Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Plagegeister aller Art und deren Bekämpfung: Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 11.11.2016, 08:09   #1
ascard
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


hallo zusammen,
Spybot - Search & Destroy bringt mir bei dem besuch von ebay neuerdings folgende meldung



-spybot.jpg:

Alt 11.11.2016, 10:34   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Hallo und


+++ WICHTIGER HINWEIS +++


Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?


Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 11.11.2016, 11:03   #3
ascard
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
durchgeführt von Besitzer (Administrator) auf BESITZER-PC (11-11-2016 10:54:36)
Gestartet von C:\Users\Besitzer\Desktop\Wichtige Programme\antivir
Geladene Profile: UpdatusUser & Besitzer (Verfügbare Profile: UpdatusUser & Besitzer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(AVAST Software) C:\Users\Besitzer\AppData\Roaming\AVAST Software\Browser Cleanup\bcusched.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(DeskShare) C:\Program Files (x86)\Deskshare\IP Camera Viewer 1.0\IP Camera Viewer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [InstantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12448872 2012-02-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [576376 2012-02-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [916072 2016-10-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Run: [Google Update] => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\MountPoints2: {f6ca75a8-d03e-11e3-abfa-7054d28633eb} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-01-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-1843646025-399791798-1682867763-1001] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1843646025-399791798-1682867763-1001] => localhost:21320
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{824B8107-608E-41A7-9C51-059F90A75E42}: [DhcpNameServer] 192.168.178.1
ManualProxies: 1localhost:21320

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://search.avast.com/AV772/
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1843646025-399791798-1682867763-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1843646025-399791798-1682867763-1001 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1843646025-399791798-1682867763-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-08] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5uifafsi.default-1473595326940 [2016-11-11]
FF Extension: (Adblock Plus) - C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5uifafsi.default-1473595326940\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-31]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-31] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-10-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-02-27] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1843646025-399791798-1682867763-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1843646025-399791798-1682867763-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://webmailcluster.1und1.de/xml/webmail/Login;jsessionid=CFDA13F7016F3A700D9D1AECAD99595A.TC159a?__reuse=1343637707253
CHR Plugin: (Shockwave Flash) - C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Besitzer\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => Keine Datei
CHR Profile: C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default [2016-11-11]
CHR Extension: (Google Docs) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google-Suche) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Avira Browserschutz) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-20]
CHR Extension: (Google Docs Offline) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-17]
CHR Extension: (eBay Deutschland) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknjndilpbgfjegfncoipgnhficfffoa [2016-09-11]
CHR Extension: (Speed Dial 2) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-09-11]
CHR Extension: (Facebook Notifications) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2013-03-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-17]
CHR Extension: (Google Mail) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.7WYCGHJGIVNT5M6WCAKMLXAGXA - C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-01-30] (Adobe Systems) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089088 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [475232 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [475232 2016-10-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1488240 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [107648 2012-03-08] (Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
S3 DCDhcpService; C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe [111776 2012-02-10] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [Datei ist nicht signiert]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S4 PCGRTP; "C:\Program Files (x86)\BeeDoctor\0.1.1411.1712\PcgRtp.exe" -r [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [177432 2016-10-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145536 2016-10-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-12] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S4 PcgSysMonX64; \??\C:\Program Files (x86)\BeeDoctor\0.1.1411.1712\PcgSysMonX64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-11 10:54 - 2016-11-11 10:54 - 00000000 ____D C:\FRST
2016-11-11 07:42 - 2016-11-11 07:42 - 49707232 _____ (Microsoft Corporation) C:\Users\Besitzer\Downloads\Windows-KB890830-x64-V5.42.exe
2016-11-11 00:18 - 2016-11-11 00:18 - 00000093 _____ C:\Windows\wininit.ini
2016-11-10 23:54 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20161110-235420.backup
2016-11-10 23:52 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20161110-235254.backup
2016-11-09 14:58 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 14:58 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 14:58 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 14:58 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 14:58 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 14:58 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 14:58 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 14:58 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 14:58 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 14:58 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 14:58 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 14:58 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 14:58 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 14:58 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 14:58 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 14:58 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 14:58 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 14:58 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 14:58 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 14:58 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 14:58 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 14:58 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 14:58 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 14:58 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 14:58 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 14:58 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 14:58 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 14:58 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 14:58 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 14:58 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-09 14:58 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-09 14:58 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 14:58 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-09 14:58 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-09 14:58 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 14:58 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 14:58 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 14:58 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-09 14:58 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-09 14:58 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-09 14:58 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 14:58 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 14:58 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 14:58 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-09 14:58 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-09 14:58 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-09 14:58 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-09 14:58 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-09 14:58 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-09 14:58 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-09 14:58 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-09 14:58 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-09 14:58 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-09 14:58 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-09 14:58 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-09 14:58 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-09 14:58 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 14:58 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-09 14:58 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-09 14:58 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-09 14:58 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 14:58 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-09 14:57 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-09 14:57 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-09 14:57 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-09 01:03 - 2016-11-09 15:08 - 00016721 _____ C:\Users\Besitzer\Desktop\OpenDocument Text (neu).odt
2016-11-08 19:41 - 2016-11-11 00:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-07 20:51 - 2016-11-08 01:16 - 00014193 _____ C:\Users\Besitzer\Desktop\Rente.odt
2016-11-05 20:57 - 2016-11-05 20:57 - 00000000 ____D C:\Users\Besitzer\AppData\Local\{877821E3-F8D8-4D23-A492-97F1829C5153}
2016-11-04 23:09 - 2016-11-04 23:09 - 00049849 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0032016_vom_31.10.2016_20161104110941.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00048086 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3250180__Nr.0112016_vom_31.10.2016_20161104110943.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00048086 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3250180__Nr.0112016_vom_31.10.2016_20161104110937.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00047376 _____ C:\Users\Besitzer\Downloads\Kontoauszug_7503298787__Nr.0012016_vom_31.10.2016_20161104110945.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00047376 _____ C:\Users\Besitzer\Downloads\Kontoauszug_7503298787__Nr.0012016_vom_31.10.2016_20161104110940.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00043901 _____ C:\Users\Besitzer\Downloads\Mitteilung_3298787_vom_31.10.2016_20161104111001.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00043892 _____ C:\Users\Besitzer\Downloads\Mitteilung_3250180_vom_31.10.2016_20161104110925.pdf
2016-11-04 17:37 - 2016-11-04 17:38 - 00000000 ____D C:\KVRT_Data
2016-11-04 07:48 - 2016-11-04 07:48 - 00000000 ____D C:\Users\Besitzer\Documents\ProcAlyzer Dumps
2016-11-04 07:36 - 2016-11-04 07:36 - 00004260 _____ C:\Windows\System32\Tasks\avast! BCU UpdateS-1-5-21-1843646025-399791798-1682867763-1001
2016-11-04 07:36 - 2016-11-04 07:36 - 00003316 _____ C:\Windows\System32\Tasks\avastBCLS-1-5-21-1843646025-399791798-1682867763-1001
2016-11-04 07:36 - 2016-11-04 07:36 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup
2016-11-04 07:36 - 2016-11-04 07:36 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\AVAST Software
2016-10-27 15:20 - 2016-10-27 15:23 - 06766720 _____ (ESET spol. s r.o.) C:\Users\Besitzer\Downloads\ESETOnlineScanner_DEU.exe
2016-10-21 20:19 - 2016-11-06 21:50 - 00251251 _____ C:\Users\Besitzer\Desktop\NINA UND CARMEN.mcf
2016-10-21 20:19 - 2016-11-06 21:50 - 00000000 ____D C:\Users\Besitzer\Desktop\NINA UND CARMEN_mcf-Dateien
2016-10-21 20:19 - 2016-11-03 00:16 - 00249706 _____ C:\Users\Besitzer\Desktop\NINA UND CARMEN.mcf~
2016-10-20 23:42 - 2016-10-20 23:42 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\NVIDIA
2016-10-19 23:33 - 2016-10-19 23:42 - 00000000 ____D C:\Users\Besitzer\Desktop\Neuer Ordner
2016-10-19 23:23 - 2016-10-19 23:23 - 00000000 ____D C:\Users\Besitzer\Desktop\Cewe
2016-10-19 03:05 - 2016-10-19 03:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnlineFotoservice
2016-10-19 02:51 - 2016-10-19 02:51 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\hps-install
2016-10-19 02:41 - 2016-10-19 02:42 - 01628760 _____ C:\Users\Besitzer\Downloads\setup_OnlineFotoservice.exe
2016-10-15 01:33 - 2016-10-15 01:33 - 00068712 _____ C:\Users\Besitzer\Downloads\Rechnung-2016176299-165274.pdf
2016-10-12 21:47 - 2016-10-12 21:47 - 00043956 _____ C:\Users\Besitzer\Downloads\Mitteilung_3250180_vom_01.10.2016_20161012104746.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00051378 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3250180__Nr.0102016_vom_01.10.2016_20161012104642.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00049670 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0022016_vom_01.10.2016_20161012104647.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00047092 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0012016_vom_31.08.2016_20161012104635.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00043956 _____ C:\Users\Besitzer\Downloads\Mitteilung_3250180_vom_01.10.2016_20161012104702.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00043956 _____ C:\Users\Besitzer\Downloads\Mitteilung_3250180_vom_01.10.2016_20161012104658.pdf
2016-10-12 21:45 - 2016-10-12 21:45 - 00051378 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3250180__Nr.0102016_vom_01.10.2016_20161012104506.pdf
2016-10-12 21:45 - 2016-10-12 21:45 - 00049670 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0022016_vom_01.10.2016_20161012104524.pdf
2016-10-12 21:45 - 2016-10-12 21:45 - 00047092 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0012016_vom_31.08.2016_20161012104532.pdf
2016-10-12 21:44 - 2016-10-12 21:44 - 00049670 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0022016_vom_01.10.2016_20161012104443.pdf
2016-10-12 21:44 - 2016-10-12 21:44 - 00049670 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0022016_vom_01.10.2016_20161012104439.pdf
2016-10-12 18:02 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 18:02 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 18:02 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 18:02 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 18:02 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 18:02 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-12 18:02 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-12 18:02 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-12 18:02 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-12 18:02 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 18:02 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 18:02 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 18:02 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 18:02 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-12 18:02 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-12 18:02 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-12 18:02 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-12 18:02 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-12 18:02 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-12 18:02 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-12 18:02 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-12 18:02 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-12 18:02 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 18:02 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-12 18:02 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-12 18:02 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-12 18:02 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-12 18:02 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-12 18:02 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-12 18:02 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-12 18:02 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-12 18:02 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-12 18:02 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-12 18:02 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-12 18:02 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-12 18:02 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-12 18:02 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-12 18:02 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-12 00:50 - 2016-10-12 01:01 - 00000000 ____D C:\Users\Besitzer\Desktop\Neuer Ordner (2)

