Protection, 21.11.2016 19:47, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Started, Update, 21.11.2016 20:16, SYSTEM, RONALDARNO-PC, Scheduler, Domain Database, 2016.11.21.6, 2016.11.21.7, Update, 21.11.2016 20:16, SYSTEM, RONALDARNO-PC, Scheduler, Malware Database, 2016.11.21.13, 2016.11.21.14, Protection, 21.11.2016 20:16, SYSTEM, RONALDARNO-PC, Protection, Refresh, Starting, Protection, 21.11.2016 20:16, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopping, Protection, 21.11.2016 20:16, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopped, Protection, 21.11.2016 20:17, SYSTEM, RONALDARNO-PC, Protection, Refresh, Success, Protection, 21.11.2016 20:17, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Starting, Protection, 21.11.2016 20:17, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Started, Update, 21.11.2016 20:19, SYSTEM, RONALDARNO-PC, Scheduler, Domain Database, 2016.11.21.7, 2016.11.21.8, Protection, 21.11.2016 20:19, SYSTEM, RONALDARNO-PC, Protection, Refresh, Starting, Protection, 21.11.2016 20:19, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopping, Protection, 21.11.2016 20:19, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopped, Protection, 21.11.2016 20:19, SYSTEM, RONALDARNO-PC, Protection, Refresh, Success, Protection, 21.11.2016 20:19, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Starting, Protection, 21.11.2016 20:19, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Started, Scan, 21.11.2016 21:18, SYSTEM, RONALDARNO-PC, Manual, Start: 21.11.2016 19:47, Dauer: 1 Std. 30 Min. 39 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, Update, 21.11.2016 21:22, SYSTEM, RONALDARNO-PC, Scheduler, Domain Database, 2016.11.21.8, 2016.11.21.9, Update, 21.11.2016 21:22, SYSTEM, RONALDARNO-PC, Scheduler, Malware Database, 2016.11.21.14, 2016.11.21.16, Protection, 21.11.2016 21:22, SYSTEM, RONALDARNO-PC, Protection, Refresh, Starting, Protection, 21.11.2016 21:22, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopping, Protection, 21.11.2016 21:22, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Stopped, Protection, 21.11.2016 21:23, SYSTEM, RONALDARNO-PC, Protection, Refresh, Success, Protection, 21.11.2016 21:23, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Starting, Protection, 21.11.2016 21:23, SYSTEM, RONALDARNO-PC, Protection, Malicious Website Protection, Started, (end) Geändert von 123Ron (21.11.2016 um 19:03 Uhr) |
|
21.11.2016, 22:55
| #19 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Und FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01 durchgeführt von Ronald Brauer (Administrator) auf RONALDARNO-PC (21-11-2016 21:33:15) Gestartet von C:\Users\Ronald Brauer\Desktop Geladene Profile: Ronald Brauer (Verfügbare Profile: Alternate & Ronald Brauer) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Sonix) C:\Windows\vsnp2uvc.exe () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Privoxy\privoxy.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Sonix Technology Co., Ltd.) C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe (AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe () C:\Program Files (x86)\Real\RealPlayer\RealDownloader\downloader2.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files (x86)\Real\RealPlayer\UpdateService\RealPlayerUpdateSvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9639424 2009-12-21] (Realtek Semiconductor) HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [avgnt] => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.) HKLM-x32\...\Run: [NWEReboot] => [X] HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322048 2011-05-04] (Sonix Technology Co., Ltd.) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [352648 2016-09-26] (RealNetworks, Inc.) HKLM-x32\...\Run: [RealDownloader] => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [708336 2016-09-03] () Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [42496 2012-10-13] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2411784 2015-04-21] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.) HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29645440 2016-09-12] (Skype Technologies S.A.) HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000 HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Policies\Explorer: [DisallowRun] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-07-26] ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2015-11-28] ShortcutTarget: Privoxy.lnk -> C:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-09-26] ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\Users\Ronald Brauer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Video und DVD - Verknüpfung.lnk [2015-01-08] ShortcutTarget: Video und DVD - Verknüpfung.lnk -> C:\Users\Ronald Brauer\Desktop\Lotus-Kopien\Video und DVD () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{4D3E1A21-93E8-4F97-91A4-28D48EBD8FFC}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{84EE55D2-B916-4ED1-9B84-E41BB1628BBE}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> {C130F831-D2AA-4A22-BD8D-F89F2A705E4A} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-09-03] (RealDownloader) BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-11-06] (AO Kaspersky Lab) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-09-03] (RealDownloader) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-11-06] (AO Kaspersky Lab) BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-11-06] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-11-06] (AO Kaspersky Lab) IE Session Restore: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> ist aktiviert. Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.) Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: WSWSVCUchrome - Kein CLSID Wert StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: w8mqfutb.default-1413719908419 FF ProfilePath: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox [2016-11-09] FF user.js: detected! => C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js [2015-08-28] FF NewTab: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/ FF DefaultSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Google FF DefaultSearchUrl: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/search?btnG=Google+Search&q= FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\JonDoFox -> Google FF SelectedSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Google FF Keyword.URL: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/search?btnG=Google+Search&q= FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_remote_dns", true FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> type", 1 FF Extension: (Amazon-Icon) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\amazon-icon@giga.de [2014-09-25] [ist nicht signiert] FF Extension: (HTTPS-Everywhere) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2013-12-19] [ist nicht signiert] FF Extension: (UnPlug) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\unplug@compunach.xpi [2013-08-06] [ist nicht signiert] FF Extension: (JonDoFox) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2013-11-08] [ist nicht signiert] FF Extension: (Cookie Monster) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2013-12-19] [ist nicht signiert] FF Extension: (NoScript) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (Adblock Plus) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (ProfileSwitcher) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (Kein Name) - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [nicht gefunden] FF Extension: (Kein Name) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files\Updater By Sweetpacks\Firefox [nicht gefunden] FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-09] [ist nicht signiert] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\sparpilot@sparpilot.com [nicht gefunden] FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-11-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml [2013-08-06] FF ProfilePath: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 [2016-11-20] FF user.js: detected! => C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\user.js [2016-03-02] FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> Bing FF SelectedSearchEngine: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> Bing FF Homepage: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> hxxps://web.de FF Session Restore: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> ist aktiviert. FF Keyword.URL: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q= FF NetworkProxy: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> type", 0 FF Extension: (VTzilla) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\info@virustotal.com.xpi [2016-08-16] FF Extension: (Jocly) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\jocly@jetpack.xpi [2016-04-27] FF Extension: (Session Manager) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-03-19] FF Extension: (NoScript) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-09] FF Extension: (Video DownloadHelper) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11] FF Extension: (Adblock Edge) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-27] FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG) FF Plugin-x32: @real.com/nppl3260;version=18.1.5.699 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2016-09-26] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=18.1.5.699 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2016-09-26] (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2689304980-1437917653-2625238874-1004: @phonostar.de/phonostar -> C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2689304980-1437917653-2625238874-1004: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-10-15] ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260 (2).dll [2010-12-12] (RealNetworks, Inc.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-05] <==== ACHTUNG Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.web.de/ CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default [2016-11-20] CHR Extension: (Google Präsentationen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-22] CHR Extension: (Google Docs) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-22] CHR Extension: (Google Drive) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22] CHR Extension: (YouTube) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-17] CHR Extension: (Amazon) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2015-02-04] CHR Extension: (Google-Suche) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22] CHR Extension: (Kaspersky Protection) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-10-17] CHR Extension: (Google Tabellen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-22] CHR Extension: (Google Docs Offline) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23] CHR Extension: (Tube Video Downloader) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfniaofdifgjfhcddboichcpdallcgjp [2016-11-07] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-06] CHR Extension: (Amazon) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-10-19] CHR Extension: (Google Mail) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22] CHR Extension: (Chrome Media Router) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-06] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Ronald Brauer\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-11-08] CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Ronald Brauer\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-09-25] Opera: ======= OPR Extension: (TabHamster) - C:\Users\Ronald Brauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\flaibmngbecjljogddbgojfenfcneanb [2015-12-10] OPR Extension: (Adblock Plus) - C:\Users\Ronald Brauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-11-06] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert] R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-11] (Kaspersky Lab ZAO) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-06-06] (Freemake) [Datei ist nicht signiert] R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-09-23] (SurfRight B.V.) R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-09-28] (Plays.tv, LLC) R2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [35104 2016-09-03] () S2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [987408 2016-09-26] (RealNetworks, Inc.) S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X] S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X] S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-10] (Avira Operations GmbH & Co. KG) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO) R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-21] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-25] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-25] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-21] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R1 PStrip64; C:\Windows\System32\drivers\pstrip64.sys [13008 2006-09-30] () R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-04-21] (Audials AG) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3565312 2011-05-04] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [867824 2015-01-07] () [Datei ist nicht signiert] R1 StarPortLite; C:\Windows\System32\DRIVERS\StarPortLite.sys [120704 2011-11-14] (StarWind Software) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz130; \??\C:\Users\ALTERN~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-21 21:33 - 2016-11-21 21:34 - 00036982 _____ C:\Users\Ronald Brauer\Desktop\FRST.txt 2016-11-21 21:32 - 2016-11-21 21:32 - 02412544 _____ (Farbar) C:\Users\Ronald Brauer\Desktop\FRST64.exe 2016-11-21 21:32 - 2016-11-21 21:32 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\FRST-OlderVersion 2016-11-21 21:29 - 2016-11-21 21:29 - 00005226 _____ C:\Users\Ronald Brauer\Desktop\mbam.txt 2016-11-21 19:43 - 2016-11-21 19:43 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-11-21 19:41 - 2016-11-21 18:48 - 22851472 _____ (Malwarebytes ) C:\Users\Ronald Brauer\Desktop\mbam-setup-2.2.1.1043.exe 2016-11-21 19:39 - 2016-11-21 19:40 - 00110857 _____ C:\Users\Ronald Brauer\Desktop\TDSSlog.txt 2016-11-21 19:35 - 2016-11-21 19:40 - 00221804 _____ C:\TDSSKiller.3.1.0.12_21.11.2016_19.35.08_log.txt 2016-11-21 19:34 - 2016-11-21 18:34 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ronald Brauer\Desktop\tdsskiller.exe 2016-11-18 17:24 - 2016-11-18 17:24 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\7E24010D.sys 2016-11-16 20:19 - 2016-11-16 20:19 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Neuer Ordner 2016-11-11 17:09 - 2016-11-12 08:37 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Unsortiert 2016-11-10 09:28 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-11-10 09:28 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-11-10 09:28 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-11-10 09:28 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2016-11-10 09:28 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2016-11-10 09:27 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-11-10 09:27 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-11-10 09:27 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-11-10 09:27 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-11-10 09:27 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-11-10 09:27 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-11-10 09:27 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-11-10 09:27 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-11-10 09:27 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-11-10 09:27 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-11-10 09:27 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-11-10 09:27 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-11-10 09:27 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-11-10 09:27 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-11-10 09:27 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-11-10 09:27 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-11-10 09:27 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-11-10 09:27 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-11-10 09:27 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-11-10 09:27 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-11-10 09:27 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-11-10 09:27 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-11-10 09:27 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-11-10 09:27 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-11-10 09:27 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-11-10 09:27 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-11-10 09:27 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-11-10 09:27 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-11-10 09:27 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-11-10 09:27 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-11-10 09:27 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-11-10 09:27 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-11-10 09:27 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-11-10 09:27 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-11-10 09:27 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-11-10 09:27 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-11-10 09:27 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-11-10 09:27 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-11-10 09:27 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-11-10 09:27 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-11-10 09:27 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-11-10 09:27 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-11-10 09:27 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-11-10 09:27 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-11-10 09:27 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-11-10 09:27 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-11-10 09:27 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-11-10 09:27 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-11-10 09:27 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-11-10 09:27 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-11-10 09:27 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-11-10 09:27 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-11-10 09:27 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-11-10 09:27 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-11-10 09:27 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-11-10 09:27 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-11-10 09:27 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-11-10 09:27 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-11-10 09:27 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-11-10 09:27 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-11-10 09:27 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-11-10 09:27 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-11-10 09:27 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-11-10 09:27 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-11-10 09:27 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-11-10 09:27 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-11-10 09:27 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2016-11-10 09:27 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2016-11-10 09:27 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2016-11-10 09:27 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2016-11-10 09:27 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2016-11-10 09:27 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2016-11-10 09:27 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME 2016-11-10 09:27 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2016-11-10 09:27 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2016-11-10 09:27 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2016-11-10 09:27 