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-11 10:51 - 2016-09-10 21:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-11 10:44 - 2013-03-18 20:33 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-11 10:30 - 2015-02-04 12:39 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001UA.job
2016-11-11 04:30 - 2013-03-18 20:05 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001Core.job
2016-11-11 03:40 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-11 03:40 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-11 00:20 - 2013-03-29 13:12 - 21154816 ___SH C:\Users\Besitzer\Desktop\Thumbs.db
2016-11-11 00:18 - 2013-03-18 20:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-11 00:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-10 21:55 - 2012-09-23 11:47 - 09966594 _____ C:\Windows\system32\perfh007.dat
2016-11-10 21:55 - 2012-09-23 11:47 - 03141758 _____ C:\Windows\system32\perfc007.dat
2016-11-10 21:55 - 2009-07-14 06:13 - 00006260 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-10 03:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-10 03:29 - 2009-07-14 05:45 - 00291320 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-10 03:10 - 2013-07-16 23:32 - 00000000 ____D C:\Windows\system32\MRT
2016-11-10 02:04 - 2015-02-09 22:02 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 19:39 - 2013-11-10 16:21 - 00000000 ____D C:\ProgramData\tmp
2016-11-08 19:39 - 2013-11-10 16:21 - 00000000 ____D C:\ProgramData\hps
2016-11-06 15:42 - 2013-03-20 00:33 - 00000000 ___RD C:\Users\Besitzer\Desktop\Wichtige Programme
2016-11-06 02:33 - 2012-09-23 02:01 - 00000000 ____D C:\Users\UpdatusUser
2016-11-05 18:28 - 2015-01-31 12:49 - 00000000 ___RD C:\Users\Besitzer\Desktop\Sabine
2016-11-04 07:46 - 2014-12-19 22:25 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-11-04 07:44 - 2014-12-19 22:25 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-04 07:38 - 2014-12-19 23:24 - 00000000 ____D C:\AdwCleaner
2016-11-03 22:18 - 2015-07-11 22:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-30 02:31 - 2013-03-18 20:05 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Google
2016-10-30 02:23 - 2013-03-18 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-30 02:21 - 2013-03-20 12:16 - 00177432 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-10-27 15:10 - 2013-03-20 00:36 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CrashDumps
2016-10-26 16:29 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-26 00:15 - 2014-12-27 21:22 - 00000000 ___RD C:\Users\Besitzer\Desktop\IN BEARBEITUNG
2016-10-25 01:30 - 2016-02-10 22:07 - 00000000 ___RD C:\Users\Besitzer\Desktop\Party
2016-10-25 00:36 - 2013-03-18 20:10 - 00002386 _____ C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-23 00:12 - 2013-03-22 22:28 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\vlc
2016-10-19 20:09 - 2012-10-12 08:25 - 00000000 ____D C:\Users\Besitzer
2016-10-18 00:31 - 2015-09-27 18:06 - 00000000 ___RD C:\Users\Besitzer\Desktop\WEB
2016-10-14 20:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-10-13 03:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-13 03:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 02:39 - 2014-12-13 09:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-12 02:37 - 2013-03-18 20:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 02:37 - 2013-03-18 20:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 02:35 - 2014-12-11 09:06 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 02:35 - 2014-05-07 09:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 02:07 - 2013-03-18 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-20 23:30 - 2016-09-04 16:16 - 0009216 _____ () C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-23 02:26 - 2012-09-23 02:29 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log
2012-09-23 02:29 - 2012-12-16 19:02 - 0000032 _____ () C:\ProgramData\PS.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-04 07:19

==================== Ende von FRST.txt ============================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-11-2016
durchgeführt von Besitzer (11-11-2016 10:55:24)
Gestartet von C:\Users\Besitzer\Desktop\Wichtige Programme\antivir
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-12 07:25:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1843646025-399791798-1682867763-500 - Administrator - Disabled)
Besitzer (S-1-5-21-1843646025-399791798-1682867763-1001 - Administrator - Enabled) => C:\Users\Besitzer
Gast (S-1-5-21-1843646025-399791798-1682867763-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1843646025-399791798-1682867763-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-1843646025-399791798-1682867763-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.3501.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.3501.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{682EC6E8-A300-45FD-8F09-0F3A6EA334D6}) (Version: 1.00.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.109.2020.209 - Alps Electric)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ashampoo Home Designer Pro v.1.0.1 (HKLM-x32\...\{4D1A0101-17A2-4fca-9119-4734EDBDA12D}_is1) (Version: 1.0.1 - Creative Amadeo GmbH)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Avast Browser Cleanup (HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Avast Browser Cleanup) (Version: 12.1.2272.125 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.23.58 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
calibre 64bit (HKLM\...\{EA927D74-9D01-4436-89AE-ACF7C893C845}) (Version: 2.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated)
ClearProg 1.6.0 Final (HKLM-x32\...\ClearProg) (Version: 1.6.0 Final - Sven Hoffman)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2822.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON BX630FW Series Printer Uninstall (HKLM\...\EPSON BX630FW Series) (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPSON File Manager (HKLM-x32\...\{D02F30FB-0BC4-419A-9B9C-ADC610029B50}) (Version: 1.3.2.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Earth (HKLM-x32\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IP Camera Viewer 1.0 (HKLM-x32\...\IP Camera Viewer_is1) (Version:  - DeskShare Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.0 - CEWE Stiftung u Co. KGaA)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Picture Collage Maker Free 2.1.2 (HKLM-x32\...\{DEB7295A-D00E-4D45-846C-2947E8C3F080}_is1) (Version:  - PearlMountain Soft)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.1 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06A7DD8B-8F96-46DC-BEB4-C76E67DCD076} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001UA => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2B071A93-2251-4975-AC24-1454C9FFF449} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {42DEAB31-ED47-4FDF-9AB2-27ADF93AC3FE} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-18] (CyberLink)
Task: {4A04ED7D-D8A4-4004-BD12-2EAFD57CB496} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {6B041E76-9C0A-429E-A95D-D7D83063E120} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {8DF09904-3D1B-4C8F-9351-79097E66846E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {97BE05E6-CF89-4E90-BECD-E2439447F7CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {B9BFBF4A-9133-4977-9830-A59EDD133F04} - System32\Tasks\avastBCLS-1-5-21-1843646025-399791798-1682867763-1001 => C:\Users\Besitzer\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2016-11-07] (AVAST Software)
Task: {BCBEE009-5DD2-43B8-A57A-3C6765068996} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-08] (Adobe Systems Incorporated)
Task: {C4A2CC60-56A2-49E3-947F-9AD97136FB70} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001Core => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D324123B-5ACB-4B66-B4AF-83DBBF1E2086} - System32\Tasks\avast! BCU UpdateS-1-5-21-1843646025-399791798-1682867763-1001 => C:\Users\Besitzer\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)
Task: {D9ED18C1-74F8-4E80-A8E7-4E9314A581C3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001Core.job => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001UA.job => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-09-23 02:01 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-04-20 11:40 - 2012-02-14 02:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-17 18:34 - 2015-07-17 18:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-04-07 04:29 - 2012-04-07 04:29 - 00040552 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-04-07 04:29 - 2012-04-07 04:29 - 00022120 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-01-05 22:22 - 2012-01-05 22:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-12-19 22:25 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-12-19 22:25 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-12-19 22:25 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-12-19 22:25 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-12-19 22:25 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-05-12 11:50 - 2016-05-12 11:50 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2012-04-20 11:00 - 2011-11-30 04:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-09-23 02:03 - 2011-12-16 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2016-10-25 00:36 - 2016-10-20 09:47 - 01819240 _____ () C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-25 00:36 - 2016-10-20 09:47 - 00093288 _____ () C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7916 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7916 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7916 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1843646025-399791798-1682867763-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^Users^Besitzer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Dolby PCEE4\pcee4.exe" -autostart
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F78B396B-AA4D-4092-86FD-7831C399189A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{006B25EF-A281-4EDC-9E60-CA912422134F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6F4B1A05-01FA-4CF2-9D27-81F7EA979B46}] => (Allow) LPort=2869
FirewallRules: [{34D2FEC4-0160-492D-B1B7-853990B21397}] => (Allow) LPort=1900
FirewallRules: [{F47379F9-4316-44EF-8408-8A03B82D9F12}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5102085A-51F3-4385-8F20-4DB983B00E8F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7430170F-A6BA-4394-9F9A-4A6A34E83BE4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A3241587-844F-45BA-BD83-E4C8F25C1FE5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{28392710-C0F3-4EE0-8EE8-E267490B7065}] => (Allow) C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe
FirewallRules: [{99BEF38D-9E54-4750-B821-0CC223EF051F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{5B0C25A9-48B7-4552-9325-3E7127418B9E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{995FBD4B-ADA3-439E-800D-46333283F88B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{174214E1-994B-4485-A2EA-259F019C6FF0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{3FB1CEB9-11C2-4D6B-AB39-F6A9B45D7F01}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{AFC6AB4C-72BA-4115-8EAD-070309F6D4BF}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{EC1E7F11-5FC6-42A1-8DE6-A33388EAA5A0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F76A5231-6FC4-4171-9554-635F45188DA6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6DAA3869-99FF-41D5-A40B-CA2F538B9B1D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{00F316BD-4243-439E-B327-8E50947EC267}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 1.0\IP Camera Viewer.exe
FirewallRules: [{F3F60A32-C983-422C-9A7C-0A4A5E2A387C}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 1.0\IP Camera Viewer.exe
FirewallRules: [{498F7FFB-9017-4A63-BF6E-BB9664D98842}] => (Allow) C:\Program Files (x86)\BeeDoctor\0.1.1411.1712\PCG.exe
FirewallRules: [{FA472BAB-CE61-4406-A4C4-522ACFA09433}] => (Allow) C:\Program Files (x86)\BeeDoctor\0.1.1411.1712\PCG.exe
FirewallRules: [{710429C2-2068-4E36-9440-CC1649ED7E2C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5702F990-3D77-4952-8752-2E441B459669}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{927FB7BD-C08E-420D-BF2C-3DA1CF5BA9AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0041FF7-748F-42F2-8A70-4AF8B94962D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3AED18A8-B1B2-4A69-8047-56E3B5447366}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E2A2A4F2-7D59-4670-B454-19C1A31AFDAC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{1399025D-00F5-49B4-8CCF-880DC2D6CADD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{037133DF-038B-48AF-9BB4-B1F7EECA1821}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{826EF073-8799-4740-BFCD-B78F9D9D610D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1F810284-E71C-4652-AB08-0268E4BB507D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{769EE989-7108-4EAA-AF72-1816B16A6B0F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{37FF9B93-F202-4575-8A2B-3C95096F54B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{DD9B69B3-B89C-4FD2-82B0-FF54F567EF03}C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D55C5EBE-9E54-42FA-8CF6-FF054724AC91}C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{B64170BC-2CEA-4AF5-BFBD-076390261365}C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{599B7BEF-A232-418E-AB98-373C2B647A9F}C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

01-11-2016 21:14:34 Windows Update
04-11-2016 07:39:36 JRT Pre-Junkware Removal
04-11-2016 17:21:37 JRT Pre-Junkware Removal
04-11-2016 17:27:04 JRT Pre-Junkware Removal
10-11-2016 03:00:18 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/11/2016 12:16:13 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1843646025-399791798-1682867763-1001}/">.

Error: (11/10/2016 11:48:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).

Error: (11/10/2016 09:55:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/10/2016 09:55:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/10/2016 09:55:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/10/2016 06:19:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/10/2016 06:19:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/10/2016 06:19:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/10/2016 05:40:41 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/10/2016 05:40:41 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (11/10/2016 03:31:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (11/10/2016 03:29:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service Installer TrueKey" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/10/2016 03:28:55 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{c20bf01b-8811-11e2-92a7-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (11/10/2016 03:26:25 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{995C996E-D918-4A8C-A302-45719A6F4EA7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/06/2016 02:29:52 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (11/06/2016 02:28:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service Installer TrueKey" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/06/2016 02:28:22 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{c20bf01b-8811-11e2-92a7-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (11/06/2016 02:28:50 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎06.‎11.‎2016 um 02:27:08 unerwartet heruntergefahren.

Error: (11/04/2016 08:25:33 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{824B8107-608E-41A7-9C51-059F90A75E42} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (11/04/2016 05:23:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8030.36 MB
Verfügbarer physikalischer RAM: 4064.1 MB
Summe virtueller Speicher: 16058.89 MB
Verfügbarer virtueller Speicher: 11461.93 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:451 GB) (Free:274.85 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:170.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 67C5EB6E)
Partition 1: (Not Active) - (Size=14.7 GB) - (Type=27)
Partition 2: (Active) - (Size=47 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 05EAF7F1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
ansonsten gibt es keine funde von malewarebytes u co die letzten 7 tage
__________________
Alt 11.11.2016, 11:05   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Zitat:
AS: Spybot - Search and Destroy
Deinstallieren. Ist überflüssiger nonsens.


Zitat:
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
Bitte auch Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.11.2016, 11:19   #5
ascard
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


ok beides deinstalliert


Alt 11.11.2016, 11:47   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen

Alt 11.11.2016, 12:00   #7
ascard
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


anti rootkit bringt mir beim start folgende meldung: Probable rootkit aktivity dedectet.gefolgt von zwei möglichkeiten zum bestätigen-ja und nein

registry value "Appini Dlls"

Alt 11.11.2016, 12:08   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


da bitte auf nein klicken
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.11.2016, 12:46   #9
ascard
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.11.11.05
  rootkit: v2016.10.31.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.17609
Besitzer :: BESITZER-PC [administrator]

11.11.2016 12:10:55
mbar-log-2016-11-11 (12-10-55).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 327770
Time elapsed: 25 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
ATTFilter
12:44:16.0777 0x15f8  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
12:44:20.0147 0x15f8  ============================================================
12:44:20.0147 0x15f8  Current date / time: 2016/11/11 12:44:20.0146
12:44:20.0147 0x15f8  SystemInfo:
12:44:20.0147 0x15f8  
12:44:20.0147 0x15f8  OS Version: 6.1.7601 ServicePack: 1.0
12:44:20.0147 0x15f8  Product type: Workstation
12:44:20.0147 0x15f8  ComputerName: BESITZER-PC
12:44:20.0147 0x15f8  UserName: Besitzer
12:44:20.0147 0x15f8  Windows directory: C:\Windows
12:44:20.0147 0x15f8  System windows directory: C:\Windows
12:44:20.0147 0x15f8  Running under WOW64
12:44:20.0147 0x15f8  Processor architecture: Intel x64
12:44:20.0147 0x15f8  Number of processors: 4
12:44:20.0147 0x15f8  Page size: 0x1000
12:44:20.0147 0x15f8  Boot type: Normal boot
12:44:20.0147 0x15f8  CodeIntegrityOptions = 0x00000001
12:44:20.0147 0x15f8  ============================================================
12:44:20.0396 0x15f8  KLMD registered as C:\Windows\system32\drivers\73773613.sys
12:44:20.0396 0x15f8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23569, osProperties = 0x1
12:44:20.0949 0x15f8  System UUID: {6AE060F0-BB75-F44A-163A-7B124A93F0FB}
12:44:21.0329 0x15f8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:44:21.0330 0x15f8  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:44:21.0340 0x15f8  ============================================================
12:44:21.0340 0x15f8  \Device\Harddisk0\DR0:
12:44:21.0340 0x15f8  MBR partitions:
12:44:21.0340 0x15f8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D6E641, BlocksNum 0x17886
12:44:21.0340 0x15f8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D85EC7, BlocksNum 0x385FED7A
12:44:21.0340 0x15f8  \Device\Harddisk1\DR1:
12:44:21.0341 0x15f8  MBR partitions:
12:44:21.0341 0x15f8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
12:44:21.0341 0x15f8  ============================================================
12:44:21.0382 0x15f8  C: <-> \Device\Harddisk0\DR0\Partition2
12:44:21.0718 0x15f8  D: <-> \Device\Harddisk1\DR1\Partition1
12:44:21.0719 0x15f8  ============================================================
12:44:21.0719 0x15f8  Initialize success
12:44:21.0719 0x15f8  ============================================================
12:44:38.0114 0x1268  ============================================================
12:44:38.0114 0x1268  Scan started
12:44:38.0114 0x1268  Mode: Manual; SigCheck; TDLFS; 
12:44:38.0114 0x1268  ============================================================
12:44:38.0114 0x1268  KSN ping started
12:44:38.0146 0x1268  KSN ping finished: false
12:44:39.0554 0x1268  ================ Scan system memory ========================
12:44:39.0554 0x1268  System memory - ok
12:44:39.0555 0x1268  ================ Scan services =============================
12:44:39.0820 0x1268  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:44:39.0865 0x1268  1394ohci - ok
12:44:39.0938 0x1268  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:44:39.0953 0x1268  ACPI - ok
12:44:40.0018 0x1268  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:44:40.0037 0x1268  AcpiPmi - ok
12:44:40.0196 0x1268  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
12:44:40.0204 0x1268  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
12:44:40.0350 0x1268  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
12:44:40.0350 0x1268  Force sending object to P2P due to detect: Adobe LM Service
12:44:40.0351 0x1268  Object send P2P result: false
12:44:40.0425 0x1268  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:44:40.0443 0x1268  AdobeARMservice - ok
12:44:40.0574 0x1268  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:44:40.0596 0x1268  AdobeFlashPlayerUpdateSvc - ok
12:44:40.0661 0x1268  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:44:40.0684 0x1268  adp94xx - ok
12:44:40.0732 0x1268  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:44:40.0753 0x1268  adpahci - ok
12:44:40.0775 0x1268  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:44:40.0787 0x1268  adpu320 - ok
12:44:40.0836 0x1268  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:44:40.0856 0x1268  AeLookupSvc - ok
12:44:40.0939 0x1268  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
12:44:40.0964 0x1268  AFD - ok
12:44:40.0988 0x1268  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:44:40.0994 0x1268  agp440 - ok
12:44:41.0029 0x1268  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:44:41.0037 0x1268  ALG - ok
12:44:41.0071 0x1268  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:44:41.0077 0x1268  aliide - ok
12:44:41.0108 0x1268  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:44:41.0121 0x1268  amdide - ok
12:44:41.0161 0x1268  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:44:41.0172 0x1268  AmdK8 - ok
12:44:41.0189 0x1268  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:44:41.0200 0x1268  AmdPPM - ok
12:44:41.0224 0x1268  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:44:41.0235 0x1268  amdsata - ok
12:44:41.0259 0x1268  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:44:41.0272 0x1268  amdsbs - ok
12:44:41.0286 0x1268  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:44:41.0295 0x1268  amdxata - ok
12:44:41.0343 0x1268  [ FA766C7988FDD78F2B2D55AA7536FFB4, EB6A29562435B826D47D6FAB1FEF664498B952AB6A2D6D1E8A33E119EB57CE0F ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
12:44:41.0368 0x1268  ApfiltrService - ok
12:44:41.0422 0x1268  [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID           C:\Windows\system32\drivers\appid.sys
12:44:41.0441 0x1268  AppID - ok
12:44:41.0476 0x1268  [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:44:41.0492 0x1268  AppIDSvc - ok
12:44:41.0536 0x1268  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
12:44:41.0555 0x1268  Appinfo - ok
12:44:41.0574 0x1268  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:44:41.0583 0x1268  arc - ok
12:44:41.0595 0x1268  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:44:41.0606 0x1268  arcsas - ok
12:44:41.0727 0x1268  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:44:41.0744 0x1268  aspnet_state - ok
12:44:41.0775 0x1268  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:44:41.0817 0x1268  AsyncMac - ok
12:44:41.0874 0x1268  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:44:41.0888 0x1268  atapi - ok
12:44:41.0928 0x1268  [ 78B183A794A08978EA0A8D017054352B, 5C9BEF59619F235BB1F81A9BD88A39D7C7D594443F198B68B5373F20001937C3 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
12:44:41.0946 0x1268  AthBTPort - ok
12:44:41.0983 0x1268  [ 7E63E24E17B5233FA69E6613E84B5306, 56A49E8EE90813CD4A7C6A969C52571D819E0B53DFB495C346B72E4C9F17CA7A ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
12:44:41.0994 0x1268  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
12:44:41.0994 0x1268  AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
12:44:42.0111 0x1268  [ 43E7A4298644526B0190C43AF6489DB1, 3ABA96CEE54E4AAA64100655F9BB676F57C76A098D649E63624251FBACFFDAAC ] athr            C:\Windows\system32\DRIVERS\athrx.sys
12:44:42.0174 0x1268  athr - ok
12:44:42.0263 0x1268  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:44:42.0288 0x1268  AudioEndpointBuilder - ok
12:44:42.0317 0x1268  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:44:42.0334 0x1268  AudioSrv - ok
12:44:42.0471 0x1268  [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:44:42.0497 0x1268  Avira.ServiceHost - ok
12:44:42.0547 0x1268  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:44:42.0576 0x1268  AxInstSV - ok
12:44:42.0651 0x1268  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:44:42.0674 0x1268  b06bdrv - ok
12:44:42.0756 0x1268  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:44:42.0783 0x1268  b57nd60a - ok
12:44:42.0863 0x1268  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:44:42.0884 0x1268  BDESVC - ok
12:44:42.0937 0x1268  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:44:42.0976 0x1268  Beep - ok
12:44:43.0080 0x1268  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:44:43.0102 0x1268  BFE - ok
12:44:43.0150 0x1268  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:44:43.0185 0x1268  BITS - ok
12:44:43.0213 0x1268  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
12:44:43.0220 0x1268  blbdrive - ok
12:44:43.0273 0x1268  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:44:43.0294 0x1268  bowser - ok
12:44:43.0307 0x1268  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:44:43.0324 0x1268  BrFiltLo - ok
12:44:43.0340 0x1268  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:44:43.0353 0x1268  BrFiltUp - ok
12:44:43.0403 0x1268  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:44:43.0424 0x1268  Browser - ok
12:44:43.0457 0x1268  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:44:43.0479 0x1268  Brserid - ok
12:44:43.0494 0x1268  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:44:43.0503 0x1268  BrSerWdm - ok
12:44:43.0538 0x1268  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:44:43.0558 0x1268  BrUsbMdm - ok
12:44:43.0577 0x1268  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:44:43.0585 0x1268  BrUsbSer - ok
12:44:43.0640 0x1268  [ 3E352B570E9CD1047A596927896D6F7C, DB2678DB48919408C0D856C58962B1E5188B8B7393145C5373556EB649868F0D ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
12:44:43.0657 0x1268  BTATH_A2DP - ok
12:44:43.0671 0x1268  [ AF715C0F2A656BDA9D4AF470224325C7, D969A96FA1D4E2D508C00A54DB5568147616432ED3697E6D9302DB4E8D6399F6 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
12:44:43.0681 0x1268  btath_avdt - ok
12:44:43.0718 0x1268  [ D438A33D568C76C24E8D7394981F42DC, E5884C20E55B8EDC8E19C55DDFBE4A8FDFBE2327ACE94BFC2BFD3BCEE6EBC2AD ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
12:44:43.0735 0x1268  BTATH_BUS - ok
12:44:43.0760 0x1268  [ 6EFA8C93009E0BE0886C2422C7D20BC5, 55717C459893B533C9F21FAA997004001646F43629F4DA9D8464408E20575F02 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
12:44:43.0775 0x1268  BTATH_HCRP - ok
12:44:43.0792 0x1268  [ 168506D0F0C8DF588F8A7E25C58A2DE6, EF744D95797F66D8D7F79B3256AEB3255D161A61BCA9D39CDB3F3699079AC61B ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
12:44:43.0803 0x1268  BTATH_LWFLT - ok
12:44:43.0826 0x1268  [ 7C8FB1D73BD279DD914CCA6ED0F4F62B, 936492E05E760A65DF507651E18A7BB331FDEE9FBEF7ABC556389308F53726F0 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
12:44:43.0841 0x1268  BTATH_RCP - ok
12:44:43.0892 0x1268  [ 4F6EA72C82C05C8C67643C9E0585108A, 0D69265E7C42691FC95880FEF9ED73763A4E81D864B34D4EAB9D22C62EFDD864 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
12:44:43.0909 0x1268  BtFilter - ok
12:44:43.0961 0x1268  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
12:44:43.0968 0x1268  BthEnum - ok
12:44:43.0990 0x1268  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:44:43.0999 0x1268  BTHMODEM - ok
12:44:44.0034 0x1268  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:44:44.0045 0x1268  BthPan - ok
12:44:44.0074 0x1268  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
12:44:44.0090 0x1268  BTHPORT - ok
12:44:44.0126 0x1268  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:44:44.0149 0x1268  bthserv - ok
12:44:44.0164 0x1268  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
12:44:44.0171 0x1268  BTHUSB - ok
12:44:44.0205 0x1268  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:44:44.0240 0x1268  cdfs - ok
12:44:44.0270 0x1268  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:44:44.0279 0x1268  cdrom - ok
12:44:44.0300 0x1268  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:44:44.0323 0x1268  CertPropSvc - ok
12:44:44.0339 0x1268  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:44:44.0348 0x1268  circlass - ok
12:44:44.0395 0x1268  [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS            C:\Windows\system32\CLFS.sys
12:44:44.0407 0x1268  CLFS - ok
12:44:44.0536 0x1268  [ 524DC3807CB1746225F9D26ADD19C319, DC23392E8C542B02860BA1F57F03AD08A58B256D155CC6B81A48691A79D3A3F6 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