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime 2016-11-10 09:27 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2016-11-10 09:27 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2016-11-10 09:27 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-11-10 09:27 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-11-10 09:27 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-11-10 09:27 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-11-10 09:27 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-11-10 09:27 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-11-10 09:27 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-11-10 09:27 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-11-10 09:27 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-11-10 09:27 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-11-10 09:27 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-11-10 09:27 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-11-10 09:27 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-11-10 09:27 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-11-10 09:27 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-11-10 09:27 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-11-10 09:27 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-11-10 09:27 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-11-10 09:27 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-11-10 09:27 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-11-10 09:27 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2016-11-10 09:26 - 2015-12-20 19:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-11-10 09:26 - 2015-12-20 19:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2016-11-10 09:26 - 2015-12-20 15:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-11-10 09:26 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2016-11-10 06:27 - 2016-11-10 06:27 - 00003394 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 17:59 - 2016-11-09 17:59 - 00003366 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 17:59 - 2016-11-09 17:59 - 00003248 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 08:44 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2016-11-09 08:44 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2016-11-09 08:44 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2016-11-09 08:44 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2016-11-09 08:44 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2016-11-09 08:44 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2016-11-09 08:44 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2016-11-09 08:44 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2016-11-09 08:44 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2016-11-09 08:44 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2016-11-09 08:26 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2016-11-09 08:26 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2016-11-09 08:26 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2016-11-09 08:10 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2016-11-09 08:10 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2016-11-09 08:07 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2016-11-09 08:07 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-11-09 08:07 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-11-09 08:07 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-11-09 08:07 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-11-09 08:06 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-11-09 07:35 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2016-11-09 07:35 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2016-11-09 07:35 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2016-11-09 07:35 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2016-11-09 07:35 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2016-11-08 18:34 - 2016-11-10 06:27 - 00003276 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-06 17:40 - 2016-11-06 22:23 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\EDV-Tipps 2016-11-04 10:53 - 2016-11-06 07:49 - 00000000 ____D C:\Program Files (x86)\TVgenial5.5 2016-11-04 10:53 - 2016-11-04 11:02 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\TVgenial 2016-11-04 10:53 - 2016-11-04 10:54 - 00000000 ____D C:\ProgramData\TVgenial 2016-10-27 06:39 - 2016-10-27 06:39 - 00000000 ____D C:\Users\Ronald Brauer\.QtWebEngineProcess 2016-10-27 06:35 - 2016-10-27 06:35 - 00000000 ____D C:\Users\Ronald Brauer\.Plays.tv 2016-10-24 18:51 - 2016-10-24 21:39 - 00000000 ____D C:\Temp 2016-10-24 18:51 - 2016-10-24 18:51 - 00000000 ____D C:\Users\Ronald Brauer\Documents\My Videos 2016-10-24 18:51 - 2016-10-24 18:51 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Digiarty 2016-10-24 18:50 - 2016-10-24 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author 2016-10-24 18:50 - 2016-10-24 18:50 - 00000000 ____D C:\Program Files (x86)\Digiarty 2016-10-24 18:48 - 2016-10-24 18:48 - 00000095 _____ C:\SILENT 2016-10-24 18:48 - 2016-10-24 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2016-10-24 18:48 - 2016-10-24 18:48 - 00000000 ____D C:\Program Files (x86)\LottaDeals 2016-10-24 18:45 - 2016-10-24 18:48 - 00000000 ____D C:\Program Files (x86)\AVG 2016-10-24 18:44 - 2016-10-24 22:13 - 00000000 ____D C:\ProgramData\Avg 2016-10-24 18:44 - 2016-10-24 18:48 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\AvgSetupLog 2016-10-24 18:44 - 2016-10-24 18:48 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Avg 2016-10-24 18:43 - 2016-11-16 20:05 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Lavasoft 2016-10-24 18:43 - 2016-10-24 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2016-10-24 18:42 - 2016-11-16 20:05 - 00000000 ____D C:\ProgramData\Lavasoft 2016-10-24 18:42 - 2016-11-16 20:05 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2016-10-24 18:29 - 2016-10-24 18:29 - 00000000 ____D C:\Users\Ronald Brauer\Documents\Any Video Converter Ultimate 2016-10-22 17:02 - 2016-10-22 17:05 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Kultur ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-21 21:22 - 2014-10-26 13:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-11-21 21:08 - 2010-09-04 14:39 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-21 21:00 - 2014-10-25 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-11-21 19:57 - 2009-07-14 05:45 - 00026528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-21 19:57 - 2009-07-14 05:45 - 00026528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-21 19:45 - 2013-02-09 09:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-11-21 19:43 - 2014-10-26 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-11-21 19:43 - 2014-05-13 19:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-11-21 19:24 - 2009-07-14 18:58 - 00702942 _____ C:\Windows\system32\perfh007.dat 2016-11-21 19:24 - 2009-07-14 18:58 - 00150582 _____ C:\Windows\system32\perfc007.dat 2016-11-21 19:24 - 2009-07-14 06:13 - 01629348 _____ C:\Windows\system32\PerfStringBackup.INI 2016-11-21 19:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-11-21 19:22 - 2016-06-30 17:50 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Skype 2016-11-21 19:12 - 2010-09-04 14:39 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-21 19:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-20 17:51 - 2011-12-22 17:21 - 00000000 ____D C:\Users\Ronald Brauer\AppData\LocalLow\Temp 2016-11-20 17:46 - 2011-12-04 10:39 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\CrashDumps 2016-11-20 17:46 - 2011-05-22 11:56 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\vlc 2016-11-19 17:45 - 2015-10-14 07:47 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-11-18 21:19 - 2016-05-05 20:28 - 00003878 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1446973210 2016-11-18 21:19 - 2014-08-25 17:17 - 00000000 ____D C:\Program Files (x86)\Opera 2016-11-18 08:21 - 2014-10-21 16:07 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Trojaner-Board 2016-11-17 20:57 - 2015-05-13 22:28 - 00000000 ____D C:\Windows\rescache 2016-11-17 18:12 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup 2016-11-17 17:41 - 2010-09-04 14:40 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-16 20:25 - 2014-11-03 22:24 - 00000000 ____D C:\FRST 2016-11-16 20:06 - 2015-01-09 22:33 - 00000000 ____D C:\AdwCleaner 2016-11-16 20:05 - 2016-01-19 15:12 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-11-16 19:46 - 2013-11-13 09:49 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Lotus-Kopien 2016-11-16 18:50 - 2014-10-13 21:43 - 00000058 _____ C:\mbam.txt 2016-11-16 18:27 - 2015-01-09 19:52 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Downloads alt 2016-11-16 16:48 - 2010-04-27 17:45 - 00000000 ____D C:\Users\Alternate 2016-11-14 15:58 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-11-14 15:52 - 2014-10-11 14:45 - 00963362 _____ C:\Windows\ntbtlog.txt 2016-11-11 21:17 - 2010-09-04 14:39 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Google 2016-11-11 16:55 - 2012-01-03 17:00 - 00000000 ____D C:\Program Files (x86)\Java 2016-11-11 07:00 - 2009-07-14 05:45 - 00506896 _____ C:\Windows\system32\FNTCACHE.DAT 2016-11-10 20:09 - 2013-10-28 07:02 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Ron 2016-11-10 16:29 - 2010-05-29 10:24 - 00000000 ____D C:\Users\Ronald Brauer 2016-11-10 09:41 - 2013-08-14 14:37 - 00000000 ____D C:\Windows\system32\MRT 2016-11-10 09:33 - 2009-08-24 09:35 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-11-09 18:56 - 2011-02-10 09:32 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\ElevatedDiagnostics 2016-11-09 08:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-11-09 08:37 - 2010-09-04 16:33 - 01602692 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-11-08 17:19 - 2014-10-25 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-11-08 17:17 - 2014-10-25 13:01 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-11-08 17:17 - 2014-10-25 13:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-08 17:13 - 2011-11-21 07:08 - 00000000 ____D C:\Windows\system32\Macromed 2016-11-08 17:11 - 2010-04-27 18:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-11-07 17:04 - 2015-10-31 16:17 - 00007602 _____ C:\Users\Ronald Brauer\AppData\Local\Resmon.ResmonCfg 2016-11-07 08:26 - 2014-10-13 15:50 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Kaspersky-Probleme 2016-11-06 13:51 - 2011-07-24 11:03 - 00000000 ____D C:\Windows\pss 2016-11-06 13:20 - 2014-04-09 10:46 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\dvdcss 2016-11-06 12:32 - 2015-01-23 08:09 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Download Helper 2016-11-06 08:44 - 2016-03-19 17:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-11-06 08:42 - 2015-09-10 06:13 - 00000000 ____D C:\Program Files\Common Files\AV 2016-11-06 08:10 - 2015-05-22 19:48 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Raptr 2016-11-06 07:58 - 2015-01-08 16:37 - 00005484 _____ C:\Users\Ronald Brauer\AppData\Local\xecutor.xpr 2016-11-06 07:58 - 2015-01-08 16:37 - 00005484 _____ C:\Users\Ronald Brauer\AppData\Local\xecutor._xp 2016-11-06 07:54 - 2015-07-25 08:59 - 00000000 ____D C:\Program Files (x86)\Steam 2016-11-06 07:50 - 2015-01-20 15:47 - 00000000 ____D C:\Program Files (x86)\phonostar-Player 2016-11-06 07:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-11-06 07:49 - 2010-12-12 09:02 - 00000000 ____D C:\ProgramData\Real 2016-11-06 07:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2016-11-04 22:02 - 2013-11-16 09:57 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Amazon und Ebay 2016-11-04 10:08 - 2015-01-05 22:53 - 00000000 ____D C:\Users\Ronald Brauer\.mediathek3 2016-11-02 22:15 - 2015-01-20 19:26 - 00000000 ____D C:\Users\Ronald Brauer\Youtube 2016-10-30 08:46 - 2016-10-11 16:49 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Schnappschuss-VLC 2016-10-29 22:49 - 2015-01-05 22:57 - 00000000 ____D C:\Users\Ronald Brauer\MediathekView 2016-10-27 08:31 - 2016-03-07 16:45 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\PlaysTV 2016-10-27 08:31 - 2015-02-06 18:22 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Anvsoft 2016-10-27 08:31 - 2011-12-22 16:55 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Nero 2016-10-27 06:58 - 2014-08-26 07:54 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Adobe 2016-10-26 16:29 - 2009-10-26 10:10 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-10-24 18:48 - 2012-08-14 14:12 - 00000000 ____D C:\ProgramData\TuneUp Software ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-08-30 21:23 - 2015-12-07 23:32 - 0000133 _____ () C:\Users\Ronald Brauer\AppData\Roaming\Camdata.ini 2015-08-30 21:23 - 2015-12-07 23:32 - 0000408 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamLayout.ini 2015-08-30 21:23 - 2015-12-07 23:32 - 0000408 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamShapes.ini 2015-09-11 13:07 - 2015-12-07 23:32 - 0004536 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.cfg 2015-09-11 15:01 - 2015-09-11 15:01 - 0000098 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.command 2015-09-11 13:13 - 2015-09-25 11:47 - 0000000 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.Data.ini 2015-09-11 13:13 - 2015-09-25 11:47 - 0001206 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.ini 2015-01-07 18:06 - 2015-01-07 18:06 - 0119065 _____ () C:\Users\Ronald Brauer\AppData\Roaming\ExpressBurn.dmp 2015-07-26 10:57 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Ronald Brauer\AppData\Roaming\pdfdrawcodec.dll 2015-05-22 18:34 - 2015-06-24 15:40 - 0013793 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bak 2015-05-22 18:43 - 2015-06-24 14:15 - 0013807 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bk! 2015-05-22 20:43 - 2015-06-24 09:35 - 0013807 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bko 2015-05-22 17:09 - 2015-06-24 16:40 - 0013865 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.ini 2012-04-01 17:34 - 2012-04-01 17:34 - 0078623 _____ () C:\Users\Ronald Brauer\AppData\Roaming\userenv.xml 2012-04-01 17:34 - 2012-04-01 17:34 - 0104787 _____ () C:\Users\Ronald Brauer\AppData\Roaming\userenv.xml.urlencode 2015-08-30 19:23 - 2015-12-07 11:10 - 0000096 _____ () C:\Users\Ronald Brauer\AppData\Roaming\version2.xml 2013-07-30 13:13 - 2014-01-16 14:13 - 0000128 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WB.CFG 2013-12-31 14:25 - 2014-01-02 14:13 - 0000005 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WBPU-Q5-TTL.DAT 2013-06-19 13:13 - 2014-01-16 14:13 - 0000005 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WBPU-TTL.DAT 2010-09-04 16:28 - 2015-07-31 17:17 - 0000784 _____ () C:\Users\Ronald Brauer\AppData\Roaming\wklnhst.dat 2011-12-22 16:13 - 2015-12-20 18:01 - 0037888 _____ () C:\Users\Ronald Brauer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-10-31 16:17 - 2016-11-07 17:04 - 0007602 _____ () C:\Users\Ronald Brauer\AppData\Local\Resmon.ResmonCfg 2015-01-08 17:00 - 2016-11-06 07:56 - 1633369 _____ () C:\Users\Ronald Brauer\AppData\Local\Xecutor.log 2015-01-08 16:37 - 2016-11-06 07:58 - 0005484 _____ () C:\Users\Ronald Brauer\AppData\Local\xecutor.xpr 2015-01-08 16:37 - 2016-11-06 07:58 - 0005484 _____ () C:\Users\Ronald Brauer\AppData\Local\xecutor._xp 2016-07-04 15:42 - 2016-07-04 15:42 - 0000000 _____ () C:\Users\Ronald Brauer\AppData\Local\{B5D6B04A-E7A6-4E42-A149-786037CE73C5} 2015-02-05 12:15 - 2015-02-05 12:15 - 0004864 _____ () C:\ProgramData\vczcspay.tpu Einige Dateien in TEMP: ==================== C:\Users\Ronald Brauer\AppData\Local\Temp\libeay32.dll C:\Users\Ronald Brauer\AppData\Local\Temp\msvcr120.dll C:\Users\Ronald Brauer\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert |
|
21.11.2016, 23:10
| #20 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Und Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01
durchgeführt von Ronald Brauer (21-11-2016 21:35:19)
Gestartet von C:\Users\Ronald Brauer\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-29 09:24:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2689304980-1437917653-2625238874-500 - Administrator - Disabled)
Alternate (S-1-5-21-2689304980-1437917653-2625238874-1003 - Administrator - Enabled) => C:\Users\Alternate
Gast (S-1-5-21-2689304980-1437917653-2625238874-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2689304980-1437917653-2625238874-1002 - Limited - Enabled)
Ronald Brauer (S-1-5-21-2689304980-1437917653-2625238874-1004 - Administrator - Enabled) => C:\Users\Ronald Brauer
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Playpanel (HKLM-x32\...\{69967F97-E880-44B9-8383-5278BBC8809B}) (Version: 1.6.0.22 - Ihr Firmenname)
AGEIA PhysX v7.09.13 (HKLM-x32\...\{45235788-142C-44BE-8A4D-DDE9A84492E5}) (Version: 7.09.13 - AGEIA Technologies, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AngelPacMan (HKLM-x32\...\AngelPacMan_is1) (Version: - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Any DVD Converter Professional 5.8.2 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arx Fatalis (HKLM-x32\...\{96443F45-13E2-11D6-AC87-00D0B7A9E540}) (Version: 1.0.0 - JoWood)
Ashampoo Burning Studio 11 v.11.0.3 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audials (HKLM-x32\...\{4A152727-C4C4-4666-818A-11C9D8AAE71C}) (Version: 12.0.65100.0 - Audials AG)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVM FRITZ!DSL (HKLM-x32\...\{2457326B-C110-40C3-89B0-889CC913871A}) (Version: 2.04.02 - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bidou (HKLM-x32\...\Bidou_is1) (Version: - )
Bolt PDF Printer (HKLM-x32\...\BoltPDF) (Version: 1.20 - NCH Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrettspielWelt (HKLM-x32\...\BrettspielWelt) (Version: 1.0 - BrettspielWelt GmbH)
Brother HL-2030 (HKLM-x32\...\{148E8CA6-BEF1-41C5-8805-BF1286C6884B}) (Version: 1.00 - Brother)
calibre 64bit (HKLM\...\{020EB053-529D-4FFB-AD9F-40374ACB949A}) (Version: 2.57.1 - Kovid Goyal)
CamStudio 2.7.3 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.3 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
concept/design onlineTV 11 (HKLM-x32\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.5.20.0 - concept/design GmbH)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - )
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.16 - NCH Software)
DeepBurner v1.9.0.228 (HKLM-x32\...\{2ADE2157-7A5E-122C-B51D-EB8A01B15943}) (Version: - )
Discover Painting for Kids SE (HKLM-x32\...\Discover Painting for Kids SE) (Version: - )
DivxToDVD 0.5.2b (HKLM-x32\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
Dominoes Deluxe (HKLM-x32\...\Dominoes Deluxe) (Version: - )
Doxillion Dokumentkonverter (HKLM-x32\...\Doxillion) (Version: 2.38 - NCH Software)
dradio-Recorder Version 3.02.6 (HKLM-x32\...\dradio-Recorder_is1) (Version: - )
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 9.1.8.5 (24/01/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Entropy Piano Tuner (HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\{759f3f42-04f6-4249-b26e-3990036ebeb8}) (Version: 1.1.2 - TP III Universität Würzburg)
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.78 - NCH Software)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.18 - NCH Software)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.003 - Ezvid, inc.)
ffdshow [rev 2202] [2008-10-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FFsplit version 0.7 (HKLM-x32\...\{82458834-6226-4A34-AE96-6907354F9F36}_is1) (Version: 0.7 - FFsplit Team)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.1 - MakeMusic)
FormatFactory 3.5.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.1.0 - Format Factory)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free DVD Creator version 2.0 (HKLM-x32\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Studio version 5.0.6 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.2.55.301 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.55.301 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.9.725 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.9.725 - DVDVideoSoft Ltd.)