12:44:44.0559 0x1268  CLKMSVC10_38F51D56 - ok
12:44:44.0643 0x1268  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:44:44.0656 0x1268  clr_optimization_v2.0.50727_32 - ok
12:44:44.0706 0x1268  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:44:44.0721 0x1268  clr_optimization_v2.0.50727_64 - ok
12:44:44.0853 0x1268  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:44:44.0873 0x1268  clr_optimization_v4.0.30319_32 - ok
12:44:44.0953 0x1268  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:44:44.0973 0x1268  clr_optimization_v4.0.30319_64 - ok
12:44:44.0992 0x1268  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:44:44.0999 0x1268  CmBatt - ok
12:44:45.0024 0x1268  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:44:45.0031 0x1268  cmdide - ok
12:44:45.0105 0x1268  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:44:45.0135 0x1268  CNG - ok
12:44:45.0163 0x1268  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:44:45.0168 0x1268  Compbatt - ok
12:44:45.0200 0x1268  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:44:45.0209 0x1268  CompositeBus - ok
12:44:45.0225 0x1268  COMSysApp - ok
12:44:45.0340 0x1268  [ CEEF9EF16A91596F849421295ABBE86F, 1E93283BFCCE12F9E7C4E1881B4CCB4E2946C55F47DC95431A99C276A772872F ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:44:45.0368 0x1268  cphs - ok
12:44:45.0385 0x1268  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:44:45.0393 0x1268  crcdisk - ok
12:44:45.0458 0x1268  [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:44:45.0481 0x1268  CryptSvc - ok
12:44:45.0585 0x1268  [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
12:44:45.0600 0x1268  dc3d - ok
12:44:45.0679 0x1268  [ A61FE65EE4332ABE6B11679911DB23A3, AC34BD757EC358B571C4C55E8F2A8FD2F656D35D700E2C15D46A258FB2450596 ] DCDhcpService   C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe
12:44:45.0692 0x1268  DCDhcpService - detected UnsignedFile.Multi.Generic ( 1 )
12:44:45.0692 0x1268  DCDhcpService ( UnsignedFile.Multi.Generic ) - warning
12:44:45.0693 0x1268  Force sending object to P2P due to detect: DCDhcpService
12:44:45.0694 0x1268  Object send P2P result: false
12:44:45.0764 0x1268  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:44:45.0800 0x1268  DcomLaunch - ok
12:44:45.0847 0x1268  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:44:45.0892 0x1268  defragsvc - ok
12:44:45.0946 0x1268  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:44:45.0967 0x1268  DfsC - ok
12:44:46.0012 0x1268  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:44:46.0039 0x1268  Dhcp - ok
12:44:46.0147 0x1268  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
12:44:46.0176 0x1268  DiagTrack - ok
12:44:46.0221 0x1268  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:44:46.0265 0x1268  discache - ok
12:44:46.0311 0x1268  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
12:44:46.0318 0x1268  Disk - ok
12:44:46.0360 0x1268  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:44:46.0383 0x1268  Dnscache - ok
12:44:46.0402 0x1268  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:44:46.0430 0x1268  dot3svc - ok
12:44:46.0441 0x1268  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:44:46.0464 0x1268  DPS - ok
12:44:46.0516 0x1268  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:44:46.0532 0x1268  drmkaud - ok
12:44:46.0621 0x1268  [ C02FF01B821FBB72104132E56EC5B881, 161AC96EE71C9B1F59ACE07EDC7550E1203C8DEFF6B333D298D564FAF536CF96 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:44:46.0652 0x1268  DsiWMIService - ok
12:44:46.0733 0x1268  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:44:46.0762 0x1268  DXGKrnl - ok
12:44:46.0810 0x1268  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:44:46.0849 0x1268  EapHost - ok
12:44:46.0982 0x1268  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:44:47.0041 0x1268  ebdrv - ok
12:44:47.0095 0x1268  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS             C:\Windows\System32\lsass.exe
12:44:47.0109 0x1268  EFS - ok
12:44:47.0169 0x1268  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:44:47.0187 0x1268  ehRecvr - ok
12:44:47.0201 0x1268  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:44:47.0210 0x1268  ehSched - ok
12:44:47.0244 0x1268  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:44:47.0258 0x1268  elxstor - ok
12:44:47.0362 0x1268  [ 76B978AD795A7E71C48390B000F6023F, 0A398C0FD9F72A0865343E2153F1F4CFA9EE375DC77E87FBDE38A1A8CA3061EB ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:44:47.0391 0x1268  ePowerSvc - ok
12:44:47.0508 0x1268  [ DFEB7EE15BA8BA03E722C375F7E6A379, 6B73561E91D699576FD28AE36FB194443E3807C3696B435224B9D60808803344 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
12:44:47.0523 0x1268  EPSON_PM_RPCV4_05 - ok
12:44:47.0555 0x1268  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:44:47.0571 0x1268  ErrDev - ok
12:44:47.0634 0x1268  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:44:47.0687 0x1268  EventSystem - ok
12:44:47.0710 0x1268  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:44:47.0736 0x1268  exfat - ok
12:44:47.0752 0x1268  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:44:47.0777 0x1268  fastfat - ok
12:44:47.0825 0x1268  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:44:47.0843 0x1268  Fax - ok
12:44:47.0880 0x1268  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:44:47.0888 0x1268  fdc - ok
12:44:47.0913 0x1268  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:44:47.0939 0x1268  fdPHost - ok
12:44:47.0950 0x1268  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:44:47.0972 0x1268  FDResPub - ok
12:44:47.0995 0x1268  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:44:48.0001 0x1268  FileInfo - ok
12:44:48.0016 0x1268  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:44:48.0038 0x1268  Filetrace - ok
12:44:48.0111 0x1268  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:44:48.0137 0x1268  FLEXnet Licensing Service - ok
12:44:48.0159 0x1268  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:44:48.0167 0x1268  flpydisk - ok
12:44:48.0188 0x1268  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:44:48.0199 0x1268  FltMgr - ok
12:44:48.0303 0x1268  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
12:44:48.0336 0x1268  FontCache - ok
12:44:48.0381 0x1268  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:44:48.0394 0x1268  FontCache3.0.0.0 - ok
12:44:48.0408 0x1268  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:44:48.0424 0x1268  FsDepends - ok
12:44:48.0469 0x1268  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:44:48.0484 0x1268  Fs_Rec - ok
12:44:48.0530 0x1268  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:44:48.0552 0x1268  fvevol - ok
12:44:48.0592 0x1268  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:44:48.0600 0x1268  gagp30kx - ok
12:44:48.0678 0x1268  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
12:44:48.0708 0x1268  gpsvc - ok
12:44:48.0765 0x1268  [ 32096F187020A54D29C95B3A1467D963, 2A50686C1FC921B02F6B7472AC09B2CFD9DE290D22DD0342A94AB8E95AC3DC6C ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
12:44:48.0783 0x1268  GREGService - ok
12:44:48.0803 0x1268  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:44:48.0814 0x1268  hcw85cir - ok
12:44:48.0861 0x1268  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:44:48.0881 0x1268  HdAudAddService - ok
12:44:48.0930 0x1268  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:44:48.0941 0x1268  HDAudBus - ok
12:44:48.0951 0x1268  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:44:48.0958 0x1268  HidBatt - ok
12:44:48.0975 0x1268  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:44:48.0984 0x1268  HidBth - ok
12:44:49.0007 0x1268  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:44:49.0016 0x1268  HidIr - ok
12:44:49.0031 0x1268  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:44:49.0054 0x1268  hidserv - ok
12:44:49.0112 0x1268  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:44:49.0128 0x1268  HidUsb - ok
12:44:49.0171 0x1268  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:44:49.0210 0x1268  hkmsvc - ok
12:44:49.0226 0x1268  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:44:49.0236 0x1268  HomeGroupListener - ok
12:44:49.0261 0x1268  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:44:49.0271 0x1268  HomeGroupProvider - ok
12:44:49.0293 0x1268  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:44:49.0300 0x1268  HpSAMD - ok
12:44:49.0393 0x1268  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:44:49.0423 0x1268  HTTP - ok
12:44:49.0442 0x1268  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:44:49.0448 0x1268  hwpolicy - ok
12:44:49.0464 0x1268  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:44:49.0472 0x1268  i8042prt - ok
12:44:49.0496 0x1268  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\drivers\iaStor.sys
12:44:49.0515 0x1268  iaStor - ok
12:44:49.0574 0x1268  [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:44:49.0591 0x1268  IAStorDataMgrSvc - ok
12:44:49.0633 0x1268  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:44:49.0656 0x1268  iaStorV - ok
12:44:49.0789 0x1268  [ D3090576412EC63E0C6271D8B0974D73, 0E7EB7818FE248DCA5FE6CDFBD540A862B39E0A88609141FB3D7D1F82E0521D6 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:44:49.0837 0x1268  IconMan_R - ok
12:44:49.0987 0x1268  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:44:50.0006 0x1268  idsvc - ok
12:44:50.0395 0x1268  [ 276EE9CDAB16C50E1DF0E4CEFA882F5F, 320D677A9576F27D5BA8C6EA9191C8A5ED9EF9947A48F5B98B09AA3CE9C02682 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
12:44:50.0642 0x1268  igfx - ok
12:44:50.0688 0x1268  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:44:50.0694 0x1268  iirsp - ok
12:44:50.0768 0x1268  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:44:50.0789 0x1268  IKEEXT - ok
12:44:50.0864 0x1268  InstallerService - ok
12:44:51.0055 0x1268  [ E83BB47C3446F0497019DE7FD6C6A86F, DAD20D57743EB03951FD4078FD105BCD684A9652CFFDF8D03509D814820917CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:44:51.0143 0x1268  IntcAzAudAddService - ok
12:44:51.0206 0x1268  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
12:44:51.0232 0x1268  IntcDAud - ok
12:44:51.0304 0x1268  [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:44:51.0320 0x1268  Intel(R) Capability Licensing Service Interface - ok
12:44:51.0351 0x1268  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:44:51.0357 0x1268  intelide - ok
12:44:51.0380 0x1268  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:44:51.0388 0x1268  intelppm - ok
12:44:51.0443 0x1268  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:44:51.0484 0x1268  IPBusEnum - ok
12:44:51.0509 0x1268  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:44:51.0543 0x1268  IpFilterDriver - ok
12:44:51.0649 0x1268  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:44:51.0679 0x1268  iphlpsvc - ok
12:44:51.0694 0x1268  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:44:51.0707 0x1268  IPMIDRV - ok
12:44:51.0731 0x1268  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:44:51.0765 0x1268  IPNAT - ok
12:44:51.0794 0x1268  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:44:51.0809 0x1268  IRENUM - ok
12:44:51.0825 0x1268  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:44:51.0834 0x1268  isapnp - ok
12:44:51.0871 0x1268  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:44:51.0886 0x1268  iScsiPrt - ok
12:44:51.0920 0x1268  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:44:51.0932 0x1268  iusb3hcs - ok
12:44:51.0957 0x1268  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
12:44:51.0976 0x1268  iusb3hub - ok
12:44:52.0006 0x1268  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:44:52.0034 0x1268  iusb3xhc - ok
12:44:52.0118 0x1268  [ 12DADA7E8BE1AED392F049CD6258C351, AD0C5C3A6C382738440A321A3E9DEBDFDDD267F521855F8414D81C215F884669 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:44:52.0141 0x1268  jhi_service - ok
12:44:52.0155 0x1268  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:44:52.0164 0x1268  kbdclass - ok
12:44:52.0191 0x1268  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:44:52.0198 0x1268  kbdhid - ok
12:44:52.0216 0x1268  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso          C:\Windows\system32\lsass.exe
12:44:52.0223 0x1268  KeyIso - ok
12:44:52.0262 0x1268  [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:44:52.0270 0x1268  KSecDD - ok
12:44:52.0292 0x1268  [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:44:52.0300 0x1268  KSecPkg - ok
12:44:52.0322 0x1268  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:44:52.0345 0x1268  ksthunk - ok
12:44:52.0374 0x1268  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:44:52.0402 0x1268  KtmRm - ok
12:44:52.0470 0x1268  [ 320F16CA30BC0B8FF59F6C9E1ACD8516, FDCD8E1BFC57CD3B827A78CBFC26F8F7E2F1CFD4A422D72D82A44152F7A06A85 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
12:44:52.0490 0x1268  L1C - ok
12:44:52.0535 0x1268  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:44:52.0575 0x1268  LanmanServer - ok