Freemake Music Box (HKLM-x32\...\Freemake Music Box_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Galaxy of Games Gold Edition (HKLM-x32\...\Galaxy of Games Gold Edition) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{1F0342F5-8369-3CD1-99DD-E9BC44473708}) (Version: 65.107.16500 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
gotomaxx PDFMAILER (HKLM-x32\...\{01310914-E3B8-40E8-BCF7-9C42E0639A43}) (Version: 5.0.21 - gotomaxx GmbH)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
IZArc 4.1.7 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LOADSTREET Web-Media-Sauger Demo (HKLM-x32\...\{DF072839-834E-4AE6-A410-9D825B356A3D}) (Version: 1.00.0000 - LOADSTREET Media GmbH & Co. KG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{E5AB3F65-7FAC-41C6-B176-7599D2404BB2}) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Microsoft Word 2000 SR-1 (HKLM-x32\...\{00170407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mini Golf Special Edition (HKLM-x32\...\Mini Golf Special Edition) (Version: - )
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Morgan M-JPEG codec V3 (HKLM-x32\...\m3jpegV3) (Version: - )
Movavi Screen Capture Studio 6 (HKLM-x32\...\Movavi Screen Capture Studio 6) (Version: 6.1.1 - Movavi)
Mozilla Firefox 48.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 de)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Kwik Media (HKLM-x32\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{BB842C3B-B4B1-4586-BED1-C5F07ABB0E09}) (Version: 16.0.01700 - Nero AG)
OnLine TV Lite (HKLM-x32\...\OnLine TV Lite) (Version: 2.1.3.0 - Intech Software Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Opera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version: - hxxp://www.PDFBearbeiten.net)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery)
phonostar-Player Version 3.03.8 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.14.1-r116718-release - Plays.tv, LLC)
PowerStrip 3 (remove only) (HKLM-x32\...\PowerStrip 3 (remove only)) (Version: - )
Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden
Prism Videodatei-Konverter (HKLM-x32\...\Prism) (Version: 2.09 - NCH Software)
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version: - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
RealDownloader (x32 Version: 18.1.5.699 - RealNetworks) Hidden
RealDownloader (x32 Version: 18.1.5.699 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.5 - RealNetworks)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6010 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Screen Movie Studio version 2.6.2 (HKLM-x32\...\Screen Movie Studio_is1) (Version: - )
Screen Recorder 1 (HKLM-x32\...\Screen Recorder 1) (Version: - )
simfy (HKLM-x32\...\Simfy) (Version: 1.3.0 - simfy GmbH)
simfy (x32 Version: 1.3.0 - simfy GmbH) Hidden
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
smartision ScreenCopy 2.3 (HKLM-x32\...\smartision ScreenCopy_is1) (Version: - Steffen Schramm)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarBurn Version 13 (Build 0x20110818) (HKLM-x32\...\StarBurn_is1) (Version: - StarBurn Software)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - )
StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version: - )
Super Internet TV v8.1 (Free Edition) (HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Super Internet TV (Free Edition)_is1) (Version: - Ahusoft)
Toggla (HKLM-x32\...\Toggla) (Version: 0.0.9 - UNKNOWN)
Toggla (x32 Version: 0.0.9 - UNKNOWN) Hidden
TubeDigger 5.4.4 (HKLM-x32\...\{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1) (Version: 5.4.4 - TubeDigger)
TVAnts 1.0 (HKLM-x32\...\TVAnts 1.0) (Version: - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54000.1001 - Sonix)
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Download Capture Version 4.9.6 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.9.6 - APOWERSOFT LIMITED)
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Video Power (HKLM-x32\...\{17DB3734-EAB4-4717-954B-C860EE162FBA}) (Version: 1.0.24 - Video Power)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 3.59 - NCH Software)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
vs2015_redist x64 (Version: 1.0.0.0 - Realnetworks) Hidden
vs2015_redist x86 (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.17 - NCH Software)
Websuche (HKLM-x32\...\Websuche) (Version: - Websuche)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
Xecutor Version 1.54.4.98 (HKLM-x32\...\{89699A99-8D90-469A-9BD8-72C42FF45317}_is1) (Version: - Xpert-Design Software)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02653693-FFAA-4B55-9D83-46D4235F3AFC} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {0EB609D8-DE66-42D1-B97D-626FE882D847} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\realupgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {12F150B0-0415-44CF-8774-39B5DA8186DA} - System32\Tasks\{7BE5963B-A411-4C19-912D-3B9CAAD6F47C} => pcalua.exe -a "C:\Users\Ronald Brauer\Downloads\Firefox Setup 3.6.3.exe" -d "C:\Users\Ronald Brauer\Downloads"
Task: {2284B655-DEFC-4623-B48F-055452F6DB18} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {23A16D14-176B-4DF8-820A-094B90F7DEA6} - System32\Tasks\{0175D3FF-9509-45F5-96B5-BA0C2EB648D0} => pcalua.exe -a C:\Users\RONALD~1\AppData\Local\Temp\jre-8u60-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {25E5690A-81CE-480B-A133-52814E12CCE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {26C26025-01DB-4DEF-AB26-49CD68D65F3F} - System32\Tasks\{998157E3-2220-4949-ABA3-0320006287EB} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {29DECD71-5196-4743-A063-9C3AA7722902} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2016-09-26] (RealNetworks, Inc.)
Task: {2AC1DFD0-066E-4331-89CA-7D2D34B13E23} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\realupgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {35A0E84A-044D-47E2-B7F0-19D92F75DABB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {44CD8B6C-FAE5-472C-81FE-4E0C0001389E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe
Task: {473560ED-C2D1-4696-B0A6-54D3C3215AF8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {54642987-B14C-47D3-98F9-C5790F090746} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {560465B2-0E84-48FE-BBCE-695B5BB98A38} - System32\Tasks\{EDFBACF0-EBD8-49BC-A6CA-97A14EFEC6D5} => pcalua.exe -a "C:\Users\Ronald Brauer\Desktop\Fritz\avm_fritz!wlan_usb_stick_x64_build_100906.exe" -d "C:\Users\Ronald Brauer\Desktop\Fritz"
Task: {63568D07-00A3-49BE-A62D-1E0C1C4D6A53} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {6B7B7D1E-5D94-4B25-83F2-121F8B55E497} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {6D9BC4D9-88FB-4E48-AFC4-BF38F61AA553} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {75368BED-C7A7-4368-A8BF-BDBF62D31DEF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {8B7C1825-132C-405A-8EEE-A1D3081B225B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {920D8ED6-41D8-4F99-BAD1-A20BA6A46152} - System32\Tasks\Opera scheduled Autoupdate 1446973210 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {93450145-D7C7-46BB-B9F8-2F79CAED83FF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {988F4F4C-AADA-42FB-8BFF-3FFF979FE2AF} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {9E0286DE-0836-4B5F-88C7-242357A8F9C4} - System32\Tasks\{C5A9B0E4-92CF-44D6-89CD-2FAC99741DF8} => C:\Program Files\CamStudio 2.7\Recorder.exe [2013-12-05] (CamStudio Group)
Task: {9E3A09C8-04E1-45BD-B5C8-5293FE368613} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {A2370CC6-C60E-453D-BC47-44D9A87E3BF5} - System32\Tasks\{9C49DF53-6B68-4194-83DA-114388910304} => pcalua.exe -a D:\FSetup.exe -d D:\
Task: {B6FC3F9B-432A-4B2D-8485-687B272AB688} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {CF8C14E0-5D97-417D-BFCF-FCF111FB772F} - System32\Tasks\{043202E6-11F1-4AEE-BDAB-4730F44A3185} => C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASC.exe
Task: {D596EA38-2F6E-476A-BF0B-F8F11B8729A3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\recordingmanager.exe [2016-09-03] (RealNetworks, Inc.)
Task: {D6D986A5-10E6-47CA-A29A-E98DAA2CEE84} - System32\Tasks\RealDownloader Update Check => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [2016-09-03] ()
Task: {D6FC12A6-D575-4FE8-8F9A-BE2E7BCE6336} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {DDD92A5B-C0DA-420D-A2E7-5161F9235882} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DE9AA60A-FAC1-45F1-B22D-403B1557B6B2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {E1E6B097-47B5-4D9D-A6A4-C855344C8061} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {E240B03C-C0C2-4BED-BCCF-BA8A29B7B401} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E7FAB24C-6D88-45EB-9C4C-ECB1D560F9DC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {EBA14F6F-87D5-487C-88BB-00F07C729359} - System32\Tasks\{8B94B6D0-D5B6-4B1D-BA88-7F62DFB1F70B} => pcalua.exe -a "C:\Users\Alternate\Desktop\OpenOffice.org 3.4.1 (de) Installation Files\setup.exe" -d "C:\Users\Alternate\Desktop\OpenOffice.org 3.4.1 (de) Installation Files"
Task: {F28CEB80-6ED3-4942-A919-861BCB77E19A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {F3ABB2E1-11D0-4051-92F0-4D227F013161} - System32\Tasks\{6F47B3DA-2C84-4143-844F-A43C99543700} => pcalua.exe -a "C:\Users\Ronald Brauer\Downloads\OOo_3.3.0_Win_x86_install-wJRE_de.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F84995DD-A581-4769-92D7-225B2862F38C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Ronald Brauer\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html
Shortcut: C:\Users\Ronald Brauer\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
mfG Ronald Nachtrag: Hatte vor Beginn der Scans nur 0,98 GB Festplattenspeicher, habe dann etliche Dateien ausgelagert und dann 11,4 GB gehabt. Nach den Scans sind es nur noch 8,65 GB. Könnte am speicherfressenden Verhalten auch eine Firefox-Datei schuld sein (mein Sohn hatte wohl mal so etwas). Gute Nacht. Ronald |
|
22.11.2016, 00:33
| #21 |
| /// Malwareteam | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Interessantes Problem bei dir. Der FRST Scan bricht so auch bei dir ab und geht offensichtlich nicht wirklich. Wie viel Arbeitsspeicher hast du eigentlich und wie viel hast du da so belegt? Schritt: 1 Du hast mindestens Reste von verschiedenen Antivirenprodukten auf deinem PC. Diese können sich gegenseitig behindern. Deshalb deinstalliere folgende Software mit Hilfe des ESET AV Removal Tools: Download: http://download.eset.com/special/avr...r_nt64_enu.exe Anleitung: ESET AV Remover -- Liste der entfernbaren Anwendungen und Benutzungsanweisungen?ESET Knowledgebase Er sollte mindestens Kaspersky, Spybot - Search & Destroy und Avira finden. Wenn nicht, teile mir das bitte extra hier mit. Im Anschluss an unsere Bereinigung kannst du wieder einen Virenschutz installieren. Schritt: 2 Bitte lade dir das folgende Tool und führe es aus. Warte bis das Tool geladen hat und mache einen Screenshot und füge ihn deiner Antwort an. TreeSize Free - Download - Filepony
__________________ --> Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig |
|
22.11.2016, 09:12
| #22 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Hallo Rafael, mein Computer hat 4 GB Arbeitsspeicher, davon sind jetzt 2,92 GB belegt. Meine Festplatte hat 500 GB, normalerweise sind davon ca 50 GB frei, aber seitdem ich das Speicherfresser-Virus habe, wird der freie Platz bei Benutzung des Computers stets verringert (bis auf 0 GB). Gestern war es wieder soweit, habe dann 10 GB ausgelagert. Heute früh waren es um ca. 7:25 nach Neustart nur noch 7,19 GB, um 8:44 waren es 3,87 GB und jetzt um 9:06 nur noch 3,03 GB. Ich muß mich also beeilen hier, da bei 0 GB nichts mehr geht. AV Remover funktioniert nicht (ich sende die Screenshots) Avira ist nicht gelistet (wurde früher von M-K-D-B entfernt). Screenshot von Treesize folgt auch. AVrem3 ist fehlerhaft, aber nicht so wichtig. Kann es sein, daß AV Remover mehr freien Speicherplatz benötigt als 3 GB? Habe leider kaum noch Dateien zum Auslagern, denn der Virus hat schon ca 150 GB weggefressen. Jetzt sind es nur noch 2,74 GB um 9:16. Ich fahre den Computer herunter und melde mich extern um ca. 15:30 wieder. mfG Ronald |
|
22.11.2016, 21:42
| #23 |
| /// Malwareteam | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Lassen wir doch einfach mal die Daten in Ruhe, wenn er keinen Speicher mehr hat, hat er halt keinen Speicher - darum gibt es trotzdem fast nie Probleme in diesem Fall. Um die fehlerhaften AV-Programme kümmern wir uns später. Schritt: 1 Mach bitte jeweils mindestens einen Screenshot von TreeSizeInfo, wo du einmal "Users" und "ProgramData" soweit erweiterst, dass man erkennen kann, woran es schlussendlich liegt. Schritt: 2 Folge diesen Schritten:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
22.11.2016, 23:51
| #24 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Hallo Rafael, sende Dir die verlangten Screenshots. Um 23:22 war der Festplattenspeicher 2,71 GB "groß", jetzt um 23:52 hat er 2,11 GB. mfG Ronald |
|
23.11.2016, 01:04
| #25 |
| /// Malwareteam | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Du kennst nicht zufällig die Software "MediathekView" bzw. saugst dir Gigabyteweise Filme von Youtube und anderen Mediatheken runter? Aber das ist hier weniger das laufende Problem: einer deiner AV (in deinem Fall Kaspersky) läuft hier wie von mir vermutet ein bisschen Amok. Schritt: 1 Mach das hier mal: https://support.kaspersky.com/de/12220#block1 Schritt: 2 Führe das Removal Tool aus: http://install.avira-update.com/pack...cleaner_de.exe Schritt: 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
23.11.2016, 09:54
| #26 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Das Speicherfresservirus war wohl Kaspersky. Habe die Anweisungen befolgt und nun sind wieder 126 GB Festspeicher frei!!! Avira-Tool hat auch funktioniert (mußte aber im abgesicherten Modus ausgeführt werden). FRST hängt sich wohl wieder auf, ich sende Dir Momentaufnahmen. Habe nochmal Treesize ausgeführt (kann ja nicht schaden) und sende Screenshots. MediathekView ist ein Programm, mit dem ich Sendungen der öffentlichen TV-Sender herunterladen kann (Dokus, Konzerte etc.), Youtube bietet gute Musik-Videos an. Für MediathekView benötige ich aber Java, was ich ja deinstalliert hatte um javaws.exe loszuwerden. Falls mein PC irgendwann wieder "sauber" ist: Kann ich Java wieder installieren, ohne mir das javaws.exe-Problem wieder zu holen? Nun das neue FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01 durchgeführt von Ronald Brauer (Administrator) auf RONALDARNO-PC (23-11-2016 08:48:53) Gestartet von C:\Users\Ronald Brauer\Desktop Geladene Profile: Ronald Brauer (Verfügbare Profile: Alternate & Ronald Brauer) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Sonix) C:\Windows\vsnp2uvc.exe () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Sonix Technology Co., Ltd.) C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe () C:\Program Files (x86)\Real\RealPlayer\RealDownloader\downloader2.exe (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Privoxy\privoxy.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files (x86)\Real\RealPlayer\UpdateService\RealPlayerUpdateSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9639424 2009-12-21] (Realtek Semiconductor) HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.) HKLM-x32\...\Run: [NWEReboot] => [X] HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322048 2011-05-04] (Sonix Technology Co., Ltd.) HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\update\realsched.exe [352648 2016-09-26] (RealNetworks, Inc.) HKLM-x32\...\Run: [RealDownloader] => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [708336 2016-09-03] () Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [42496 2012-10-13] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2411784 2015-04-21] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.) HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29645440 2016-09-12] (Skype Technologies S.A.) HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000 HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Policies\Explorer: [DisallowRun] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-07-26] ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2015-11-28] ShortcutTarget: Privoxy.lnk -> C:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-09-26] ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\Users\Ronald Brauer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Video und DVD - Verknüpfung.lnk [2015-01-08] ShortcutTarget: Video und DVD - Verknüpfung.lnk -> C:\Users\Ronald Brauer\Desktop\Lotus-Kopien\Video und DVD () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{4D3E1A21-93E8-4F97-91A4-28D48EBD8FFC}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{84EE55D2-B916-4ED1-9B84-E41BB1628BBE}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> {C130F831-D2AA-4A22-BD8D-F89F2A705E4A} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-09-03] (RealDownloader) BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-11-06] (AO Kaspersky Lab) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-09-03] (RealDownloader) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-11-06] (AO Kaspersky Lab) BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-11-06] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-11-06] (AO Kaspersky Lab) IE Session Restore: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> ist aktiviert. Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.) Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: WSWSVCUchrome - Kein CLSID Wert StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: w8mqfutb.default-1413719908419 FF ProfilePath: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox [2016-11-09] FF user.js: detected! => C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js [2015-08-28] FF NewTab: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/ FF DefaultSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Google FF DefaultSearchUrl: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/search?btnG=Google+Search&q= FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\JonDoFox -> Google FF SelectedSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Google FF Keyword.URL: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/search?btnG=Google+Search&q= FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_remote_dns", true FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> type", 1 FF Extension: (Amazon-Icon) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\amazon-icon@giga.de [2014-09-25] [ist nicht signiert] FF Extension: (HTTPS-Everywhere) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2013-12-19] [ist nicht signiert] FF Extension: (UnPlug) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\unplug@compunach.xpi [2013-08-06] [ist nicht signiert] FF Extension: (JonDoFox) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2013-11-08] [ist nicht signiert] FF Extension: (Cookie Monster) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2013-12-19] [ist nicht signiert] FF Extension: (NoScript) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (Adblock Plus) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (ProfileSwitcher) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (Kein Name) - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [nicht gefunden] FF Extension: (Kein Name) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files\Updater By Sweetpacks\Firefox [nicht gefunden] FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-09] [ist nicht signiert] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\sparpilot@sparpilot.com [nicht gefunden] FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-11-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml [2013-08-06] FF ProfilePath: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 [2016-11-23] FF user.js: detected! => C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\user.js [2016-03-02] FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> Bing FF SelectedSearchEngine: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> Bing FF Homepage: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> hxxps://web.de FF Session Restore: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> ist aktiviert. FF Keyword.URL: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q= FF NetworkProxy: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> type", 0 FF Extension: (VTzilla) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\info@virustotal.com.xpi [2016-08-16] FF Extension: (Jocly) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\jocly@jetpack.xpi [2016-04-27] FF Extension: (Session Manager) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-03-19] FF Extension: (NoScript) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-23] FF Extension: (Video DownloadHelper) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11] FF Extension: (Adblock Edge) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-27] FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG) FF Plugin-x32: @real.com/nppl3260;version=18.1.5.699 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2016-09-26] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=18.1.5.699 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2016-09-26] (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2689304980-1437917653-2625238874-1004: @phonostar.de/phonostar -> C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2689304980-1437917653-2625238874-1004: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-10-15] ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260 (2).dll [2010-12-12] (RealNetworks, Inc.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-05] <==== ACHTUNG Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.web.de/ CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default [2016-11-20] CHR Extension: (Google Präsentationen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-22] CHR Extension: (Google Docs) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-22] CHR Extension: (Google Drive) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22] CHR Extension: (YouTube) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-17] CHR Extension: (Amazon) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2015-02-04] CHR Extension: (Google-Suche) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22] CHR Extension: (Kaspersky Protection) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-10-17] CHR Extension: (Google Tabellen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-22] CHR Extension: (Google Docs Offline) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23] CHR Extension: (Tube Video Downloader) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfniaofdifgjfhcddboichcpdallcgjp [2016-11-07] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-06] CHR Extension: (Amazon) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-10-19] CHR Extension: (Google Mail) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22] CHR Extension: (Chrome Media Router) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-06] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Ronald Brauer\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-11-08] CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Ronald Brauer\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-09-25] Opera: ======= OPR Extension: (TabHamster) - C:\Users\Ronald Brauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\flaibmngbecjljogddbgojfenfcneanb [2015-12-10] OPR Extension: (Adblock Plus) - C:\Users\Ronald Brauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-11-06] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert] R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-11] (Kaspersky Lab ZAO) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-06-06] (Freemake) [Datei ist nicht signiert] R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-09-23] (SurfRight B.V.) R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-09-28] (Plays.tv, LLC) R2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [35104 2016-09-03] () S2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [987408 2016-09-26] (RealNetworks, Inc.) S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO) R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-21] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-25] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-25] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-23] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R1 PStrip64; C:\Windows\System32\drivers\pstrip64.sys [13008 2006-09-30] () R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-04-21] (Audials AG) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3565312 2011-05-04] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [867824 2015-01-07] () [Datei ist nicht signiert] R1 StarPortLite; C:\Windows\System32\DRIVERS\StarPortLite.sys [120704 2011-11-14] (StarWind Software) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz130; \??\C:\Users\ALTERN~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-23 08:48 - 2016-11-23 08:52 - 00035777 _____ C:\Users\Ronald Brauer\Desktop\FRST.txt 2016-11-23 08:47 - 2016-11-23 08:47 - 00003270 _____ C:\Windows\System32\Tasks\ReclaimerResumeInstall_Ronald Brauer 2016-11-23 08:47 - 2016-11-23 08:47 - 00003264 _____ C:\Windows\System32\Tasks\ReclaimerResumeInstallLogin_Ronald Brauer 2016-11-22 08:57 - 2016-11-22 23:29 - 00001225 _____ C:\Users\Ronald Brauer\Desktop\TreeSize Free.lnk 2016-11-22 08:57 - 2016-11-22 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free 2016-11-22 08:57 - 2016-11-22 08:57 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\JAM Software 2016-11-22 08:57 - 2016-11-22 08:57 - 00000000 ____D C:\Program Files (x86)\JAM Software 2016-11-21 21:35 - 2016-11-21 21:38 - 00033524 _____ C:\Users\Ronald Brauer\Desktop\Addition2016.txt 2016-11-21 21:33 - 2016-11-21 21:35 - 00086850 _____ C:\Users\Ronald Brauer\Desktop\FRST2016.txt 2016-11-21 21:32 - 2016-11-21 21:32 - 02412544 _____ (Farbar) C:\Users\Ronald Brauer\Desktop\FRST64.exe 2016-11-21 21:32 - 2016-11-21 21:32 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\FRST-OlderVersion 2016-11-21 21:29 - 2016-11-21 21:29 - 00005226 _____ C:\Users\Ronald Brauer\Desktop\mbam.txt 2016-11-21 19:43 - 2016-11-21 19:43 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-11-21 19:41 - 2016-11-21 18:48 - 22851472 _____ (Malwarebytes ) C:\Users\Ronald Brauer\Desktop\mbam-setup-2.2.1.1043.exe 2016-11-21 19:39 - 2016-11-21 19:40 - 00110857 _____ C:\Users\Ronald Brauer\Desktop\TDSSlog.txt 2016-11-21 19:35 - 2016-11-21 19:40 - 00221804 _____ C:\TDSSKiller.3.1.0.12_21.11.2016_19.35.08_log.txt 2016-11-21 19:34 - 2016-11-21 18:34 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ronald Brauer\Desktop\tdsskiller.exe 2016-11-18 17:24 - 2016-11-18 17:24 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\7E24010D.sys 2016-11-16 20:19 - 2016-11-16 20:19 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Neuer Ordner 2016-11-11 17:09 - 2016-11-12 08:37 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Unsortiert 2016-11-10 09:28 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-11-10 09:28 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-11-10 09:28 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-11-10 09:28 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2016-11-10 09:28 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2016-11-10 09:27 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-11-10 09:27 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-11-10 09:27 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-11-10 09:27 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-11-10 09:27 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-11-10 09:27 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-11-10 09:27 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-11-10 09:27 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-11-10 09:27 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-11-10 09:27 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-11-10 09:27 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-11-10 09:27 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-11-10 09:27 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-11-10 09:27 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-11-10 09:27 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-11-10 09:27 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-11-10 09:27 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-11-10 09:27 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-11-10 09:27 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-11-10 09:27 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-11-10 09:27 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-11-10 09:27 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-11-10 09:27 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-11-10 09:27 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-11-10 09:27 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-11-10 09:27 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-11-10 09:27 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-11-10 09:27 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-11-10 09:27 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-11-10 09:27 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-11-10 09:27 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-11-10 09:27 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-11-10 09:27 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-11-10 09:27 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-11-10 09:27 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-11-10 09:27 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-11-10 09:27 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-11-10 09:27 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-11-10 09:27 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-11-10 09:27 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-11-10 09:27 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-11-10 09:27 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-11-10 09:27 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-11-10 09:27 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-11-10 09:27 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-11-10 09:27 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-11-10 09:27 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-11-10 09:27 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-11-10 09:27 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-11-10 09:27 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-11-10 09:27 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-11-10 09:27 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-11-10 09:27 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-11-10 09:27 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-11-10 09:27 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-11-10 09:27 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-11-10 09:27 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-11-10 09:27 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-11-10 09:27 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-11-10 09:27 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-11-10 09:27 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-11-10 09:27 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-11-10 09:27 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-11-10 09:27 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-11-10 09:27 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-11-10 09:27 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-11-10 09:27 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2016-11-10 09:27 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2016-11-10 09:27 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2016-11-10 09:27 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2016-11-10 09:27 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2016-11-10 09:27 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2016-11-10 09:27 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME 2016-11-10 09:27 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2016-11-10 09:27 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2016-11-10 09:27 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2016-11-10 09:27 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime 2016-11-10 09:27 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2016-11-10 09:27 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2016-11-10 09:27 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-11-10 09:27 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-11-10 09:27 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-11-10 09:27 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-11-10 09:27 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-11-10 09:27 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-11-10 09:27 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-11-10 09:27 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-11-10 09:27 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-11-10 09:27 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-11-10 09:27 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-11-10 09:27 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-11-10 09:27 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-11-10 09:27 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-11-10 09:27 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-11-10 09:27 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-11-10 09:27 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-11-10 09:27 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-11-10 09:27 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-11-10 09:27 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-11-10 09:27 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2016-11-10 09:26 - 2015-12-20 19:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-11-10 09:26 - 2015-12-20 19:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2016-11-10 09:26 - 2015-12-20 15:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-11-10 09:26 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2016-11-10 06:27 - 2016-11-10 06:27 - 00003394 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 17:59 - 2016-11-09 17:59 - 00003366 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 17:59 - 2016-11-09 17:59 - 00003248 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 08:44 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2016-11-09 08:44 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2016-11-09 08:44 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2016-11-09 08:44 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2016-11-09 08:44 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2016-11-09 08:44 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2016-11-09 08:44 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2016-11-09 08:44 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2016-11-09 08:44 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2016-11-09 08:44 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2016-11-09 08:26 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2016-11-09 08:26 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2016-11-09 08:26 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2016-11-09 08:10 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2016-11-09 08:10 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2016-11-09 08:07 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2016-11-09 08:07 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-11-09 08:07 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-11-09 08:07 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-11-09 08:07 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-11-09 08:06 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-11-09 07:35 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2016-11-09 07:35 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2016-11-09 07:35 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2016-11-09 07:35 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2016-11-09 07:35 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2016-11-08 18:34 - 2016-11-10 06:27 - 00003276 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-06 17:40 - 2016-11-06 22:23 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\EDV-Tipps 2016-11-04 10:53 - 2016-11-06 07:49 - 00000000 ____D C:\Program Files (x86)\TVgenial5.5 2016-11-04 10:53 - 2016-11-04 11:02 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\TVgenial 2016-11-04 10:53 - 2016-11-04 10:54 - 00000000 ____D C:\ProgramData\TVgenial 2016-10-27 06:39 - 2016-10-27 06:39 - 00000000 ____D C:\Users\Ronald Brauer\.QtWebEngineProcess 2016-10-27 06:35 - 2016-10-27 06:35 - 00000000 ____D C:\Users\Ronald Brauer\.Plays.tv 2016-10-24 18:51 - 2016-10-24 21:39 - 00000000 ____D C:\Temp 2016-10-24 18:51 - 2016-10-24 18:51 - 00000000 ____D C:\Users\Ronald Brauer\Documents\My Videos 2016-10-24 18:51 - 2016-10-24 18:51 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Digiarty 2016-10-24 18:50 - 2016-10-24 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author 2016-10-24 18:50 - 2016-10-24 18:50 - 00000000 ____D C:\Program Files (x86)\Digiarty 2016-10-24 18:48 - 2016-10-24 18:48 - 00000095 _____ C:\SILENT 2016-10-24 18:48 - 2016-10-24 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2016-10-24 18:48 - 2016-10-24 18:48 - 00000000 ____D C:\Program Files (x86)\LottaDeals 2016-10-24 18:45 - 2016-10-24 18:48 - 00000000 ____D C:\Program Files (x86)\AVG 2016-10-24 18:44 - 2016-10-24 22:13 - 00000000 ____D C:\ProgramData\Avg 2016-10-24 18:44 - 2016-10-24 18:48 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\AvgSetupLog 2016-10-24 18:44 - 2016-10-24 18:48 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Avg 2016-10-24 18:43 - 2016-11-16 20:05 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Lavasoft 2016-10-24 18:43 - 2016-10-24 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2016-10-24 18:42 - 2016-11-16 20:05 - 00000000 ____D C:\ProgramData\Lavasoft 2016-10-24 18:42 - 2016-11-16 20:05 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2016-10-24 18:29 - 2016-10-24 18:29 - 00000000 ____D C:\Users\Ronald Brauer\Documents\Any Video Converter Ultimate ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-23 08:46 - 2016-06-30 17:50 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Skype 2016-11-23 08:46 - 2014-10-26 13:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-11-23 08:41 - 2013-02-09 09:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-11-23 08:38 - 2010-09-04 14:39 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-23 08:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-23 08:37 - 2014-10-11 14:45 - 01172274 _____ C:\Windows\ntbtlog.txt 2016-11-23 08:28 - 2011-12-22 17:21 - 00000000 ____D C:\Users\Ronald Brauer\AppData\LocalLow\Temp 2016-11-23 08:21 - 2009-07-14 05:45 - 00026528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-23 08:21 - 2009-07-14 05:45 - 00026528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-23 08:12 - 2010-09-04 14:39 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-22 23:45 - 2014-10-21 16:07 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Trojaner-Board 2016-11-22 09:00 - 2014-10-25 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-11-22 08:54 - 2011-12-04 10:39 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\CrashDumps 2016-11-22 07:24 - 2009-07-14 18:58 - 00702942 _____ C:\Windows\system32\perfh007.dat 2016-11-22 07:24 - 2009-07-14 18:58 - 00150582 _____ C:\Windows\system32\perfc007.dat 2016-11-22 07:24 - 2009-07-14 06:13 - 01629348 _____ C:\Windows\system32\PerfStringBackup.INI 2016-11-22 07:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-11-22 07:17 - 2014-05-13 19:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-11-21 23:38 - 2011-05-22 11:56 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\vlc 2016-11-21 19:43 - 2014-10-26 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-11-19 17:45 - 2015-10-14 07:47 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-11-18 21:19 - 2016-05-05 20:28 - 00003878 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1446973210 2016-11-18 21:19 - 2014-08-25 17:17 - 00000000 ____D C:\Program Files (x86)\Opera 2016-11-17 20:57 - 2015-05-13 22:28 - 00000000 ____D C:\Windows\rescache 2016-11-17 18:12 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup 2016-11-17 17:41 - 2010-09-04 14:40 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-16 20:25 - 2014-11-03 22:24 - 00000000 ____D C:\FRST 2016-11-16 20:06 - 2015-01-09 22:33 - 00000000 ____D C:\AdwCleaner 2016-11-16 20:05 - 2016-01-19 15:12 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-11-16 19:46 - 2013-11-13 09:49 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Lotus-Kopien 2016-11-16 18:50 - 2014-10-13 21:43 - 00000058 _____ C:\mbam.txt 2016-11-16 18:27 - 2015-01-09 19:52 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Downloads alt 2016-11-16 16:48 - 2010-04-27 17:45 - 00000000 ____D C:\Users\Alternate 2016-11-14 15:58 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-11-11 21:17 - 2010-09-04 14:39 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Google 2016-11-11 16:55 - 2012-01-03 17:00 - 00000000 ____D C:\Program Files (x86)\Java 2016-11-11 07:00 - 2009-07-14 05:45 - 00506896 _____ C:\Windows\system32\FNTCACHE.DAT 2016-11-10 20:09 - 2013-10-28 07:02 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Ron 2016-11-10 16:29 - 2010-05-29 10:24 - 00000000 ____D C:\Users\Ronald Brauer 2016-11-10 09:41 - 2013-08-14 14:37 - 00000000 ____D C:\Windows\system32\MRT 2016-11-10 09:33 - 2009-08-24 09:35 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-11-09 18:56 - 2011-02-10 09:32 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\ElevatedDiagnostics 2016-11-09 08:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-11-09 08:37 - 2010-09-04 16:33 - 01602692 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-11-08 17:19 - 2014-10-25 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-11-08 17:17 - 2014-10-25 13:01 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-11-08 17:17 - 2014-10-25 13:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-08 17:13 - 2011-11-21 07:08 - 00000000 ____D C:\Windows\system32\Macromed 2016-11-08 17:11 - 2010-04-27 18:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-11-07 17:04 - 2015-10-31 16:17 - 00007602 _____ C:\Users\Ronald Brauer\AppData\Local\Resmon.ResmonCfg 2016-11-07 08:26 - 2014-10-13 15:50 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Kaspersky-Probleme 2016-11-06 13:51 - 2011-07-24 11:03 - 00000000 ____D C:\Windows\pss 2016-11-06 13:20 - 2014-04-09 10:46 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\dvdcss 2016-11-06 12:32 - 2015-01-23 08:09 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Download Helper 2016-11-06 08:44 - 2016-03-19 17:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-11-06 08:42 - 2015-09-10 06:13 - 00000000 ____D C:\Program Files\Common Files\AV 2016-11-06 08:10 - 2015-05-22 19:48 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Raptr 2016-11-06 07:58 - 2015-01-08 16:37 - 00005484 _____ C:\Users\Ronald Brauer\AppData\Local\xecutor.xpr 2016-11-06 07:58 - 2015-01-08 16:37 - 00005484 _____ C:\Users\Ronald Brauer\AppData\Local\xecutor._xp 2016-11-06 07:54 - 2015-07-25 08:59 - 00000000 ____D C:\Program Files (x86)\Steam 2016-11-06 07:50 - 2015-01-20 15:47 - 00000000 ____D C:\Program Files (x86)\phonostar-Player 2016-11-06 07:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-11-06 07:49 - 2010-12-12 09:02 - 00000000 ____D C:\ProgramData\Real 2016-11-06 07:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2016-11-04 22:02 - 2013-11-16 09:57 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Amazon und Ebay 2016-11-04 10:08 - 2015-01-05 22:53 - 00000000 ____D C:\Users\Ronald Brauer\.mediathek3 2016-11-02 22:15 - 2015-01-20 19:26 - 00000000 ____D C:\Users\Ronald Brauer\Youtube 2016-10-30 08:46 - 2016-10-11 16:49 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Schnappschuss-VLC 2016-10-29 22:49 - 2015-01-05 22:57 - 00000000 ____D C:\Users\Ronald Brauer\MediathekView 2016-10-27 08:31 - 2016-03-07 16:45 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\PlaysTV 2016-10-27 08:31 - 2015-02-06 18:22 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Anvsoft 2016-10-27 08:31 - 2011-12-22 16:55 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Nero 2016-10-27 06:58 - 2014-08-26 07:54 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Adobe 2016-10-26 16:29 - 2009-10-26 10:10 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-10-24 18:48 - 2012-08-14 14:12 - 00000000 ____D C:\ProgramData\TuneUp Software ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-08-30 21:23 - 2015-12-07 23:32 - 0000133 _____ () C:\Users\Ronald Brauer\AppData\Roaming\Camdata.ini 2015-08-30 21:23 - 2015-12-07 23:32 - 0000408 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamLayout.ini 2015-08-30 21:23 - 2015-12-07 23:32 - 0000408 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamShapes.ini 2015-09-11 13:07 - 2015-12-07 23:32 - 0004536 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.cfg 2015-09-11 15:01 - 2015-09-11 15:01 - 0000098 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.command 2015-09-11 13:13 - 2015-09-25 11:47 - 0000000 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.Data.ini 2015-09-11 13:13 - 2015-09-25 11:47 - 0001206 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.ini 2015-01-07 18:06 - 2015-01-07 18:06 - 0119065 _____ () C:\Users\Ronald Brauer\AppData\Roaming\ExpressBurn.dmp 2015-07-26 10:57 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Ronald Brauer\AppData\Roaming\pdfdrawcodec.dll 2015-05-22 18:34 - 2015-06-24 15:40 - 0013793 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bak 2015-05-22 18:43 - 2015-06-24 14:15 - 0013807 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bk! 2015-05-22 20:43 - 2015-06-24 09:35 - 0013807 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bko 2015-05-22 17:09 - 2015-06-24 16:40 - 0013865 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.ini 2012-04-01 17:34 - 2012-04-01 17:34 - 0078623 _____ () C:\Users\Ronald Brauer\AppData\Roaming\userenv.xml 2012-04-01 17:34 - 2012-04-01 17:34 - 0104787 _____ () C:\Users\Ronald Brauer\AppData\Roaming\userenv.xml.urlencode 2015-08-30 19:23 - 2015-12-07 11:10 - 0000096 _____ () C:\Users\Ronald Brauer\AppData\Roaming\version2.xml 2013-07-30 13:13 - 2014-01-16 14:13 - 0000128 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WB.CFG 2013-12-31 14:25 - 2014-01-02 14:13 - 0000005 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WBPU-Q5-TTL.DAT 2013-06-19 13:13 - 2014-01-16 14:13 - 0000005 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WBPU-TTL.DAT 2010-09-04 16:28 - 2015-07-31 17:17 - 0000784 _____ () C:\Users\Ronald Brauer\AppData\Roaming\wklnhst.dat 2011-12-22 16:13 - 2015-12-20 18:01 - 0037888 _____ () C:\Users\Ronald Brauer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-10-31 16:17 - 2016-11-07 17:04 - 0007602 _____ () C:\Users\Ronald Brauer\AppData\Local\Resmon.ResmonCfg 2015-01-08 17:00 - 2016-11-06 07:56 - 1633369 _____ () C:\Users\Ronald Brauer\AppData\Local\Xecutor.log 2015-01-08 16:37 - 2016-11-06 07:58 - 0005484 _____ () C:\Users\Ronald Brauer\AppData\Local\xecutor.xpr 2015-01-08 16:37 - 2016-11-06 07:58 - 0005484 _____ () C:\Users\Ronald Brauer\AppData\Local\xecutor._xp 2016-07-04 15:42 - 2016-07-04 15:42 - 0000000 _____ () C:\Users\Ronald Brauer\AppData\Local\{B5D6B04A-E7A6-4E42-A149-786037CE73C5} 2015-02-05 12:15 - 2015-02-05 12:15 - 0004864 _____ () C:\ProgramData\vczcspay.tpu Einige Dateien in TEMP: ==================== C:\Users\Ronald Brauer\AppData\Local\Temp\libeay32.dll C:\Users\Ronald Brauer\AppData\Local\Temp\msvcr120.dll C:\Users\Ronald Brauer\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert |
|
23.11.2016, 09:55
| #27 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Und nun das Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01
durchgeführt von Ronald Brauer (23-11-2016 08:54:01)
Gestartet von C:\Users\Ronald Brauer\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-29 09:24:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2689304980-1437917653-2625238874-500 - Administrator - Disabled)
Alternate (S-1-5-21-2689304980-1437917653-2625238874-1003 - Administrator - Enabled) => C:\Users\Alternate
Gast (S-1-5-21-2689304980-1437917653-2625238874-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2689304980-1437917653-2625238874-1002 - Limited - Enabled)
Ronald Brauer (S-1-5-21-2689304980-1437917653-2625238874-1004 - Administrator - Enabled) => C:\Users\Ronald Brauer
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Playpanel (HKLM-x32\...\{69967F97-E880-44B9-8383-5278BBC8809B}) (Version: 1.6.0.22 - Ihr Firmenname)
AGEIA PhysX v7.09.13 (HKLM-x32\...\{45235788-142C-44BE-8A4D-DDE9A84492E5}) (Version: 7.09.13 - AGEIA Technologies, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AngelPacMan (HKLM-x32\...\AngelPacMan_is1) (Version: - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Any DVD Converter Professional 5.8.2 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arx Fatalis (HKLM-x32\...\{96443F45-13E2-11D6-AC87-00D0B7A9E540}) (Version: 1.0.0 - JoWood)
Ashampoo Burning Studio 11 v.11.0.3 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audials (HKLM-x32\...\{4A152727-C4C4-4666-818A-11C9D8AAE71C}) (Version: 12.0.65100.0 - Audials AG)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVM FRITZ!DSL (HKLM-x32\...\{2457326B-C110-40C3-89B0-889CC913871A}) (Version: 2.04.02 - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bidou (HKLM-x32\...\Bidou_is1) (Version: - )
Bolt PDF Printer (HKLM-x32\...\BoltPDF) (Version: 1.20 - NCH Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrettspielWelt (HKLM-x32\...\BrettspielWelt) (Version: 1.0 - BrettspielWelt GmbH)
Brother HL-2030 (HKLM-x32\...\{148E8CA6-BEF1-41C5-8805-BF1286C6884B}) (Version: 1.00 - Brother)
calibre 64bit (HKLM\...\{020EB053-529D-4FFB-AD9F-40374ACB949A}) (Version: 2.57.1 - Kovid Goyal)
CamStudio 2.7.3 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.3 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
concept/design onlineTV 11 (HKLM-x32\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.5.20.0 - concept/design GmbH)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - )
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.16 - NCH Software)
DeepBurner v1.9.0.228 (HKLM-x32\...\{2ADE2157-7A5E-122C-B51D-EB8A01B15943}) (Version: - )
Discover Painting for Kids SE (HKLM-x32\...\Discover Painting for Kids SE) (Version: - )
DivxToDVD 0.5.2b (HKLM-x32\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
Dominoes Deluxe (HKLM-x32\...\Dominoes Deluxe) (Version: - )
Doxillion Dokumentkonverter (HKLM-x32\...\Doxillion) (Version: 2.38 - NCH Software)
dradio-Recorder Version 3.02.6 (HKLM-x32\...\dradio-Recorder_is1) (Version: - )
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 9.1.8.5 (24/01/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Entropy Piano Tuner (HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\{759f3f42-04f6-4249-b26e-3990036ebeb8}) (Version: 1.1.2 - TP III Universität Würzburg)
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.78 - NCH Software)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.18 - NCH Software)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.003 - Ezvid, inc.)
ffdshow [rev 2202] [2008-10-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FFsplit version 0.7 (HKLM-x32\...\{82458834-6226-4A34-AE96-6907354F9F36}_is1) (Version: 0.7 - FFsplit Team)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.1 - MakeMusic)
FormatFactory 3.5.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.1.0 - Format Factory)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free DVD Creator version 2.0 (HKLM-x32\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Studio version 5.0.6 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.2.55.301 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.55.301 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.9.725 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.9.725 - DVDVideoSoft Ltd.)
Freemake Music Box (HKLM-x32\...\Freemake Music Box_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Galaxy of Games Gold Edition (HKLM-x32\...\Galaxy of Games Gold Edition) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{1F0342F5-8369-3CD1-99DD-E9BC44473708}) (Version: 65.107.16500 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
gotomaxx PDFMAILER (HKLM-x32\...\{01310914-E3B8-40E8-BCF7-9C42E0639A43}) (Version: 5.0.21 - gotomaxx GmbH)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
IZArc 4.1.7 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LOADSTREET Web-Media-Sauger Demo (HKLM-x32\...\{DF072839-834E-4AE6-A410-9D825B356A3D}) (Version: 1.00.0000 - LOADSTREET Media GmbH & Co. KG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{E5AB3F65-7FAC-41C6-B176-7599D2404BB2}) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Microsoft Word 2000 SR-1 (HKLM-x32\...\{00170407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mini Golf Special Edition (HKLM-x32\...\Mini Golf Special Edition) (Version: - )
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Morgan M-JPEG codec V3 (HKLM-x32\...\m3jpegV3) (Version: - )
Movavi Screen Capture Studio 6 (HKLM-x32\...\Movavi Screen Capture Studio 6) (Version: 6.1.1 - Movavi)
Mozilla Firefox 48.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 de)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Kwik Media (HKLM-x32\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{BB842C3B-B4B1-4586-BED1-C5F07ABB0E09}) (Version: 16.0.01700 - Nero AG)
OnLine TV Lite (HKLM-x32\...\OnLine TV Lite) (Version: 2.1.3.0 - Intech Software Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Opera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version: - hxxp://www.PDFBearbeiten.net)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery)
phonostar-Player Version 3.03.8 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.14.1-r116718-release - Plays.tv, LLC)
PowerStrip 3 (remove only) (HKLM-x32\...\PowerStrip 3 (remove only)) (Version: - )
Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden
Prism Videodatei-Konverter (HKLM-x32\...\Prism) (Version: 2.09 - NCH Software)
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version: - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
RealDownloader (x32 Version: 18.1.5.699 - RealNetworks) Hidden
RealDownloader (x32 Version: 18.1.5.699 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.5 - RealNetworks)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6010 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Screen Movie Studio version 2.6.2 (HKLM-x32\...\Screen Movie Studio_is1) (Version: - )
Screen Recorder 1 (HKLM-x32\...\Screen Recorder 1) (Version: - )
simfy (HKLM-x32\...\Simfy) (Version: 1.3.0 - simfy GmbH)
simfy (x32 Version: 1.3.0 - simfy GmbH) Hidden
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
smartision ScreenCopy 2.3 (HKLM-x32\...\smartision ScreenCopy_is1) (Version: - Steffen Schramm)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarBurn Version 13 (Build 0x20110818) (HKLM-x32\...\StarBurn_is1) (Version: - StarBurn Software)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - )
StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version: - )
Super Internet TV v8.1 (Free Edition) (HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Super Internet TV (Free Edition)_is1) (Version: - Ahusoft)
Toggla (HKLM-x32\...\Toggla) (Version: 0.0.9 - UNKNOWN)
Toggla (x32 Version: 0.0.9 - UNKNOWN) Hidden
TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
TubeDigger 5.4.4 (HKLM-x32\...\{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1) (Version: 5.4.4 - TubeDigger)
TVAnts 1.0 (HKLM-x32\...\TVAnts 1.0) (Version: - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54000.1001 - Sonix)
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Download Capture Version 4.9.6 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.9.6 - APOWERSOFT LIMITED)
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Video Power (HKLM-x32\...\{17DB3734-EAB4-4717-954B-C860EE162FBA}) (Version: 1.0.24 - Video Power)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 3.59 - NCH Software)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
vs2015_redist x64 (Version: 1.0.0.0 - Realnetworks) Hidden
vs2015_redist x86 (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.17 - NCH Software)
Websuche (HKLM-x32\...\Websuche) (Version: - Websuche)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
Xecutor Version 1.54.4.98 (HKLM-x32\...\{89699A99-8D90-469A-9BD8-72C42FF45317}_is1) (Version: - Xpert-Design Software)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02653693-FFAA-4B55-9D83-46D4235F3AFC} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {0EB609D8-DE66-42D1-B97D-626FE882D847} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\realupgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {12F150B0-0415-44CF-8774-39B5DA8186DA} - System32\Tasks\{7BE5963B-A411-4C19-912D-3B9CAAD6F47C} => pcalua.exe -a "C:\Users\Ronald Brauer\Downloads\Firefox Setup 3.6.3.exe" -d "C:\Users\Ronald Brauer\Downloads"
Task: {2284B655-DEFC-4623-B48F-055452F6DB18} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {23A16D14-176B-4DF8-820A-094B90F7DEA6} - System32\Tasks\{0175D3FF-9509-45F5-96B5-BA0C2EB648D0} => pcalua.exe -a C:\Users\RONALD~1\AppData\Local\Temp\jre-8u60-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {25E5690A-81CE-480B-A133-52814E12CCE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {26C26025-01DB-4DEF-AB26-49CD68D65F3F} - System32\Tasks\{998157E3-2220-4949-ABA3-0320006287EB} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {29DECD71-5196-4743-A063-9C3AA7722902} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2016-09-26] (RealNetworks, Inc.)
Task: {2AC1DFD0-066E-4331-89CA-7D2D34B13E23} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\realupgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {35A0E84A-044D-47E2-B7F0-19D92F75DABB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {415B27EC-96DC-46C6-B02B-ABAA39519C58} - System32\Tasks\ReclaimerResumeInstallLogin_Ronald Brauer => C:\Users\Ronald Brauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-23] (RealNetworks, Inc.)
Task: {44CD8B6C-FAE5-472C-81FE-4E0C0001389E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe
Task: {473560ED-C2D1-4696-B0A6-54D3C3215AF8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {54642987-B14C-47D3-98F9-C5790F090746} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {560465B2-0E84-48FE-BBCE-695B5BB98A38} - System32\Tasks\{EDFBACF0-EBD8-49BC-A6CA-97A14EFEC6D5} => pcalua.exe -a "C:\Users\Ronald Brauer\Desktop\Fritz\avm_fritz!wlan_usb_stick_x64_build_100906.exe" -d "C:\Users\Ronald Brauer\Desktop\Fritz"
Task: {63568D07-00A3-49BE-A62D-1E0C1C4D6A53} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {645599DF-507F-44D7-B607-95FC30CEB89D} - System32\Tasks\ReclaimerResumeInstall_Ronald Brauer => C:\Users\Ronald Brauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-23] (RealNetworks, Inc.)
Task: {6B7B7D1E-5D94-4B25-83F2-121F8B55E497} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {6D9BC4D9-88FB-4E48-AFC4-BF38F61AA553} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {75368BED-C7A7-4368-A8BF-BDBF62D31DEF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {8B7C1825-132C-405A-8EEE-A1D3081B225B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {920D8ED6-41D8-4F99-BAD1-A20BA6A46152} - System32\Tasks\Opera scheduled Autoupdate 1446973210 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {93450145-D7C7-46BB-B9F8-2F79CAED83FF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {988F4F4C-AADA-42FB-8BFF-3FFF979FE2AF} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {9E0286DE-0836-4B5F-88C7-242357A8F9C4} - System32\Tasks\{C5A9B0E4-92CF-44D6-89CD-2FAC99741DF8} => C:\Program Files\CamStudio 2.7\Recorder.exe [2013-12-05] (CamStudio Group)
Task: {9E3A09C8-04E1-45BD-B5C8-5293FE368613} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {A2370CC6-C60E-453D-BC47-44D9A87E3BF5} - System32\Tasks\{9C49DF53-6B68-4194-83DA-114388910304} => pcalua.exe -a D:\FSetup.exe -d D:\
Task: {B6FC3F9B-432A-4B2D-8485-687B272AB688} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {CF8C14E0-5D97-417D-BFCF-FCF111FB772F} - System32\Tasks\{043202E6-11F1-4AEE-BDAB-4730F44A3185} => C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASC.exe
Task: {D596EA38-2F6E-476A-BF0B-F8F11B8729A3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\recordingmanager.exe [2016-09-03] (RealNetworks, Inc.)