12:44:52.0600 0x1268  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:44:52.0624 0x1268  LanmanWorkstation - ok
12:44:52.0772 0x1268  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
12:44:52.0795 0x1268  LBTServ - ok
12:44:52.0815 0x1268  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
12:44:52.0821 0x1268  LEqdUsb - ok
12:44:52.0876 0x1268  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
12:44:52.0888 0x1268  LHidEqd - ok
12:44:52.0924 0x1268  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:44:52.0938 0x1268  LHidFilt - ok
12:44:52.0977 0x1268  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:44:53.0025 0x1268  lltdio - ok
12:44:53.0061 0x1268  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:44:53.0098 0x1268  lltdsvc - ok
12:44:53.0120 0x1268  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:44:53.0142 0x1268  lmhosts - ok
12:44:53.0154 0x1268  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:44:53.0159 0x1268  LMouFilt - ok
12:44:53.0197 0x1268  [ 8D82CBBF5A8532D9A21A64BBCB774EE7, 30D6477EA4B47D50F05E3435A68113B3676CA24EF51CC2693353C2224D28D2BB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:44:53.0211 0x1268  LMS - ok
12:44:53.0245 0x1268  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:44:53.0253 0x1268  LSI_FC - ok
12:44:53.0290 0x1268  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:44:53.0306 0x1268  LSI_SAS - ok
12:44:53.0323 0x1268  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:44:53.0332 0x1268  LSI_SAS2 - ok
12:44:53.0354 0x1268  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:44:53.0363 0x1268  LSI_SCSI - ok
12:44:53.0390 0x1268  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:44:53.0419 0x1268  luafv - ok
12:44:53.0437 0x1268  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:44:53.0448 0x1268  Mcx2Svc - ok
12:44:53.0460 0x1268  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:44:53.0468 0x1268  megasas - ok
12:44:53.0513 0x1268  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:44:53.0538 0x1268  MegaSR - ok
12:44:53.0574 0x1268  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:44:53.0594 0x1268  MEIx64 - ok
12:44:53.0609 0x1268  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:44:53.0646 0x1268  MMCSS - ok
12:44:53.0659 0x1268  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:44:53.0681 0x1268  Modem - ok
12:44:53.0692 0x1268  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:44:53.0701 0x1268  monitor - ok
12:44:53.0711 0x1268  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:44:53.0718 0x1268  mouclass - ok
12:44:53.0741 0x1268  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:44:53.0748 0x1268  mouhid - ok
12:44:53.0783 0x1268  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:44:53.0791 0x1268  mountmgr - ok
12:44:53.0855 0x1268  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:44:53.0876 0x1268  MozillaMaintenance - ok
12:44:53.0927 0x1268  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:44:53.0947 0x1268  mpio - ok
12:44:54.0010 0x1268  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:44:54.0042 0x1268  mpsdrv - ok
12:44:54.0138 0x1268  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:44:54.0182 0x1268  MpsSvc - ok
12:44:54.0230 0x1268  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:44:54.0252 0x1268  MRxDAV - ok
12:44:54.0297 0x1268  [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:44:54.0319 0x1268  mrxsmb - ok
12:44:54.0368 0x1268  [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:44:54.0397 0x1268  mrxsmb10 - ok
12:44:54.0437 0x1268  [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:44:54.0457 0x1268  mrxsmb20 - ok
12:44:54.0495 0x1268  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:44:54.0503 0x1268  msahci - ok
12:44:54.0534 0x1268  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:44:54.0545 0x1268  msdsm - ok
12:44:54.0568 0x1268  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:44:54.0581 0x1268  MSDTC - ok
12:44:54.0607 0x1268  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:44:54.0637 0x1268  Msfs - ok
12:44:54.0658 0x1268  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:44:54.0679 0x1268  mshidkmdf - ok
12:44:54.0695 0x1268  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:44:54.0701 0x1268  msisadrv - ok
12:44:54.0739 0x1268  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:44:54.0763 0x1268  MSiSCSI - ok
12:44:54.0766 0x1268  msiserver - ok
12:44:54.0784 0x1268  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:44:54.0806 0x1268  MSKSSRV - ok
12:44:54.0835 0x1268  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:44:54.0857 0x1268  MSPCLOCK - ok
12:44:54.0862 0x1268  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:44:54.0883 0x1268  MSPQM - ok
12:44:54.0905 0x1268  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:44:54.0917 0x1268  MsRPC - ok
12:44:54.0926 0x1268  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:44:54.0932 0x1268  mssmbios - ok
12:44:54.0946 0x1268  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:44:54.0968 0x1268  MSTEE - ok
12:44:54.0978 0x1268  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:44:54.0985 0x1268  MTConfig - ok
12:44:54.0996 0x1268  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:44:55.0002 0x1268  Mup - ok
12:44:55.0030 0x1268  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:44:55.0059 0x1268  napagent - ok
12:44:55.0104 0x1268  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:44:55.0119 0x1268  NativeWifiP - ok
12:44:55.0207 0x1268  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:44:55.0228 0x1268  NDIS - ok
12:44:55.0246 0x1268  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:44:55.0268 0x1268  NdisCap - ok
12:44:55.0295 0x1268  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:44:55.0317 0x1268  NdisTapi - ok
12:44:55.0338 0x1268  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:44:55.0359 0x1268  Ndisuio - ok
12:44:55.0414 0x1268  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:44:55.0450 0x1268  NdisWan - ok
12:44:55.0454 0x1268  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:44:55.0475 0x1268  NDProxy - ok
12:44:55.0489 0x1268  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:44:55.0511 0x1268  NetBIOS - ok
12:44:55.0569 0x1268  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:44:55.0584 0x1268  NetBT - ok
12:44:55.0594 0x1268  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon        C:\Windows\system32\lsass.exe
12:44:55.0602 0x1268  Netlogon - ok
12:44:55.0641 0x1268  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:44:55.0670 0x1268  Netman - ok
12:44:55.0797 0x1268  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:44:55.0817 0x1268  NetMsmqActivator - ok
12:44:55.0831 0x1268  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:44:55.0852 0x1268  NetPipeActivator - ok
12:44:55.0882 0x1268  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:44:55.0915 0x1268  netprofm - ok
12:44:55.0921 0x1268  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:44:55.0929 0x1268  NetTcpActivator - ok
12:44:55.0934 0x1268  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:44:55.0942 0x1268  NetTcpPortSharing - ok
12:44:55.0963 0x1268  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:44:55.0970 0x1268  nfrd960 - ok
12:44:56.0028 0x1268  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:44:56.0053 0x1268  NlaSvc - ok
12:44:56.0062 0x1268  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:44:56.0092 0x1268  Npfs - ok
12:44:56.0107 0x1268  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:44:56.0130 0x1268  nsi - ok
12:44:56.0147 0x1268  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:44:56.0168 0x1268  nsiproxy - ok
12:44:56.0274 0x1268  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:44:56.0310 0x1268  Ntfs - ok
12:44:56.0372 0x1268  [ D27A4546417ED7C4AEA7B3420D4F1F50, 8D52FF7D2C6E338E2E8B414F0FE9ED296A901CB38BCFF8814B1ECE52D8D1599D ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
12:44:56.0393 0x1268  NTI IScheduleSvc - ok
12:44:56.0423 0x1268  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
12:44:56.0440 0x1268  NTIDrvr - ok
12:44:56.0448 0x1268  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:44:56.0478 0x1268  Null - ok
12:44:56.0839 0x1268  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:44:57.0031 0x1268  nvlddmkm - ok
12:44:57.0053 0x1268  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
12:44:57.0064 0x1268  nvpciflt - ok
12:44:57.0088 0x1268  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:44:57.0096 0x1268  nvraid - ok
12:44:57.0113 0x1268  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:44:57.0121 0x1268  nvstor - ok
12:44:57.0180 0x1268  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:44:57.0208 0x1268  nvsvc - ok
12:44:57.0332 0x1268  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:44:57.0372 0x1268  nvUpdatusService - ok
12:44:57.0393 0x1268  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:44:57.0401 0x1268  nv_agp - ok
12:44:57.0422 0x1268  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:44:57.0430 0x1268  ohci1394 - ok
12:44:57.0466 0x1268  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:44:57.0479 0x1268  p2pimsvc - ok
12:44:57.0497 0x1268  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:44:57.0513 0x1268  p2psvc - ok
12:44:57.0541 0x1268  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
12:44:57.0554 0x1268  Parport - ok
12:44:57.0610 0x1268  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:44:57.0627 0x1268  partmgr - ok
12:44:57.0695 0x1268  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:44:57.0713 0x1268  PcaSvc - ok
12:44:57.0775 0x1268  PCGRTP - ok
12:44:57.0786 0x1268  PcgSysMonX64 - ok
12:44:57.0815 0x1268  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:44:57.0834 0x1268  pci - ok
12:44:57.0900 0x1268  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:44:57.0914 0x1268  pciide - ok
12:44:57.0990 0x1268  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:44:58.0012 0x1268  pcmcia - ok
12:44:58.0037 0x1268  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:44:58.0052 0x1268  pcw - ok
12:44:58.0120 0x1268  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:44:58.0153 0x1268  PEAUTH - ok
12:44:58.0249 0x1268  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:44:58.0268 0x1268  PerfHost - ok
12:44:58.0360 0x1268  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:44:58.0403 0x1268  pla - ok
12:44:58.0438 0x1268  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:44:58.0452 0x1268  PlugPlay - ok
12:44:58.0467 0x1268  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:44:58.0475 0x1268  PNRPAutoReg - ok
12:44:58.0489 0x1268  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:44:58.0500 0x1268  PNRPsvc - ok
12:44:58.0559 0x1268  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:44:58.0585 0x1268  PolicyAgent - ok
12:44:58.0603 0x1268  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:44:58.0636 0x1268  Power - ok
12:44:58.0676 0x1268  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:44:58.0699 0x1268  PptpMiniport - ok
12:44:58.0709 0x1268  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:44:58.0716 0x1268  Processor - ok
12:44:58.0773 0x1268  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:44:58.0793 0x1268  ProfSvc - ok
12:44:58.0804 0x1268  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\Windows\system32\lsass.exe
12:44:58.0812 0x1268  ProtectedStorage - ok
12:44:58.0838 0x1268  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:44:58.0860 0x1268  Psched - ok
12:44:58.0950 0x1268  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:44:58.0995 0x1268  ql2300 - ok
12:44:59.0011 0x1268  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:44:59.0018 0x1268  ql40xx - ok
12:44:59.0050 0x1268  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:44:59.0066 0x1268  QWAVE - ok
12:44:59.0076 0x1268  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:44:59.0086 0x1268  QWAVEdrv - ok
12:44:59.0104 0x1268  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:44:59.0126 0x1268  RasAcd - ok
12:44:59.0158 0x1268  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:44:59.0180 0x1268  RasAgileVpn - ok
12:44:59.0188 0x1268  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:44:59.0212 0x1268  RasAuto - ok
12:44:59.0222 0x1268  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:44:59.0244 0x1268  Rasl2tp - ok
12:44:59.0259 0x1268  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:44:59.0285 0x1268  RasMan - ok
12:44:59.0294 0x1268  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:44:59.0317 0x1268  RasPppoe - ok
12:44:59.0329 0x1268  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:44:59.0352 0x1268  RasSstp - ok
12:44:59.0375 0x1268  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:44:59.0400 0x1268  rdbss - ok
12:44:59.0413 0x1268  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
12:44:59.0422 0x1268  rdpbus - ok
12:44:59.0449 0x1268  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:44:59.0471 0x1268  RDPCDD - ok
12:44:59.0475 0x1268  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:44:59.0497 0x1268  RDPENCDD - ok
12:44:59.0500 0x1268  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:44:59.0522 0x1268  RDPREFMP - ok
12:44:59.0642 0x1268  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:44:59.0657 0x1268  RdpVideoMiniport - ok
12:44:59.0704 0x1268  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:44:59.0725 0x1268  RDPWD - ok
12:44:59.0751 0x1268  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:44:59.0763 0x1268  rdyboost - ok
12:44:59.0781 0x1268  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:44:59.0817 0x1268  RemoteAccess - ok
12:44:59.0862 0x1268  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:44:59.0907 0x1268  RemoteRegistry - ok
12:44:59.0960 0x1268  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:44:59.0980 0x1268  RFCOMM - ok
12:45:00.0001 0x1268  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:45:00.0025 0x1268  RpcEptMapper - ok
12:45:00.0053 0x1268  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:45:00.0061 0x1268  RpcLocator - ok
12:45:00.0118 0x1268  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
12:45:00.0138 0x1268  RpcSs - ok
12:45:00.0178 0x1268  [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F, DED50163906A86A55E299AAEE127B00EFCCEA7DF26AC962568C91935A13A1562 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
12:45:00.0192 0x1268  RSPCIESTOR - ok
12:45:00.0223 0x1268  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:45:00.0246 0x1268  rspndr - ok
12:45:00.0261 0x1268  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs           C:\Windows\system32\lsass.exe
12:45:00.0268 0x1268  SamSs - ok
12:45:00.0287 0x1268  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:45:00.0294 0x1268  sbp2port - ok
12:45:00.0330 0x1268  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:45:00.0355 0x1268  SCardSvr - ok
12:45:00.0371 0x1268  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:45:00.0393 0x1268  scfilter - ok
12:45:00.0466 0x1268  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
12:45:00.0506 0x1268  Schedule - ok
12:45:00.0533 0x1268  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:45:00.0554 0x1268  SCPolicySvc - ok
12:45:00.0568 0x1268  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:45:00.0578 0x1268  SDRSVC - ok
12:45:00.0596 0x1268  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:45:00.0603 0x1268  secdrv - ok
12:45:00.0641 0x1268  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
12:45:00.0660 0x1268  seclogon - ok
12:45:00.0677 0x1268  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:45:00.0707 0x1268  SENS - ok
12:45:00.0733 0x1268  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:45:00.0742 0x1268  SensrSvc - ok
12:45:00.0763 0x1268  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:45:00.0773 0x1268  Serenum - ok
12:45:00.0802 0x1268  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
12:45:00.0813 0x1268  Serial - ok
12:45:00.0866 0x1268  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:45:00.0883 0x1268  sermouse - ok
12:45:00.0911 0x1268  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:45:00.0965 0x1268  SessionEnv - ok
12:45:00.0976 0x1268  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:45:00.0987 0x1268  sffdisk - ok
12:45:00.0991 0x1268  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:45:01.0000 0x1268  sffp_mmc - ok
12:45:01.0010 0x1268  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:45:01.0018 0x1268  sffp_sd - ok
12:45:01.0047 0x1268  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:45:01.0054 0x1268  sfloppy - ok
12:45:01.0098 0x1268  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:45:01.0137 0x1268  SharedAccess - ok
12:45:01.0160 0x1268  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:45:01.0187 0x1268  ShellHWDetection - ok
12:45:01.0198 0x1268  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:45:01.0204 0x1268  SiSRaid2 - ok
12:45:01.0219 0x1268  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:45:01.0226 0x1268  SiSRaid4 - ok
12:45:01.0289 0x1268  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:45:01.0305 0x1268  SkypeUpdate - ok
12:45:01.0334 0x1268  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:45:01.0357 0x1268  Smb - ok
12:45:01.0394 0x1268  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:45:01.0413 0x1268  SNMPTRAP - ok
12:45:01.0421 0x1268  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:45:01.0427 0x1268  spldr - ok
12:45:01.0480 0x1268  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:45:01.0498 0x1268  Spooler - ok
12:45:01.0622 0x1268  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:45:01.0701 0x1268  sppsvc - ok
12:45:01.0719 0x1268  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:45:01.0742 0x1268  sppuinotify - ok
12:45:01.0804 0x1268  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:45:01.0837 0x1268  srv - ok
12:45:01.0891 0x1268  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:45:01.0919 0x1268  srv2 - ok
12:45:01.0972 0x1268  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:45:01.0990 0x1268  srvnet - ok
12:45:02.0006 0x1268  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:45:02.0040 0x1268  SSDPSRV - ok
12:45:02.0052 0x1268  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:45:02.0076 0x1268  SstpSvc - ok
12:45:02.0100 0x1268  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:45:02.0106 0x1268  stexstor - ok
12:45:02.0155 0x1268  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:45:02.0182 0x1268  stisvc - ok
12:45:02.0195 0x1268  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:45:02.0201 0x1268  swenum - ok
12:45:02.0226 0x1268  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:45:02.0257 0x1268  swprv - ok
12:45:02.0354 0x1268  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
12:45:02.0389 0x1268  SysMain - ok
12:45:02.0405 0x1268  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:45:02.0417 0x1268  TabletInputService - ok
12:45:02.0439 0x1268  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:45:02.0466 0x1268  TapiSrv - ok
12:45:02.0574 0x1268  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:45:02.0612 0x1268  Tcpip - ok
12:45:02.0754 0x1268  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:45:02.0793 0x1268  TCPIP6 - ok
12:45:02.0837 0x1268  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:45:02.0854 0x1268  tcpipreg - ok
12:45:02.0884 0x1268  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:45:02.0895 0x1268  TDPIPE - ok
12:45:02.0906 0x1268  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:45:02.0915 0x1268  TDTCP - ok
12:45:02.0956 0x1268  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:45:02.0976 0x1268  tdx - ok
12:45:03.0285 0x1268  [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
12:45:03.0401 0x1268  TeamViewer - ok
12:45:03.0426 0x1268  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:45:03.0433 0x1268  TermDD - ok
12:45:03.0512 0x1268  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:45:03.0532 0x1268  TermService - ok
12:45:03.0547 0x1268  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:45:03.0558 0x1268  Themes - ok
12:45:03.0585 0x1268  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:45:03.0608 0x1268  THREADORDER - ok
12:45:03.0635 0x1268  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:45:03.0660 0x1268  TrkWks - ok
12:45:03.0693 0x1268  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:45:03.0717 0x1268  TrustedInstaller - ok
12:45:03.0758 0x1268  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:45:03.0775 0x1268  tssecsrv - ok
12:45:03.0827 0x1268  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:45:03.0844 0x1268  TsUsbFlt - ok
12:45:03.0882 0x1268  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:45:03.0898 0x1268  TsUsbGD - ok
12:45:03.0942 0x1268  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:45:03.0979 0x1268  tunnel - ok
12:45:04.0016 0x1268  [ 20155CF5FB9F7902178D7D5CDC7C0F90, 151043D6F1D7D3419FB4AA8D76229CFF99ECAA89297421C2137DE609E5A2B368 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
12:45:04.0026 0x1268  TurboB - ok
12:45:04.0117 0x1268  [ E00FC2B80837C29817A3A082717B8C48, 8028C16FB0579EADAAA092B5F197125C716AF1C64C43F9FADF725D3E1109F1BD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:45:04.0126 0x1268  TurboBoost - ok
12:45:04.0141 0x1268  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:45:04.0149 0x1268  uagp35 - ok
12:45:04.0161 0x1268  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
12:45:04.0169 0x1268  UBHelper - ok
12:45:04.0192 0x1268  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:45:04.0217 0x1268  udfs - ok
12:45:04.0249 0x1268  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:45:04.0258 0x1268  UI0Detect - ok
12:45:04.0284 0x1268  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:45:04.0291 0x1268  uliagpkx - ok
12:45:04.0301 0x1268  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:45:04.0309 0x1268  umbus - ok
12:45:04.0318 0x1268  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:45:04.0325 0x1268  UmPass - ok
12:45:04.0436 0x1268  [ 875A3B86D821151C84A4DFD40309C72D, FB251A3180F829B086C007807B68D7918276FEDB33618BB22C28A3DCEAFB751E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:45:04.0459 0x1268  UNS - ok
12:45:04.0487 0x1268  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:45:04.0523 0x1268  upnphost - ok
12:45:04.0570 0x1268  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
12:45:04.0590 0x1268  usbccgp - ok
12:45:04.0644 0x1268  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:45:04.0664 0x1268  usbcir - ok
12:45:04.0711 0x1268  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:45:04.0722 0x1268  usbehci - ok
12:45:04.0747 0x1268  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
12:45:04.0766 0x1268  usbhub - ok
12:45:04.0801 0x1268  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:45:04.0808 0x1268  usbohci - ok
12:45:04.0845 0x1268  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:45:04.0866 0x1268  usbprint - ok
12:45:04.0916 0x1268  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:45:04.0933 0x1268  usbscan - ok
12:45:05.0009 0x1268  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
12:45:05.0025 0x1268  usbser - ok
12:45:05.0058 0x1268  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:45:05.0076 0x1268  USBSTOR - ok
12:45:05.0118 0x1268  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:45:05.0133 0x1268  usbuhci - ok
12:45:05.0185 0x1268  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
12:45:05.0206 0x1268  usbvideo - ok
12:45:05.0228 0x1268  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:45:05.0270 0x1268  UxSms - ok
12:45:05.0282 0x1268  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc        C:\Windows\system32\lsass.exe
12:45:05.0289 0x1268  VaultSvc - ok
12:45:05.0316 0x1268  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:45:05.0330 0x1268  vdrvroot - ok
12:45:05.0367 0x1268  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:45:05.0403 0x1268  vds - ok
12:45:05.0421 0x1268  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:45:05.0430 0x1268  vga - ok
12:45:05.0433 0x1268  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:45:05.0455 0x1268  VgaSave - ok
12:45:05.0479 0x1268  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:45:05.0488 0x1268  vhdmp - ok
12:45:05.0519 0x1268  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:45:05.0525 0x1268  viaide - ok
12:45:05.0539 0x1268  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:45:05.0546 0x1268  volmgr - ok
12:45:05.0572 0x1268  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:45:05.0583 0x1268  volmgrx - ok
12:45:05.0601 0x1268  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:45:05.0612 0x1268  volsnap - ok
12:45:05.0633 0x1268  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:45:05.0641 0x1268  vsmraid - ok
12:45:05.0735 0x1268  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:45:05.0799 0x1268  VSS - ok
12:45:05.0807 0x1268  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:45:05.0815 0x1268  vwifibus - ok
12:45:05.0825 0x1268  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:45:05.0835 0x1268  vwififlt - ok
12:45:05.0860 0x1268  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
12:45:05.0869 0x1268  vwifimp - ok
12:45:05.0897 0x1268  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:45:05.0925 0x1268  W32Time - ok
12:45:05.0942 0x1268  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:45:05.0949 0x1268  WacomPen - ok
12:45:05.0966 0x1268  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:45:05.0987 0x1268  WANARP - ok
12:45:05.0991 0x1268  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:45:06.0013 0x1268  Wanarpv6 - ok
12:45:06.0159 0x1268  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:45:06.0184 0x1268  WatAdminSvc - ok
12:45:06.0254 0x1268  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:45:06.0286 0x1268  wbengine - ok
12:45:06.0322 0x1268  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:45:06.0336 0x1268  WbioSrvc - ok
12:45:06.0359 0x1268  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:45:06.0375 0x1268  wcncsvc - ok
12:45:06.0388 0x1268  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:45:06.0396 0x1268  WcsPlugInService - ok