Task: {D6D986A5-10E6-47CA-A29A-E98DAA2CEE84} - System32\Tasks\RealDownloader Update Check => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [2016-09-03] ()
Task: {D6FC12A6-D575-4FE8-8F9A-BE2E7BCE6336} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {DDD92A5B-C0DA-420D-A2E7-5161F9235882} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DE9AA60A-FAC1-45F1-B22D-403B1557B6B2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {E1E6B097-47B5-4D9D-A6A4-C855344C8061} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {E240B03C-C0C2-4BED-BCCF-BA8A29B7B401} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E7FAB24C-6D88-45EB-9C4C-ECB1D560F9DC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {EBA14F6F-87D5-487C-88BB-00F07C729359} - System32\Tasks\{8B94B6D0-D5B6-4B1D-BA88-7F62DFB1F70B} => pcalua.exe -a "C:\Users\Alternate\Desktop\OpenOffice.org 3.4.1 (de) Installation Files\setup.exe" -d "C:\Users\Alternate\Desktop\OpenOffice.org 3.4.1 (de) Installation Files"
Task: {F28CEB80-6ED3-4942-A919-861BCB77E19A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {F3ABB2E1-11D0-4051-92F0-4D227F013161} - System32\Tasks\{6F47B3DA-2C84-4143-844F-A43C99543700} => pcalua.exe -a "C:\Users\Ronald Brauer\Downloads\OOo_3.3.0_Win_x86_install-wJRE_de.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F84995DD-A581-4769-92D7-225B2862F38C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Ronald Brauer\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html
Shortcut: C:\Users\Ronald Brauer\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
Ronald |
|
23.11.2016, 13:41
| #28 |
| /// Malwareteam | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Das ist doch super! Normal kann man Java verwenden, solange man es aktuell hält und wirklich Programme hat, die es benötigen.. Schritt: 1 Deinstallieren wir mal: Spybot - Search & Destroy 2 Kaspersky aus der Systemsteuerung. Starte deinen PC noch einmal extra neu. Schritt: 2 ESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern... Schritt: 3 Lösche FRST und lade es bitte neu herunter. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Sollte sich das Programm aufhängen, breche es bitte nach etwa einer Stunde ab und Teile mir das mit.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
24.11.2016, 09:12
| #29 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Habe alles gemacht, aber neue FRST hängt sich wieder auf, s. Anhang. Hier die ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c5fc2d36bb56484d89513471c0e39d6a
# end=init
# utc_time=2016-11-23 05:23:33
# local_time=2016-11-23 06:23:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31507
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c5fc2d36bb56484d89513471c0e39d6a
# end=updated
# utc_time=2016-11-23 05:30:53
# local_time=2016-11-23 06:30:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c5fc2d36bb56484d89513471c0e39d6a
# engine=31507
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-11-23 09:10:01
# local_time=2016-11-23 10:10:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 18535 231565251 0 0
# scanned=431241
# found=34
# cleaned=0
# scan_time=13147
sh=D62E826B13E242DC0BABCAD05E3A4613795A024F ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi.vir"
sh=1C615B43E780FB434AA3F923C6195A1BBBF34C9C ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ronald Brauer\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\application.xap.vir"
sh=FDB3E0895EF04C75E64473B2D7BFDFA398C89312 ft=1 fh=2eb37301e1b0e982 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ronald Brauer\AppData\Roaming\Security Systems\uninstall.exe.vir"
sh=4AC59A227ED21E6D449A8AD079C4F37BE5584040 ft=1 fh=6e7e54c24a0481bf vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\files\njxwfqeizrdxionbcwsiokcsedricuiv\3GPConverter.exe"
sh=BF94FFE35F2796D7564CDB8FBCB5227ABF2C243C ft=1 fh=2c0c15ddc8289e70 vn="Variante von Win32/Toolbar.Zugo evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\qlipso-qlipso-silent-us.exe"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\AppData\LocalLow\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"
sh=4766AF6197A6C8D4FF526EF0307B9870F7A8BC11 ft=0 fh=0000000000000000 vn="Win32/SweetIM.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0\flavour.js"
sh=96782E610940265452A5866899E108A440602F61 ft=1 fh=e2b5f6e68841dc2b vn="Win32/SweetIM.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0\mgHelperGC.dll"
sh=1D2B2244C42AB1D687AE046AA280D719D4C41359 ft=0 fh=0000000000000000 vn="Win32/SweetIM.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0\newtab.js"
sh=ACA857771106E4FCFBFA9F55483C716777E90624 ft=0 fh=0000000000000000 vn="Win32/SweetIM.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0\toolbar.js"
sh=2F074FF6995CE4BD79FCF3C89FD7076C73680DF9 ft=0 fh=0000000000000000 vn="Variante von Win32/RealNetworks.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FO0F26YQ\stubinst_pkg_de[1].cab"
sh=2F074FF6995CE4BD79FCF3C89FD7076C73680DF9 ft=0 fh=0000000000000000 vn="Variante von Win32/RealNetworks.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\stub_data\stubinst_pkg_de.cab"
sh=245E9E9953C37F6F33A502A0F01F6F64E1078699 ft=1 fh=a35d721d269be413 vn="Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Desktop\Downloads alt\aGlotze-lnstall.exe"
sh=680655824CFD1B2EC0F98F926CAFA9080254CD08 ft=1 fh=98feef2c771e068c vn="Win32/InstallCore.ADX evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Desktop\Downloads alt\JDownloader2Setup.exe"
sh=9AEBEE7641B5FE24A98AF69654F1C8DFA1D949DD ft=1 fh=3d762e89269be413 vn="Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Desktop\Downloads alt\Nero-lnstall.exe"
sh=E59C9C59A8812E36A926419ED4D829E3326905C3 ft=1 fh=b254660e269be413 vn="Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Desktop\Installer\HyperCam-lnstall.exe"
sh=2FFCC8280C0F7BBB1BD1E6C41031F7CCB32CCFD9 ft=1 fh=df358b5fb80cd20c vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Desktop\Installer\streamtransport_setup.exe"
sh=8752DA1E091F7757B8D9DD6475DD0365F386FCE3 ft=1 fh=7f55cf4347b94167 vn="Win32/Adware.Agent.NQE Anwendung" ac=I fn="C:\Users\Ronald Brauer\Desktop\Ron\Neue Downloads\setup_chrispc_free_videotube_downloader_8_15.exe"
sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Desktop\Ron\Neue Downloads\streamtransportsetup_25412.exe"
sh=EE87B912450E4EAA9D6E1BF7433FBC04704B8C21 ft=1 fh=4a67aee7c01503bb vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Documents\Downloads\asc4-setup-softonic1.exe"
sh=450BC07BDF16426A927CFDCF6952C70D8CE5E9F5 ft=1 fh=c6a73bdcdf60520b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\ashampoo_burning_studio_6_free_6.80_3639.exe"
sh=06977876214127AC5052A6A55CE78BC1970B67C2 ft=1 fh=d7d319bad21a386b vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\FFSetup3.5.1.exe"
sh=436C7AF9C33B696548C59A9CD5E26D6DE207159A ft=1 fh=5c0a7e90440ff25b vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\Free PDF to Word Doc Converter - CHIP-Downloader.exe"
sh=6588CEE0C31796B988025038C2E6F197A899796C ft=1 fh=4d7165e649c51626 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\FreeStudio.exe"
sh=9B36CFE3F6F67BD682180D7B137B3A0BA991B092 ft=1 fh=e258c51ba23aaec4 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\FreeYouTubeDownload21030.exe"
sh=FC36E37C5AF2A351DCD003127821BE33E48D56CF ft=1 fh=cc013aa1066e7274 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\FreeYouTubeToMp3Converter.exe"
sh=0CE48DA603A5E7431002CE4ACA1F1546C5D6579E ft=1 fh=a7cab65addc4a365 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\FreeYouTubeToMP3Converter32.exe"
sh=DD4905615F043634032381D92600859320DC1DBD ft=1 fh=d7eb22e9e4a537bb vn="Variante von Win32/InstallCore.ADX.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\Nero_MediaHome_setup-16-8c_softonic_free.exe"
sh=C55FB4B8F8A5EA27231F5F61792D662E6CF617EE ft=1 fh=17ffc4c4e99e13ed vn="Variante von Win32/Toolbar.Conduit.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\prismsetup.exe"
sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\streamtransportsetup_25412.exe"
sh=3C26CA142E5A92936611842EE4E474BAD4D94693 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\Bewerbung wurde erfolgreich eingetragen-Dateien\default_adapter.js"
sh=B2FAD413E2E26181EFA3E9DF32FE87A4265D5F87 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\Bewerbung wurde erfolgreich eingetragen-Dateien\minibar.js"
sh=66F4780CB3ECD9E5A7B57C5E232BAE3BF3D05BBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\Bewerbung wurde erfolgreich eingetragen-Dateien\minibar_002.js"
sh=829853158C9D1F1212D39CE6056E8C7DD16F4E36 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ronald Brauer\Downloads\Bewerbung wurde erfolgreich eingetragen-Dateien\minibar_003.js"
Ronald |
|
24.11.2016, 15:36
| #30 |
| | Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig Heute früh die FRST.txt vergessen: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016 durchgeführt von Ronald Brauer (Administrator) auf RONALDARNO-PC (24-11-2016 08:20:38) Gestartet von C:\Users\Ronald Brauer\Desktop Geladene Profile: Ronald Brauer (Verfügbare Profile: Alternate & Ronald Brauer) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files (x86)\Real\RealPlayer\UpdateService\RealPlayerUpdateSvc.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Sonix) C:\Windows\vsnp2uvc.exe () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Privoxy\privoxy.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (Sonix Technology Co., Ltd.) C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe () C:\Program Files (x86)\Real\RealPlayer\RealDownloader\downloader2.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9639424 2009-12-21] (Realtek Semiconductor) HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.) HKLM-x32\...\Run: [NWEReboot] => [X] HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix) HKLM-x32\...\Run: [tsnp2uvc] => C:\Program Files (x86)\Common Files\SNP2UVC\tsnp2uvc.exe [322048 2011-05-04] (Sonix Technology Co., Ltd.) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [352648 2016-09-26] (RealNetworks, Inc.) HKLM-x32\...\Run: [RealDownloader] => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [708336 2016-09-03] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [42496 2012-10-13] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2411784 2015-04-21] () HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29645440 2016-09-12] (Skype Technologies S.A.) HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000 HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Policies\Explorer: [DisallowRun] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-07-26] ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2015-11-28] ShortcutTarget: Privoxy.lnk -> C:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-09-26] ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\Users\Ronald Brauer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Video und DVD - Verknüpfung.lnk [2015-01-08] ShortcutTarget: Video und DVD - Verknüpfung.lnk -> C:\Users\Ronald Brauer\Desktop\Lotus-Kopien\Video und DVD () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{4D3E1A21-93E8-4F97-91A4-28D48EBD8FFC}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{84EE55D2-B916-4ED1-9B84-E41BB1628BBE}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> {C130F831-D2AA-4A22-BD8D-F89F2A705E4A} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-09-03] (RealDownloader) BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05] (Microsoft Corporation) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\program files (x86)\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-09-03] (RealDownloader) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.) IE Session Restore: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004 -> ist aktiviert. Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.) Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-12-02] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: WSWSVCUchrome - Kein CLSID Wert StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: w8mqfutb.default-1413719908419 FF ProfilePath: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox [2016-11-09] FF user.js: detected! => C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\user.js [2015-08-28] FF NewTab: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/ FF DefaultSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Google FF DefaultSearchUrl: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/search?btnG=Google+Search&q= FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\JonDoFox -> Google FF SelectedSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Google FF Keyword.URL: Mozilla\Firefox\Profiles\JonDoFox -> hxxp://www.google.com/search?btnG=Google+Search&q= FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_remote_dns", true FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl", "127.0.0.1" FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl_port", 4001 FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> type", 1 FF Extension: (Amazon-Icon) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\amazon-icon@giga.de [2014-09-25] [ist nicht signiert] FF Extension: (HTTPS-Everywhere) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2013-12-19] [ist nicht signiert] FF Extension: (UnPlug) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\unplug@compunach.xpi [2013-08-06] [ist nicht signiert] FF Extension: (JonDoFox) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2013-11-08] [ist nicht signiert] FF Extension: (Cookie Monster) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{45d8ff86-d909-11db-9705-005056c00008} [2013-12-19] [ist nicht signiert] FF Extension: (NoScript) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (Adblock Plus) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (ProfileSwitcher) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2013-10-28] [ist nicht signiert] FF Extension: (Kein Name) - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [nicht gefunden] FF Extension: (Kein Name) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files\Updater By Sweetpacks\Firefox [nicht gefunden] FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-09] [ist nicht signiert] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden] FF Extension: (Kein Name) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\extensions\sparpilot@sparpilot.com [nicht gefunden] FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [nicht gefunden] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2013-08-06] FF SearchPlugin: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml [2013-08-06] FF ProfilePath: C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 [2016-11-24] FF user.js: detected! => C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\user.js [2016-03-02] FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> Bing FF SelectedSearchEngine: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> Bing FF Homepage: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> hxxps://web.de FF Session Restore: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> ist aktiviert. FF Keyword.URL: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q= FF NetworkProxy: Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419 -> type", 0 FF Extension: (VTzilla) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\info@virustotal.com.xpi [2016-08-16] FF Extension: (Jocly) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\jocly@jetpack.xpi [2016-04-27] FF Extension: (Session Manager) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-03-19] FF Extension: (NoScript) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-11-23] FF Extension: (Video DownloadHelper) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11] FF Extension: (Adblock Edge) - C:\Users\Ronald Brauer\AppData\Roaming\Mozilla\Firefox\Profiles\w8mqfutb.default-1413719908419\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-27] FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => nicht gefunden FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG) FF Plugin-x32: @real.com/nppl3260;version=18.1.5.699 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2016-09-26] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=18.1.5.699 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2016-09-26] (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2689304980-1437917653-2625238874-1004: @phonostar.de/phonostar -> C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2689304980-1437917653-2625238874-1004: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-10-15] ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260 (2).dll [2010-12-12] (RealNetworks, Inc.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-05] <==== ACHTUNG Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.web.de/ CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default [2016-11-20] CHR Extension: (Google Präsentationen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-22] CHR Extension: (Google Docs) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-22] CHR Extension: (Google Drive) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22] CHR Extension: (YouTube) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-17] CHR Extension: (Amazon) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\caeaobpemokdfnidgaebncaooofnbfha [2015-02-04] CHR Extension: (Google-Suche) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22] CHR Extension: (Kaspersky Protection) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-10-17] CHR Extension: (Google Tabellen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-22] CHR Extension: (Google Docs Offline) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23] CHR Extension: (Tube Video Downloader) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfniaofdifgjfhcddboichcpdallcgjp [2016-11-07] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-06] CHR Extension: (Amazon) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-10-19] CHR Extension: (Google Mail) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22] CHR Extension: (Chrome Media Router) - C:\Users\Ronald Brauer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-06] CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Ronald Brauer\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx [2014-11-08] CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Ronald Brauer\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-09-25] Opera: ======= OPR Extension: (TabHamster) - C:\Users\Ronald Brauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\flaibmngbecjljogddbgojfenfcneanb [2015-12-10] OPR Extension: (Adblock Plus) - C:\Users\Ronald Brauer\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-11-06] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert] R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-06-06] (Freemake) [Datei ist nicht signiert] R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-09-23] (SurfRight B.V.) R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-09-28] (Plays.tv, LLC) R2 RealPlayerUpdateSvc; C:\program files (x86)\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe [35104 2016-09-03] () R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [987408 2016-09-26] (RealNetworks, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-24] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R1 PStrip64; C:\Windows\System32\drivers\pstrip64.sys [13008 2006-09-30] () R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-04-21] (Audials AG) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3565312 2011-05-04] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [867824 2015-01-07] () [Datei ist nicht signiert] R1 StarPortLite; C:\Windows\System32\DRIVERS\StarPortLite.sys [120704 2011-11-14] (StarWind Software) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz130; \??