12:45:06.0443 0x1268  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:45:06.0458 0x1268  Wd - ok
12:45:06.0529 0x1268  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:45:06.0557 0x1268  Wdf01000 - ok
12:45:06.0599 0x1268  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:45:06.0607 0x1268  WdiServiceHost - ok
12:45:06.0611 0x1268  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:45:06.0620 0x1268  WdiSystemHost - ok
12:45:06.0663 0x1268  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
12:45:06.0675 0x1268  WebClient - ok
12:45:06.0704 0x1268  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:45:06.0731 0x1268  Wecsvc - ok
12:45:06.0739 0x1268  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:45:06.0762 0x1268  wercplsupport - ok
12:45:06.0786 0x1268  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:45:06.0809 0x1268  WerSvc - ok
12:45:06.0827 0x1268  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:45:06.0848 0x1268  WfpLwf - ok
12:45:06.0867 0x1268  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:45:06.0873 0x1268  WIMMount - ok
12:45:06.0897 0x1268  WinDefend - ok
12:45:06.0900 0x1268  WinHttpAutoProxySvc - ok
12:45:06.0960 0x1268  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:45:07.0007 0x1268  Winmgmt - ok
12:45:07.0097 0x1268  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:45:07.0136 0x1268  WinRM - ok
12:45:07.0229 0x1268  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:45:07.0251 0x1268  WinUsb - ok
12:45:07.0337 0x1268  [ 6E5FE85FC15590EF509A6D217C65F9BE, C532E062F8B599FDC6FB42CAE17A9EF4E1591FE94A000CBC525CD7287047C088 ] WirelessKeyboardFilter C:\Windows\system32\DRIVERS\WirelessKeyboardFilter.sys
12:45:07.0356 0x1268  WirelessKeyboardFilter - ok
12:45:07.0399 0x1268  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:45:07.0429 0x1268  Wlansvc - ok
12:45:07.0475 0x1268  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:45:07.0485 0x1268  wlcrasvc - ok
12:45:07.0610 0x1268  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:45:07.0651 0x1268  wlidsvc - ok
12:45:07.0688 0x1268  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:45:07.0705 0x1268  WmiAcpi - ok
12:45:07.0758 0x1268  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:45:07.0780 0x1268  wmiApSrv - ok
12:45:07.0855 0x1268  WMPNetworkSvc - ok
12:45:07.0873 0x1268  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:45:07.0890 0x1268  WPCSvc - ok
12:45:07.0905 0x1268  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:45:07.0915 0x1268  WPDBusEnum - ok
12:45:07.0927 0x1268  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:45:07.0949 0x1268  ws2ifsl - ok
12:45:07.0966 0x1268  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:45:07.0978 0x1268  wscsvc - ok
12:45:08.0001 0x1268  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
12:45:08.0010 0x1268  WSDPrintDevice - ok
12:45:08.0052 0x1268  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
12:45:08.0067 0x1268  WSDScan - ok
12:45:08.0072 0x1268  WSearch - ok
12:45:08.0187 0x1268  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:45:08.0236 0x1268  wuauserv - ok
12:45:08.0275 0x1268  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:45:08.0283 0x1268  WudfPf - ok
12:45:08.0325 0x1268  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:45:08.0348 0x1268  WUDFRd - ok
12:45:08.0383 0x1268  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:45:08.0404 0x1268  wudfsvc - ok
12:45:08.0458 0x1268  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:45:08.0481 0x1268  WwanSvc - ok
12:45:08.0544 0x1268  [ 79BC44FF509C79D4E34DED3CD6EFD92B, E20385AC49BB1BA882A1EEEB57EB4AC2B1EFD507C0254DE6DE5AD5161A8B0E7C ] ZAtheros Wlan Agent C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
12:45:08.0555 0x1268  ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 )
12:45:08.0555 0x1268  ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - warning
12:45:08.0582 0x1268  ================ Scan global ===============================
12:45:08.0625 0x1268  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
12:45:08.0679 0x1268  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
12:45:08.0714 0x1268  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
12:45:08.0753 0x1268  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:45:08.0806 0x1268  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:45:08.0818 0x1268  [ Global ] - ok
12:45:08.0819 0x1268  ================ Scan MBR ==================================
12:45:08.0838 0x1268  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:45:09.0304 0x1268  \Device\Harddisk0\DR0 - ok
12:45:09.0307 0x1268  [ 0BF25BD5ABF0B92BC3139291428D9EA6 ] \Device\Harddisk1\DR1
12:45:09.0350 0x1268  \Device\Harddisk1\DR1 - ok
12:45:09.0351 0x1268  ================ Scan VBR ==================================
12:45:09.0354 0x1268  [ FF50653BDA511012B8255CE2A0A9F79F ] \Device\Harddisk0\DR0\Partition1
12:45:09.0357 0x1268  \Device\Harddisk0\DR0\Partition1 - ok
12:45:09.0361 0x1268  [ 405092EBF3F7D447942538406C1462F2 ] \Device\Harddisk0\DR0\Partition2
12:45:09.0364 0x1268  \Device\Harddisk0\DR0\Partition2 - ok
12:45:09.0368 0x1268  [ F0F084F1F06D01823A7396A8450A86B7 ] \Device\Harddisk1\DR1\Partition1
12:45:09.0371 0x1268  \Device\Harddisk1\DR1\Partition1 - ok
12:45:09.0372 0x1268  ================ Scan generic autorun ======================
12:45:09.0423 0x1268  [ E815DF429EE04E2CE644C1B5F30B0B1E, 98C2B1DA65CBC30D43D526C2D43B7A0DB931B3C0CA60193468A8F99538CC8DAF ] C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe
12:45:09.0446 0x1268  InstantUpdate - ok
12:45:09.0470 0x1268  [ 406C9A72B1CE00E731310CCADB4C3150, 921041224A4BB4E78E863AED3705F3E75C42D2D7FB4DA458E278EB8F0A05BA8A ] C:\Windows\system32\igfxtray.exe
12:45:09.0486 0x1268  IgfxTray - ok
12:45:09.0512 0x1268  [ 2A5459EB1D04D25EC44B6FB1E1F262F2, 058B4CA9AA5228B01664AF42C49D2D78D2EAC12173D82E188B5AD5FF9361D9FA ] C:\Windows\system32\hkcmd.exe
12:45:09.0530 0x1268  HotKeysCmds - ok
12:45:09.0546 0x1268  [ 1C56476A663EAB7561F78DD87544AFAA, F15C6A5469031238C449F41137138A7B0B459B18AB84CDF1B92D2D8E54E39DDA ] C:\Windows\system32\igfxpers.exe
12:45:09.0563 0x1268  Persistence - ok
12:45:09.0938 0x1268  [ 2369302807DB32AFADB5FA65E48500D5, BF9E26F5CEE1F6BF06D48BC1036F27E148C2F85937EAF30111FEC6AE9BD179B7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:45:10.0138 0x1268  RtHDVCpl - ok
12:45:10.0171 0x1268  [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:45:10.0198 0x1268  RtHDVBg_Dolby - ok
12:45:10.0258 0x1268  [ E390603C119800437DCD25491C888E3B, 04FC59E1BC130BEB95CA230991E81B29FDAFBC4D31AC60FA066849D75369BA63 ] C:\Program Files\Apoint2K\Apoint.exe
12:45:10.0277 0x1268  Apoint - ok
12:45:10.0362 0x1268  [ 539225DF59A1216EAA6AE29D4A315356, 3D58432228002F8AA9BF61C7A1672ED1D6F58CC7176D0E042BF413E24E8101D3 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
12:45:10.0391 0x1268  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
12:45:10.0391 0x1268  AtherosBtStack ( UnsignedFile.Multi.Generic ) - warning
12:45:10.0391 0x1268  Force sending object to P2P due to detect: C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
12:45:10.0394 0x1268  Object send P2P result: false
12:45:10.0430 0x1268  [ 61F591A81BDCA38101B6859545EE8E22, A2275D626BD60676B0EBB587C56DE6A2354142EED86CCE6BA0AC9FBBA359C0C7 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
12:45:10.0448 0x1268  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
12:45:10.0448 0x1268  AthBtTray ( UnsignedFile.Multi.Generic ) - warning
12:45:10.0450 0x1268  IntelTBRunOnce - ok
12:45:10.0547 0x1268  [ 9634F2078F66B901B171F7E75FFF3261, DF82CF522847F930A26A438096C32A34F448A89F28BA4C681F396F0C25B96E28 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
12:45:10.0580 0x1268  Power Management - ok
12:45:10.0747 0x1268  [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
12:45:10.0801 0x1268  EvtMgr6 - ok
12:45:10.0828 0x1268  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:45:10.0837 0x1268  Logitech Download Assistant - ok
12:45:10.0898 0x1268  [ 4DDE3E01B5020B3D5DEEC7E3DC0F3185, C7315F3521EE461027A3DDE7CFC0EA4F8E705A98F9292284BB20620D7F34DDE9 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
12:45:10.0915 0x1268  BackupManagerTray - ok
12:45:10.0982 0x1268  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
12:45:11.0008 0x1268  USB3MON - ok
12:45:11.0099 0x1268  [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
12:45:11.0120 0x1268  Avira SystrayStartTrigger - ok
12:45:11.0203 0x1268  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:45:11.0217 0x1268  APSDaemon - ok
12:45:11.0323 0x1268  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:45:11.0348 0x1268  Sidebar - ok
12:45:11.0368 0x1268  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:45:11.0379 0x1268  mctadmin - ok
12:45:11.0381 0x1268  IsMyWinLockerReboot - ok
12:45:11.0421 0x1268  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:45:11.0447 0x1268  Sidebar - ok
12:45:11.0451 0x1268  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:45:11.0463 0x1268  mctadmin - ok
12:45:11.0464 0x1268  IsMyWinLockerReboot - ok
12:45:11.0490 0x1268  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:45:11.0516 0x1268  Sidebar - ok
12:45:11.0520 0x1268  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:45:11.0531 0x1268  mctadmin - ok
12:45:11.0676 0x1268  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe
12:45:11.0693 0x1268  Google Update - ok
12:45:12.0004 0x1268  [ 47DBCC66CF9A3DCEF2D42051431160D3, 5E99CB8333471E80590AED8CA139EF859AD617D1C7BD9406913A86016DCA08F6 ] C:\Program Files\CCleaner\CCleaner64.exe
12:45:12.0138 0x1268  CCleaner Monitoring - ok
12:45:12.0252 0x1268  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
12:45:12.0275 0x1268  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
12:45:12.0275 0x1268  SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - warning
12:45:12.0285 0x1268  Win FW state via NFP2: enabled ( trusted )
12:45:12.0285 0x1268  ============================================================
12:45:12.0285 0x1268  Scan finished
12:45:12.0285 0x1268  ============================================================
12:45:12.0290 0x1630  Detected object count: 7
12:45:12.0290 0x1630  Actual detected object count: 7
12:45:26.0032 0x1630  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:45:26.0032 0x1630  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:45:26.0034 0x1630  AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:45:26.0034 0x1630  AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:45:26.0036 0x1630  DCDhcpService ( UnsignedFile.Multi.Generic ) - skipped by user
12:45:26.0036 0x1630  DCDhcpService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:45:26.0038 0x1630  ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - skipped by user
12:45:26.0038 0x1630  ZAtheros Wlan Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:45:26.0040 0x1630  AtherosBtStack ( UnsignedFile.Multi.Generic ) - skipped by user
12:45:26.0040 0x1630  AtherosBtStack ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:45:26.0043 0x1630  AthBtTray ( UnsignedFile.Multi.Generic ) - skipped by user
12:45:26.0043 0x1630  AthBtTray ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:45:26.0044 0x1630  SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - skipped by user
12:45:26.0044 0x1630  SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 11.11.2016, 13:50   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.11.2016, 14:10   #11
ascard
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Code:
ATTFilter
# AdwCleaner v6.030 - Bericht erstellt am 11/11/2016 um 13:57:19
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-10.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Besitzer - BESITZER-PC
# Gestartet von : C:\Users\Besitzer\Desktop\Wichtige Programme\antivir\AdwCleaner_6.030.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3440 Bytes] - [10/09/2016 22:32:54]
C:\AdwCleaner\AdwCleaner[R0].txt - [18122 Bytes] - [19/12/2014 23:24:38]
C:\AdwCleaner\AdwCleaner[R1].txt - [1182 Bytes] - [20/12/2014 10:37:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [18678 Bytes] - [19/12/2014 23:26:06]
C:\AdwCleaner\AdwCleaner[S0]1.txt - [18678 Bytes] - [19/12/2014 23:28:54]
C:\AdwCleaner\AdwCleaner[S10].txt - [1613 Bytes] - [11/11/2016 13:57:19]
C:\AdwCleaner\AdwCleaner[S1].txt - [1244 Bytes] - [20/12/2014 10:38:29]
C:\AdwCleaner\AdwCleaner[S2].txt - [3518 Bytes] - [10/09/2016 22:30:14]
C:\AdwCleaner\AdwCleaner[S3].txt - [1870 Bytes] - [10/09/2016 23:08:34]
C:\AdwCleaner\AdwCleaner[S4].txt - [1943 Bytes] - [10/09/2016 23:11:14]
C:\AdwCleaner\AdwCleaner[S5].txt - [2024 Bytes] - [11/09/2016 07:25:25]
C:\AdwCleaner\AdwCleaner[S6].txt - [2097 Bytes] - [11/09/2016 07:34:31]
C:\AdwCleaner\AdwCleaner[S7].txt - [2170 Bytes] - [11/09/2016 12:04:07]
C:\AdwCleaner\AdwCleaner[S8].txt - [2243 Bytes] - [11/09/2016 13:18:58]
C:\AdwCleaner\AdwCleaner[S9].txt - [2334 Bytes] - [04/11/2016 07:38:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [2344 Bytes] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Besitzer (Administrator) on 11.11.2016 at 13:59:35,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 34 