\C:\Users\ALTERN~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X] S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-24 08:20 - 2016-11-24 08:22 - 00032050 _____ C:\Users\Ronald Brauer\Desktop\FRST.txt 2016-11-24 08:19 - 2016-11-24 08:18 - 02412032 _____ (Farbar) C:\Users\Ronald Brauer\Desktop\FRST64.exe 2016-11-24 08:09 - 2016-11-24 08:10 - 00009126 _____ C:\Users\Ronald Brauer\Desktop\ESETlog.txt 2016-11-23 18:22 - 2016-11-23 18:21 - 02870984 _____ (ESET) C:\Users\Ronald Brauer\Desktop\esetsmartinstaller_deu.exe 2016-11-23 17:47 - 2016-11-23 17:49 - 00003536 _____ C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Ronald Brauer 2016-11-23 17:47 - 2016-11-23 17:48 - 00003530 _____ C:\Windows\System32\Tasks\ReclaimerUpdateXML_Ronald Brauer 2016-11-23 17:47 - 2016-11-23 17:47 - 00003654 _____ C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Ronald Brauer 2016-11-23 17:47 - 2016-11-23 17:47 - 00003266 _____ C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Ronald Brauer 2016-11-22 08:57 - 2016-11-23 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free 2016-11-22 08:57 - 2016-11-22 23:29 - 00001225 _____ C:\Users\Ronald Brauer\Desktop\TreeSize Free.lnk 2016-11-22 08:57 - 2016-11-22 08:57 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\JAM Software 2016-11-22 08:57 - 2016-11-22 08:57 - 00000000 ____D C:\Program Files (x86)\JAM Software 2016-11-21 21:32 - 2016-11-21 21:32 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\FRST-OlderVersion 2016-11-21 21:29 - 2016-11-21 21:29 - 00005226 _____ C:\Users\Ronald Brauer\Desktop\mbam.txt 2016-11-21 19:43 - 2016-11-21 19:43 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-11-21 19:41 - 2016-11-21 18:48 - 22851472 _____ (Malwarebytes ) C:\Users\Ronald Brauer\Desktop\mbam-setup-2.2.1.1043.exe 2016-11-21 19:39 - 2016-11-21 19:40 - 00110857 _____ C:\Users\Ronald Brauer\Desktop\TDSSlog.txt 2016-11-21 19:35 - 2016-11-21 19:40 - 00221804 _____ C:\TDSSKiller.3.1.0.12_21.11.2016_19.35.08_log.txt 2016-11-21 19:34 - 2016-11-21 18:34 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Ronald Brauer\Desktop\tdsskiller.exe 2016-11-18 17:24 - 2016-11-18 17:24 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\7E24010D.sys 2016-11-16 20:19 - 2016-11-16 20:19 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Neuer Ordner 2016-11-11 17:09 - 2016-11-12 08:37 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Unsortiert 2016-11-10 09:28 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-11-10 09:28 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-11-10 09:28 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-11-10 09:28 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2016-11-10 09:28 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2016-11-10 09:28 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2016-11-10 09:28 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2016-11-10 09:27 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-11-10 09:27 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-11-10 09:27 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2016-11-10 09:27 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2016-11-10 09:27 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-11-10 09:27 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-11-10 09:27 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-11-10 09:27 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-11-10 09:27 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-11-10 09:27 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-11-10 09:27 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-11-10 09:27 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-11-10 09:27 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-11-10 09:27 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-11-10 09:27 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-11-10 09:27 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-11-10 09:27 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-11-10 09:27 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-11-10 09:27 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-11-10 09:27 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-11-10 09:27 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-11-10 09:27 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-11-10 09:27 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-11-10 09:27 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-11-10 09:27 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-11-10 09:27 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-11-10 09:27 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-11-10 09:27 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-11-10 09:27 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-11-10 09:27 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-11-10 09:27 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-11-10 09:27 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-11-10 09:27 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-11-10 09:27 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-11-10 09:27 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-11-10 09:27 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-11-10 09:27 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-11-10 09:27 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-11-10 09:27 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-11-10 09:27 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-11-10 09:27 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-11-10 09:27 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-11-10 09:27 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-11-10 09:27 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-11-10 09:27 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-11-10 09:27 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-11-10 09:27 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-11-10 09:27 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-11-10 09:27 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-11-10 09:27 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-11-10 09:27 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-11-10 09:27 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-11-10 09:27 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-11-10 09:27 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-11-10 09:27 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-11-10 09:27 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-11-10 09:27 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-11-10 09:27 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-11-10 09:27 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-11-10 09:27 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-11-10 09:27 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-11-10 09:27 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-11-10 09:27 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-11-10 09:27 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-11-10 09:27 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-11-10 09:27 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-11-10 09:27 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-11-10 09:27 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2016-11-10 09:27 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-11-10 09:27 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2016-11-10 09:27 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2016-11-10 09:27 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2016-11-10 09:27 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2016-11-10 09:27 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2016-11-10 09:27 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2016-11-10 09:27 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime 2016-11-10 09:27 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME 2016-11-10 09:27 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2016-11-10 09:27 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2016-11-10 09:27 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2016-11-10 09:27 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime 2016-11-10 09:27 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime 2016-11-10 09:27 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2016-11-10 09:27 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2016-11-10 09:27 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-11-10 09:27 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-11-10 09:27 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-11-10 09:27 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-11-10 09:27 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-11-10 09:27 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-11-10 09:27 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-11-10 09:27 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-11-10 09:27 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-11-10 09:27 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-11-10 09:27 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-11-10 09:27 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-11-10 09:27 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-11-10 09:27 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-11-10 09:27 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-11-10 09:27 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-11-10 09:27 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-11-10 09:27 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-11-10 09:27 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-11-10 09:27 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-11-10 09:27 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-11-10 09:27 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-11-10 09:27 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-11-10 09:27 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-11-10 09:27 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-11-10 09:27 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-11-10 09:27 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2016-11-10 09:26 - 2015-12-20 19:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-11-10 09:26 - 2015-12-20 19:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2016-11-10 09:26 - 2015-12-20 15:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-11-10 09:26 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2016-11-10 06:27 - 2016-11-10 06:27 - 00003394 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 17:59 - 2016-11-09 17:59 - 00003366 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 17:59 - 2016-11-09 17:59 - 00003248 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-09 08:44 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2016-11-09 08:44 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2016-11-09 08:44 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2016-11-09 08:44 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2016-11-09 08:44 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2016-11-09 08:44 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2016-11-09 08:44 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2016-11-09 08:44 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2016-11-09 08:44 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2016-11-09 08:44 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2016-11-09 08:26 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2016-11-09 08:26 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2016-11-09 08:26 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2016-11-09 08:10 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2016-11-09 08:10 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2016-11-09 08:07 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2016-11-09 08:07 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-11-09 08:07 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-11-09 08:07 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-11-09 08:07 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-11-09 08:06 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-11-09 07:35 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2016-11-09 07:35 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2016-11-09 07:35 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2016-11-09 07:35 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2016-11-09 07:35 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2016-11-09 07:35 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2016-11-08 18:34 - 2016-11-10 06:27 - 00003276 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 2016-11-06 17:40 - 2016-11-06 22:23 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\EDV-Tipps 2016-11-04 10:53 - 2016-11-06 07:49 - 00000000 ____D C:\Program Files (x86)\TVgenial5.5 2016-11-04 10:53 - 2016-11-04 11:02 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\TVgenial 2016-11-04 10:53 - 2016-11-04 10:54 - 00000000 ____D C:\ProgramData\TVgenial 2016-10-27 06:39 - 2016-10-27 06:39 - 00000000 ____D C:\Users\Ronald Brauer\.QtWebEngineProcess 2016-10-27 06:35 - 2016-10-27 06:35 - 00000000 ____D C:\Users\Ronald Brauer\.Plays.tv ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-24 08:13 - 2014-10-26 13:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-11-24 08:08 - 2010-09-04 14:39 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-24 08:06 - 2011-12-22 17:21 - 00000000 ____D C:\Users\Ronald Brauer\AppData\LocalLow\Temp 2016-11-24 08:00 - 2014-10-25 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-11-24 08:00 - 2011-12-04 10:39 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\CrashDumps 2016-11-24 08:00 - 2011-05-22 11:56 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\vlc 2016-11-24 07:22 - 2009-07-14 05:45 - 00026528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-11-24 07:22 - 2009-07-14 05:45 - 00026528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-11-24 07:12 - 2016-06-30 17:50 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Skype 2016-11-24 07:11 - 2010-09-04 14:39 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-24 07:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-23 18:15 - 2015-01-09 21:19 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-11-23 18:13 - 2013-02-09 09:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-11-23 18:13 - 2013-02-09 09:03 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2016-11-23 18:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-11-23 18:10 - 2014-10-21 16:07 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Trojaner-Board 2016-11-23 18:09 - 2015-05-22 17:02 - 00000085 _____ C:\Windows\wininit.ini 2016-11-23 18:09 - 2015-01-09 21:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-11-23 08:37 - 2014-10-11 14:45 - 01172274 _____ C:\Windows\ntbtlog.txt 2016-11-22 07:24 - 2009-07-14 18:58 - 00702942 _____ C:\Windows\system32\perfh007.dat 2016-11-22 07:24 - 2009-07-14 18:58 - 00150582 _____ C:\Windows\system32\perfc007.dat 2016-11-22 07:24 - 2009-07-14 06:13 - 01629348 _____ C:\Windows\system32\PerfStringBackup.INI 2016-11-22 07:17 - 2014-05-13 19:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-11-21 19:43 - 2014-10-26 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-11-19 17:45 - 2015-10-14 07:47 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-11-18 21:19 - 2016-05-05 20:28 - 00003878 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1446973210 2016-11-18 21:19 - 2014-08-25 17:17 - 00000000 ____D C:\Program Files (x86)\Opera 2016-11-17 20:57 - 2015-05-13 22:28 - 00000000 ____D C:\Windows\rescache 2016-11-17 18:12 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup 2016-11-17 17:41 - 2010-09-04 14:40 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-16 20:25 - 2014-11-03 22:24 - 00000000 ____D C:\FRST 2016-11-16 20:06 - 2015-01-09 22:33 - 00000000 ____D C:\AdwCleaner 2016-11-16 20:05 - 2016-10-24 18:43 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Lavasoft 2016-11-16 20:05 - 2016-10-24 18:42 - 00000000 ____D C:\ProgramData\Lavasoft 2016-11-16 20:05 - 2016-10-24 18:42 - 00000000 ____D C:\Program Files (x86)\Lavasoft 2016-11-16 20:05 - 2016-01-19 15:12 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2016-11-16 19:46 - 2013-11-13 09:49 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Lotus-Kopien 2016-11-16 18:50 - 2014-10-13 21:43 - 00000058 _____ C:\mbam.txt 2016-11-16 18:27 - 2015-01-09 19:52 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Downloads alt 2016-11-16 16:48 - 2010-04-27 17:45 - 00000000 ____D C:\Users\Alternate 2016-11-14 15:58 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-11-11 21:17 - 2010-09-04 14:39 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Google 2016-11-11 16:55 - 2012-01-03 17:00 - 00000000 ____D C:\Program Files (x86)\Java 2016-11-11 07:00 - 2009-07-14 05:45 - 00506896 _____ C:\Windows\system32\FNTCACHE.DAT 2016-11-10 20:09 - 2013-10-28 07:02 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Ron 2016-11-10 16:29 - 2010-05-29 10:24 - 00000000 ____D C:\Users\Ronald Brauer 2016-11-10 09:41 - 2013-08-14 14:37 - 00000000 ____D C:\Windows\system32\MRT 2016-11-10 09:33 - 2009-08-24 09:35 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-11-09 18:56 - 2011-02-10 09:32 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\ElevatedDiagnostics 2016-11-09 08:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-11-09 08:37 - 2010-09-04 16:33 - 01602692 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-11-08 17:19 - 2014-10-25 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-11-08 17:17 - 2014-10-25 13:01 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-11-08 17:17 - 2014-10-25 13:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-08 17:13 - 2011-11-21 07:08 - 00000000 ____D C:\Windows\system32\Macromed 2016-11-08 17:11 - 2010-04-27 18:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-11-07 17:04 - 2015-10-31 16:17 - 00007602 _____ C:\Users\Ronald Brauer\AppData\Local\Resmon.ResmonCfg 2016-11-07 08:26 - 2014-10-13 15:50 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Kaspersky-Probleme 2016-11-06 13:51 - 2011-07-24 11:03 - 00000000 ____D C:\Windows\pss 2016-11-06 13:20 - 2014-04-09 10:46 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\dvdcss 2016-11-06 12:32 - 2015-01-23 08:09 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Download Helper 2016-11-06 08:44 - 2016-03-19 17:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-11-06 08:42 - 2015-09-10 06:13 - 00000000 ____D C:\Program Files\Common Files\AV 2016-11-06 08:10 - 2015-05-22 19:48 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Raptr 2016-11-06 07:58 - 2015-01-08 16:37 - 00005484 _____ C:\Users\Ronald Brauer\AppData\Local\xecutor.xpr 2016-11-06 07:58 - 2015-01-08 16:37 - 00005484 _____ C:\Users\Ronald Brauer\AppData\Local\xecutor._xp 2016-11-06 07:54 - 2015-07-25 08:59 - 00000000 ____D C:\Program Files (x86)\Steam 2016-11-06 07:50 - 2015-01-20 15:47 - 00000000 ____D C:\Program Files (x86)\phonostar-Player 2016-11-06 07:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-11-06 07:49 - 2010-12-12 09:02 - 00000000 ____D C:\ProgramData\Real 2016-11-06 07:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2016-11-04 22:02 - 2013-11-16 09:57 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Amazon und Ebay 2016-11-04 10:08 - 2015-01-05 22:53 - 00000000 ____D C:\Users\Ronald Brauer\.mediathek3 2016-11-02 22:15 - 2015-01-20 19:26 - 00000000 ____D C:\Users\Ronald Brauer\Youtube 2016-10-30 08:46 - 2016-10-11 16:49 - 00000000 ____D C:\Users\Ronald Brauer\Desktop\Schnappschuss-VLC 2016-10-29 22:49 - 2015-01-05 22:57 - 00000000 ____D C:\Users\Ronald Brauer\MediathekView 2016-10-27 08:31 - 2016-03-07 16:45 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\PlaysTV 2016-10-27 08:31 - 2015-02-06 18:22 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Roaming\Anvsoft 2016-10-27 08:31 - 2011-12-22 16:55 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Nero 2016-10-27 06:58 - 2014-08-26 07:54 - 00000000 ____D C:\Users\Ronald Brauer\AppData\Local\Adobe 2016-10-26 16:29 - 2009-10-26 10:10 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-08-30 21:23 - 2015-12-07 23:32 - 0000133 _____ () C:\Users\Ronald Brauer\AppData\Roaming\Camdata.ini 2015-08-30 21:23 - 2015-12-07 23:32 - 0000408 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamLayout.ini 2015-08-30 21:23 - 2015-12-07 23:32 - 0000408 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamShapes.ini 2015-09-11 13:07 - 2015-12-07 23:32 - 0004536 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.cfg 2015-09-11 15:01 - 2015-09-11 15:01 - 0000098 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.command 2015-09-11 13:13 - 2015-09-25 11:47 - 0000000 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.Data.ini 2015-09-11 13:13 - 2015-09-25 11:47 - 0001206 _____ () C:\Users\Ronald Brauer\AppData\Roaming\CamStudio.Producer.ini 2015-01-07 18:06 - 2015-01-07 18:06 - 0119065 _____ () C:\Users\Ronald Brauer\AppData\Roaming\ExpressBurn.dmp 2015-07-26 10:57 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Ronald Brauer\AppData\Roaming\pdfdrawcodec.dll 2015-05-22 18:34 - 2015-06-24 15:40 - 0013793 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bak 2015-05-22 18:43 - 2015-06-24 14:15 - 0013807 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bk! 2015-05-22 20:43 - 2015-06-24 09:35 - 0013807 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.bko 2015-05-22 17:09 - 2015-06-24 16:40 - 0013865 _____ () C:\Users\Ronald Brauer\AppData\Roaming\PStrip.ini 2012-04-01 17:34 - 2012-04-01 17:34 - 0078623 _____ () C:\Users\Ronald Brauer\AppData\Roaming\userenv.xml 2012-04-01 17:34 - 2012-04-01 17:34 - 0104787 _____ () C:\Users\Ronald Brauer\AppData\Roaming\userenv.xml.urlencode 2015-08-30 19:23 - 2015-12-07 11:10 - 0000096 _____ () C:\Users\Ronald Brauer\AppData\Roaming\version2.xml 2013-07-30 13:13 - 2014-01-16 14:13 - 0000128 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WB.CFG 2013-12-31 14:25 - 2014-01-02 14:13 - 0000005 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WBPU-Q5-TTL.DAT 2013-06-19 13:13 - 2014-01-16 14:13 - 0000005 _____ () C:\Users\Ronald Brauer\AppData\Roaming\WBPU-TTL.DAT 2010-09-04 16:28 - 2015-07-31 17:17 - 0000784 _____ () C:\Users\Ronald Brauer\AppData\Roaming\wklnhst.dat 2011-12-22 16:13 - 2015-12-20 18:01 - 0037888 _____ () C:\Users\Ronald Brauer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-10-31 16:17 - 2016-11-07 17:04 - 0007602 _____ () C:\Users\Ronald Brauer\AppData\Local\Resmon.ResmonCfg 2015-01-08 17:00 - 2016-11-06 07:56 - 1633369 _____ () C:\Users\Ronald Brauer\AppData\Local\Xecutor.log 2015-01-08 16:37 - 2016-11-06 07:58 - 0005484 _____ () C:\Users\Ronald Brauer\AppData\Local\xecutor.xpr 2015-01-08 16:37 - 2016-11-06 07:58 - 0005484 _____ () C:\Users\Ronald Brauer\AppData\Local\xecutor._xp 2016-07-04 15:42 - 2016-07-04 15:42 - 0000000 _____ () C:\Users\Ronald Brauer\AppData\Local\{B5D6B04A-E7A6-4E42-A149-786037CE73C5} 2015-02-05 12:15 - 2015-02-05 12:15 - 0004864 _____ () C:\ProgramData\vczcspay.tpu Einige Dateien in TEMP: ==================== C:\Users\Ronald Brauer\AppData\Local\Temp\libeay32.dll C:\Users\Ronald Brauer\AppData\Local\Temp\msvcr120.dll C:\Users\Ronald Brauer\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Ronald Brauer (24-11-2016 08:23:30)
Gestartet von C:\Users\Ronald Brauer\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-29 09:24:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2689304980-1437917653-2625238874-500 - Administrator - Disabled)
Alternate (S-1-5-21-2689304980-1437917653-2625238874-1003 - Administrator - Enabled) => C:\Users\Alternate
Gast (S-1-5-21-2689304980-1437917653-2625238874-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2689304980-1437917653-2625238874-1002 - Limited - Enabled)
Ronald Brauer (S-1-5-21-2689304980-1437917653-2625238874-1004 - Administrator - Enabled) => C:\Users\Ronald Brauer
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Playpanel (HKLM-x32\...\{69967F97-E880-44B9-8383-5278BBC8809B}) (Version: 1.6.0.22 - Ihr Firmenname)
AGEIA PhysX v7.09.13 (HKLM-x32\...\{45235788-142C-44BE-8A4D-DDE9A84492E5}) (Version: 7.09.13 - AGEIA Technologies, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AngelPacMan (HKLM-x32\...\AngelPacMan_is1) (Version: - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Any DVD Converter Professional 5.8.2 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arx Fatalis (HKLM-x32\...\{96443F45-13E2-11D6-AC87-00D0B7A9E540}) (Version: 1.0.0 - JoWood)
Ashampoo Burning Studio 11 v.11.0.3 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.3 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audials (HKLM-x32\...\{4A152727-C4C4-4666-818A-11C9D8AAE71C}) (Version: 12.0.65100.0 - Audials AG)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVM FRITZ!DSL (HKLM-x32\...\{2457326B-C110-40C3-89B0-889CC913871A}) (Version: 2.04.02 - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bidou (HKLM-x32\...\Bidou_is1) (Version: - )
Bolt PDF Printer (HKLM-x32\...\BoltPDF) (Version: 1.20 - NCH Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrettspielWelt (HKLM-x32\...\BrettspielWelt) (Version: 1.0 - BrettspielWelt GmbH)
Brother HL-2030 (HKLM-x32\...\{148E8CA6-BEF1-41C5-8805-BF1286C6884B}) (Version: 1.00 - Brother)
calibre 64bit (HKLM\...\{020EB053-529D-4FFB-AD9F-40374ACB949A}) (Version: 2.57.1 - Kovid Goyal)
CamStudio 2.7.3 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.3 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
concept/design onlineTV 11 (HKLM-x32\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.5.20.0 - concept/design GmbH)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - )
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.16 - NCH Software)
DeepBurner v1.9.0.228 (HKLM-x32\...\{2ADE2157-7A5E-122C-B51D-EB8A01B15943}) (Version: - )
Discover Painting for Kids SE (HKLM-x32\...\Discover Painting for Kids SE) (Version: - )
DivxToDVD 0.5.2b (HKLM-x32\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
Dominoes Deluxe (HKLM-x32\...\Dominoes Deluxe) (Version: - )
Doxillion Dokumentkonverter (HKLM-x32\...\Doxillion) (Version: 2.38 - NCH Software)
dradio-Recorder Version 3.02.6 (HKLM-x32\...\dradio-Recorder_is1) (Version: - )
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 9.1.8.5 (24/01/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Entropy Piano Tuner (HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\{759f3f42-04f6-4249-b26e-3990036ebeb8}) (Version: 1.1.2 - TP III Universität Würzburg)
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.78 - NCH Software)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.18 - NCH Software)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 1.003 - Ezvid, inc.)
ffdshow [rev 2202] [2008-10-10] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FFsplit version 0.7 (HKLM-x32\...\{82458834-6226-4A34-AE96-6907354F9F36}_is1) (Version: 0.7 - FFsplit Team)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.1 - MakeMusic)
FormatFactory 3.5.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.1.0 - Format Factory)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free DVD Creator version 2.0 (HKLM-x32\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Studio version 5.0.6 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.2.55.301 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.55.301 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.9.725 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.9.725 - DVDVideoSoft Ltd.)
Freemake Music Box (HKLM-x32\...\Freemake Music Box_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Galaxy of Games Gold Edition (HKLM-x32\...\Galaxy of Games Gold Edition) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{1F0342F5-8369-3CD1-99DD-E9BC44473708}) (Version: 65.107.16500 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
gotomaxx PDFMAILER (HKLM-x32\...\{01310914-E3B8-40E8-BCF7-9C42E0639A43}) (Version: 5.0.21 - gotomaxx GmbH)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1311.20) (Version: 3.6.1311.20 - Solveig Multimedia)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
IZArc 4.1.7 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LOADSTREET Web-Media-Sauger Demo (HKLM-x32\...\{DF072839-834E-4AE6-A410-9D825B356A3D}) (Version: 1.00.0000 - LOADSTREET Media GmbH & Co. KG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{E5AB3F65-7FAC-41C6-B176-7599D2404BB2}) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Microsoft Word 2000 SR-1 (HKLM-x32\...\{00170407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mini Golf Special Edition (HKLM-x32\...\Mini Golf Special Edition) (Version: - )
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Morgan M-JPEG codec V3 (HKLM-x32\...\m3jpegV3) (Version: - )
Movavi Screen Capture Studio 6 (HKLM-x32\...\Movavi Screen Capture Studio 6) (Version: 6.1.1 - Movavi)
Mozilla Firefox 48.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 de)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Kwik Media (HKLM-x32\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{BB842C3B-B4B1-4586-BED1-C5F07ABB0E09}) (Version: 16.0.01700 - Nero AG)
OnLine TV Lite (HKLM-x32\...\OnLine TV Lite) (Version: 2.1.3.0 - Intech Software Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Opera Stable 41.0.2353.56 (HKLM-x32\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version: - hxxp://www.PDFBearbeiten.net)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery)
phonostar-Player Version 3.03.8 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.14.1-r116718-release - Plays.tv, LLC)
PowerStrip 3 (remove only) (HKLM-x32\...\PowerStrip 3 (remove only)) (Version: - )
Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden
Prism Videodatei-Konverter (HKLM-x32\...\Prism) (Version: 2.09 - NCH Software)
Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version: - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
RealDownloader (x32 Version: 18.1.5.699 - RealNetworks) Hidden
RealDownloader (x32 Version: 18.1.5.699 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.5 - RealNetworks)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6010 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Screen Movie Studio version 2.6.2 (HKLM-x32\...\Screen Movie Studio_is1) (Version: - )
Screen Recorder 1 (HKLM-x32\...\Screen Recorder 1) (Version: - )
simfy (HKLM-x32\...\Simfy) (Version: 1.3.0 - simfy GmbH)
simfy (x32 Version: 1.3.0 - simfy GmbH) Hidden
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
smartision ScreenCopy 2.3 (HKLM-x32\...\smartision ScreenCopy_is1) (Version: - Steffen Schramm)
StarBurn Version 13 (Build 0x20110818) (HKLM-x32\...\StarBurn_is1) (Version: - StarBurn Software)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - )
StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version: - )
Super Internet TV v8.1 (Free Edition) (HKU\S-1-5-21-2689304980-1437917653-2625238874-1004\...\Super Internet TV (Free Edition)_is1) (Version: - Ahusoft)
Toggla (HKLM-x32\...\Toggla) (Version: 0.0.9 - UNKNOWN)
Toggla (x32 Version: 0.0.9 - UNKNOWN) Hidden
TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
TubeDigger 5.4.4 (HKLM-x32\...\{1E3745C1-674D-4B2E-B8F7-3F4088950ED7}_is1) (Version: 5.4.4 - TubeDigger)
TVAnts 1.0 (HKLM-x32\...\TVAnts 1.0) (Version: - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB Video Device (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.54000.1001 - Sonix)
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Download Capture Version 4.9.6 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.9.6 - APOWERSOFT LIMITED)
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Video Power (HKLM-x32\...\{17DB3734-EAB4-4717-954B-C860EE162FBA}) (Version: 1.0.24 - Video Power)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 3.59 - NCH Software)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
vs2015_redist x64 (Version: 1.0.0.0 - Realnetworks) Hidden
vs2015_redist x86 (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.17 - NCH Software)
Websuche (HKLM-x32\...\Websuche) (Version: - Websuche)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
Xecutor Version 1.54.4.98 (HKLM-x32\...\{89699A99-8D90-469A-9BD8-72C42FF45317}_is1) (Version: - Xpert-Design Software)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2689304980-1437917653-2625238874-1004_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02653693-FFAA-4B55-9D83-46D4235F3AFC} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {0EB609D8-DE66-42D1-B97D-626FE882D847} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\realupgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {12F150B0-0415-44CF-8774-39B5DA8186DA} - System32\Tasks\{7BE5963B-A411-4C19-912D-3B9CAAD6F47C} => pcalua.exe -a "C:\Users\Ronald Brauer\Downloads\Firefox Setup 3.6.3.exe" -d "C:\Users\Ronald Brauer\Downloads"
Task: {2284B655-DEFC-4623-B48F-055452F6DB18} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {23A16D14-176B-4DF8-820A-094B90F7DEA6} - System32\Tasks\{0175D3FF-9509-45F5-96B5-BA0C2EB648D0} => pcalua.exe -a C:\Users\RONALD~1\AppData\Local\Temp\jre-8u60-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {25E5690A-81CE-480B-A133-52814E12CCE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {26C26025-01DB-4DEF-AB26-49CD68D65F3F} - System32\Tasks\{998157E3-2220-4949-ABA3-0320006287EB} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {29DECD71-5196-4743-A063-9C3AA7722902} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2016-09-26] (RealNetworks, Inc.)
Task: {2AC1DFD0-066E-4331-89CA-7D2D34B13E23} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\realupgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {3141E343-7052-46EF-943C-80735216AD01} - System32\Tasks\ReclaimerUpdateXML_Ronald Brauer => C:\Users\Ronald Brauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-23] (RealNetworks, Inc.)
Task: {35A0E84A-044D-47E2-B7F0-19D92F75DABB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {44CD8B6C-FAE5-472C-81FE-4E0C0001389E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe
Task: {473560ED-C2D1-4696-B0A6-54D3C3215AF8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {54642987-B14C-47D3-98F9-C5790F090746} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {560465B2-0E84-48FE-BBCE-695B5BB98A38} - System32\Tasks\{EDFBACF0-EBD8-49BC-A6CA-97A14EFEC6D5} => pcalua.exe -a "C:\Users\Ronald Brauer\Desktop\Fritz\avm_fritz!wlan_usb_stick_x64_build_100906.exe" -d "C:\Users\Ronald Brauer\Desktop\Fritz"
Task: {62417ACE-A2FC-48EC-BD48-F63D660A5B6E} - System32\Tasks\ReclaimerUpdateFiles_Ronald Brauer => C:\Users\Ronald Brauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-23] (RealNetworks, Inc.)
Task: {63568D07-00A3-49BE-A62D-1E0C1C4D6A53} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {6B7B7D1E-5D94-4B25-83F2-121F8B55E497} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {6D9BC4D9-88FB-4E48-AFC4-BF38F61AA553} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {75368BED-C7A7-4368-A8BF-BDBF62D31DEF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {77FAD18A-7F8D-49E7-B805-2E95CE454AAF} - System32\Tasks\RNUpgradeHelperResumePrompt_Ronald Brauer => C:\Users\Ronald Brauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-23] (RealNetworks, Inc.)
Task: {920D8ED6-41D8-4F99-BAD1-A20BA6A46152} - System32\Tasks\Opera scheduled Autoupdate 1446973210 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {93450145-D7C7-46BB-B9F8-2F79CAED83FF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {988F4F4C-AADA-42FB-8BFF-3FFF979FE2AF} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {9E0286DE-0836-4B5F-88C7-242357A8F9C4} - System32\Tasks\{C5A9B0E4-92CF-44D6-89CD-2FAC99741DF8} => C:\Program Files\CamStudio 2.7\Recorder.exe [2013-12-05] (CamStudio Group)
Task: {A2370CC6-C60E-453D-BC47-44D9A87E3BF5} - System32\Tasks\{9C49DF53-6B68-4194-83DA-114388910304} => pcalua.exe -a D:\FSetup.exe -d D:\
Task: {AEC012DF-13CF-4E86-A195-F32B229E6B62} - System32\Tasks\RNUpgradeHelperLogonPrompt_Ronald Brauer => C:\Users\Ronald Brauer\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.05\agent\rnupgagent.exe [2016-11-23] (RealNetworks, Inc.)
Task: {B6FC3F9B-432A-4B2D-8485-687B272AB688} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {CF8C14E0-5D97-417D-BFCF-FCF111FB772F} - System32\Tasks\{043202E6-11F1-4AEE-BDAB-4730F44A3185} => C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASC.exe
Task: {D596EA38-2F6E-476A-BF0B-F8F11B8729A3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\program files (x86)\real\realplayer\RealDownloader\recordingmanager.exe [2016-09-03] (RealNetworks, Inc.)
Task: {D6D986A5-10E6-47CA-A29A-E98DAA2CEE84} - System32\Tasks\RealDownloader Update Check => C:\program files (x86)\real\realplayer\RealDownloader\downloader2.exe [2016-09-03] ()
Task: {D6FC12A6-D575-4FE8-8F9A-BE2E7BCE6336} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {DE9AA60A-FAC1-45F1-B22D-403B1557B6B2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe
Task: {E1E6B097-47B5-4D9D-A6A4-C855344C8061} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {E240B03C-C0C2-4BED-BCCF-BA8A29B7B401} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E7FAB24C-6D88-45EB-9C4C-ECB1D560F9DC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {EBA14F6F-87D5-487C-88BB-00F07C729359} - System32\Tasks\{8B94B6D0-D5B6-4B1D-BA88-7F62DFB1F70B} => pcalua.exe -a "C:\Users\Alternate\Desktop\OpenOffice.org 3.4.1 (de) Installation Files\setup.exe" -d "C:\Users\Alternate\Desktop\OpenOffice.org 3.4.1 (de) Installation Files"
Task: {F28CEB80-6ED3-4942-A919-861BCB77E19A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
Task: {F3ABB2E1-11D0-4051-92F0-4D227F013161} - System32\Tasks\{6F47B3DA-2C84-4143-844F-A43C99543700} => pcalua.exe -a "C:\Users\Ronald Brauer\Downloads\OOo_3.3.0_Win_x86_install-wJRE_de.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F84995DD-A581-4769-92D7-225B2862F38C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2689304980-1437917653-2625238874-1003 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-09-03] (RealNetworks, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Ronald Brauer\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html
Shortcut: C:\Users\Ronald Brauer\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.html
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
Ronald |
|
| Themen zu Javaws.exe zertrümmert meinen Arbeitsspeicher und macht den Computer arbeitsunfähig |
| arbeitsspeicher, ausführung, bereit, bildschirm, compu, computer, etliche, gestartet, inter, interne, internet, javaws.exe, kostet, nichts, schaltet, schwarzer, schwarzer bildschirm, versuche, zahlen |
Linear-Darstellung