Successfully deleted: C:\Users\Besitzer\AppData\Local\{877821E3-F8D8-4D23-A492-97F1829C5153} (Empty Folder)
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5X6HOTU7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9RJD5M2O (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BK4KOC73 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNJ43BGN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNVR69VS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCYVW0A9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FO1D135G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G4N8GNO3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II1ZHOZ1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX3AG1C2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NXZK67PD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PK3DFULO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZRC6XZ0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TE0H434E (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VYVH9GM0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Besitzer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6CM7GO5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5X6HOTU7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9RJD5M2O (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BK4KOC73 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNJ43BGN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CNVR69VS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DCYVW0A9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FO1D135G (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G4N8GNO3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\II1ZHOZ1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX3AG1C2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NXZK67PD (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PK3DFULO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZRC6XZ0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TE0H434E (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VYVH9GM0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6CM7GO5 (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2016 at 14:01:54,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
den ie5 nutze ich nie ;-)

die winini hat mir jrt vor ca 1 monat schonmal gelöscht

Alt 11.11.2016, 14:11   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.11.2016, 14:22   #13
ascard
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-11-2016
durchgeführt von Besitzer (11-11-2016 14:12:26)
Gestartet von C:\Users\Besitzer\Desktop\Wichtige Programme\antivir
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-12 07:25:51)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1843646025-399791798-1682867763-500 - Administrator - Disabled)
Besitzer (S-1-5-21-1843646025-399791798-1682867763-1001 - Administrator - Enabled) => C:\Users\Besitzer
Gast (S-1-5-21-1843646025-399791798-1682867763-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1843646025-399791798-1682867763-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-1843646025-399791798-1682867763-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.3501.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.3501.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{682EC6E8-A300-45FD-8F09-0F3A6EA334D6}) (Version: 1.00.3004 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.109.2020.209 - Alps Electric)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ashampoo Home Designer Pro v.1.0.1 (HKLM-x32\...\{4D1A0101-17A2-4fca-9119-4734EDBDA12D}_is1) (Version: 1.0.1 - Creative Amadeo GmbH)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Avast Browser Cleanup (HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Avast Browser Cleanup) (Version: 12.1.2272.125 - AVAST Software)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
calibre 64bit (HKLM\...\{EA927D74-9D01-4436-89AE-ACF7C893C845}) (Version: 2.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated)
ClearProg 1.6.0 Final (HKLM-x32\...\ClearProg) (Version: 1.6.0 Final - Sven Hoffman)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2822.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON BX630FW Series Printer Uninstall (HKLM\...\EPSON BX630FW Series) (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPSON File Manager (HKLM-x32\...\{D02F30FB-0BC4-419A-9B9C-ADC610029B50}) (Version: 1.3.2.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Earth (HKLM-x32\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IP Camera Viewer 1.0 (HKLM-x32\...\IP Camera Viewer_is1) (Version:  - DeskShare Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.0 - CEWE Stiftung u Co. KGaA)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Picture Collage Maker Free 2.1.2 (HKLM-x32\...\{DEB7295A-D00E-4D45-846C-2947E8C3F080}_is1) (Version:  - PearlMountain Soft)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.1 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1843646025-399791798-1682867763-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06A7DD8B-8F96-46DC-BEB4-C76E67DCD076} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001UA => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {42DEAB31-ED47-4FDF-9AB2-27ADF93AC3FE} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-18] (CyberLink)
Task: {4A04ED7D-D8A4-4004-BD12-2EAFD57CB496} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {6B041E76-9C0A-429E-A95D-D7D83063E120} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {97BE05E6-CF89-4E90-BECD-E2439447F7CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {B9BFBF4A-9133-4977-9830-A59EDD133F04} - System32\Tasks\avastBCLS-1-5-21-1843646025-399791798-1682867763-1001 => C:\Users\Besitzer\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2016-11-07] (AVAST Software)
Task: {BCBEE009-5DD2-43B8-A57A-3C6765068996} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-08] (Adobe Systems Incorporated)
Task: {C4A2CC60-56A2-49E3-947F-9AD97136FB70} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001Core => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D324123B-5ACB-4B66-B4AF-83DBBF1E2086} - System32\Tasks\avast! BCU UpdateS-1-5-21-1843646025-399791798-1682867763-1001 => C:\Users\Besitzer\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001Core.job => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001UA.job => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-07-17 18:34 - 2015-07-17 18:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2016-05-12 11:50 - 2016-05-12 11:50 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2012-04-20 11:00 - 2011-11-30 04:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-09-23 02:03 - 2011-12-16 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-10-25 00:36 - 2016-10-20 09:47 - 01819240 _____ () C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-25 00:36 - 2016-10-20 09:47 - 00093288 _____ () C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7916 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7916 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7916 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1843646025-399791798-1682867763-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.179.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^Users^Besitzer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Dolby PCEE4\pcee4.exe" -autostart
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F78B396B-AA4D-4092-86FD-7831C399189A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{006B25EF-A281-4EDC-9E60-CA912422134F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6F4B1A05-01FA-4CF2-9D27-81F7EA979B46}] => (Allow) LPort=2869
FirewallRules: [{34D2FEC4-0160-492D-B1B7-853990B21397}] => (Allow) LPort=1900
FirewallRules: [{F47379F9-4316-44EF-8408-8A03B82D9F12}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5102085A-51F3-4385-8F20-4DB983B00E8F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7430170F-A6BA-4394-9F9A-4A6A34E83BE4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A3241587-844F-45BA-BD83-E4C8F25C1FE5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{28392710-C0F3-4EE0-8EE8-E267490B7065}] => (Allow) C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe
FirewallRules: [{99BEF38D-9E54-4750-B821-0CC223EF051F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{5B0C25A9-48B7-4552-9325-3E7127418B9E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{995FBD4B-ADA3-439E-800D-46333283F88B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{174214E1-994B-4485-A2EA-259F019C6FF0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{3FB1CEB9-11C2-4D6B-AB39-F6A9B45D7F01}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{AFC6AB4C-72BA-4115-8EAD-070309F6D4BF}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{EC1E7F11-5FC6-42A1-8DE6-A33388EAA5A0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F76A5231-6FC4-4171-9554-635F45188DA6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6DAA3869-99FF-41D5-A40B-CA2F538B9B1D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{00F316BD-4243-439E-B327-8E50947EC267}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 1.0\IP Camera Viewer.exe
FirewallRules: [{F3F60A32-C983-422C-9A7C-0A4A5E2A387C}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 1.0\IP Camera Viewer.exe
FirewallRules: [{498F7FFB-9017-4A63-BF6E-BB9664D98842}] => (Allow) C:\Program Files (x86)\BeeDoctor\0.1.1411.1712\PCG.exe
FirewallRules: [{FA472BAB-CE61-4406-A4C4-522ACFA09433}] => (Allow) C:\Program Files (x86)\BeeDoctor\0.1.1411.1712\PCG.exe
FirewallRules: [{710429C2-2068-4E36-9440-CC1649ED7E2C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5702F990-3D77-4952-8752-2E441B459669}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{927FB7BD-C08E-420D-BF2C-3DA1CF5BA9AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0041FF7-748F-42F2-8A70-4AF8B94962D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3AED18A8-B1B2-4A69-8047-56E3B5447366}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E2A2A4F2-7D59-4670-B454-19C1A31AFDAC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{1399025D-00F5-49B4-8CCF-880DC2D6CADD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{037133DF-038B-48AF-9BB4-B1F7EECA1821}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{826EF073-8799-4740-BFCD-B78F9D9D610D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1F810284-E71C-4652-AB08-0268E4BB507D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{769EE989-7108-4EAA-AF72-1816B16A6B0F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{37FF9B93-F202-4575-8A2B-3C95096F54B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{DD9B69B3-B89C-4FD2-82B0-FF54F567EF03}C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D55C5EBE-9E54-42FA-8CF6-FF054724AC91}C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{B64170BC-2CEA-4AF5-BFBD-076390261365}C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{599B7BEF-A232-418E-AB98-373C2B647A9F}C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\besitzer\appdata\local\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

01-11-2016 21:14:34 Windows Update
04-11-2016 07:39:36 JRT Pre-Junkware Removal
04-11-2016 17:21:37 JRT Pre-Junkware Removal
04-11-2016 17:27:04 JRT Pre-Junkware Removal
10-11-2016 03:00:18 Windows Update
11-11-2016 13:59:40 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/11/2016 11:17:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/11/2016 11:14:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDFSSvc.exe, Version: 2.4.40.217, Zeitstempel: 0x535a5114
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23569, Zeitstempel: 0x57f7bb79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0004eb83
ID des fehlerhaften Prozesses: 0x828
Startzeit der fehlerhaften Anwendung: 0x01d23afa4f265a9a
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: a69b0c8f-a7f7-11e6-8df3-7054d28633eb

Error: (11/11/2016 11:14:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdSvc.exe, Version: 2.5.44.79, Zeitstempel: 0x57e24e33
Name des fehlerhaften Moduls: rtl150.bpl, Version: 15.0.3953.35171, Zeitstempel: 0x4cca139f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a116
ID des fehlerhaften Prozesses: 0x8bc
Startzeit der fehlerhaften Anwendung: 0x01d23afa4ffa3512
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
Berichtskennung: a4374a0a-a7f7-11e6-8df3-7054d28633eb

Error: (11/11/2016 12:16:13 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1843646025-399791798-1682867763-1001}/">.

Error: (11/10/2016 11:48:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).

Error: (11/10/2016 09:55:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/10/2016 09:55:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/10/2016 09:55:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (11/10/2016 06:19:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (11/10/2016 06:19:20 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (11/11/2016 02:00:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/11/2016 11:18:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (11/11/2016 11:18:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (11/11/2016 11:17:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service Installer TrueKey" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/11/2016 11:16:47 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{c20bf01b-8811-11e2-92a7-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (11/10/2016 03:31:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (11/10/2016 03:29:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Service Installer TrueKey" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/10/2016 03:28:55 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{c20bf01b-8811-11e2-92a7-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (11/10/2016 03:26:25 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{995C996E-D918-4A8C-A302-45719A6F4EA7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/06/2016 02:29:52 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8030.36 MB
Verfügbarer physikalischer RAM: 5702.5 MB
Summe virtueller Speicher: 16058.89 MB
Verfügbarer virtueller Speicher: 13733.47 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:451 GB) (Free:274.94 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:170.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 67C5EB6E)
Partition 1: (Not Active) - (Size=14.7 GB) - (Type=27)
Partition 2: (Active) - (Size=47 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 05EAF7F1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
durchgeführt von Besitzer (Administrator) auf BESITZER-PC (11-11-2016 14:12:05)
Gestartet von C:\Users\Besitzer\Desktop\Wichtige Programme\antivir
Geladene Profile: UpdatusUser & Besitzer (Verfügbare Profile: UpdatusUser & Besitzer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [InstantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12448872 2012-02-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [576376 2012-02-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Run: [Google Update] => C:\Users\Besitzer\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\...\MountPoints2: {f6ca75a8-d03e-11e3-abfa-7054d28633eb} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-01-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyServer: [S-1-5-21-1843646025-399791798-1682867763-1001] => localhost:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{824B8107-608E-41A7-9C51-059F90A75E42}: [DhcpNameServer] 192.168.179.1
ManualProxies: 1localhost:21320

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKU\S-1-5-21-1843646025-399791798-1682867763-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://search.avast.com/AV772/
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1843646025-399791798-1682867763-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1843646025-399791798-1682867763-1001 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1843646025-399791798-1682867763-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-08] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5uifafsi.default-1473595326940 [2016-11-11]
FF Extension: (Adblock Plus) - C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\5uifafsi.default-1473595326940\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-31]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-31] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-10-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-02-27] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1843646025-399791798-1682867763-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1843646025-399791798-1682867763-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://webmailcluster.1und1.de/xml/webmail/Login;jsessionid=CFDA13F7016F3A700D9D1AECAD99595A.TC159a?__reuse=1343637707253
CHR Plugin: (Shockwave Flash) - C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\54.0.2840.71\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => Keine Datei
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => Keine Datei
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Besitzer\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => Keine Datei
CHR Profile: C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default [2016-11-11]
CHR Extension: (Google Docs) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google-Suche) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Avira Browserschutz) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-20]
CHR Extension: (Google Docs Offline) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-17]
CHR Extension: (eBay Deutschland) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknjndilpbgfjegfncoipgnhficfffoa [2016-09-11]
CHR Extension: (Speed Dial 2) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-09-11]
CHR Extension: (Facebook Notifications) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2013-03-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-17]
CHR Extension: (Google Mail) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.7WYCGHJGIVNT5M6WCAKMLXAGXA - C:\Users\Besitzer\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-01-30] (Adobe Systems) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [107648 2012-03-08] (Atheros Commnucations) [Datei ist nicht signiert]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
S3 DCDhcpService; C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe [111776 2012-02-10] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [Datei ist nicht signiert]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S4 PCGRTP; "C:\Program Files (x86)\BeeDoctor\0.1.1411.1712\PcgRtp.exe" -r [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S4 PcgSysMonX64; \??\C:\Program Files (x86)\BeeDoctor\0.1.1411.1712\PcgSysMonX64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-11 14:01 - 2016-11-11 14:01 - 00006017 _____ C:\Users\Besitzer\Desktop\JRT.txt
2016-11-11 12:44 - 2016-11-11 13:52 - 00222188 _____ C:\TDSSKiller.3.1.0.12_11.11.2016_12.44.16_log.txt
2016-11-11 12:39 - 2016-11-11 12:41 - 00221340 _____ C:\TDSSKiller.3.1.0.12_11.11.2016_12.39.06_log.txt
2016-11-11 12:10 - 2016-11-11 12:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-11 10:54 - 2016-11-11 14:12 - 00000000 ____D C:\FRST
2016-11-11 07:42 - 2016-11-11 07:42 - 49707232 _____ (Microsoft Corporation) C:\Users\Besitzer\Downloads\Windows-KB890830-x64-V5.42.exe
2016-11-10 23:54 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20161110-235420.backup
2016-11-10 23:52 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20161110-235254.backup
2016-11-09 14:58 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 14:58 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 14:58 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 14:58 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 14:58 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 14:58 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 14:58 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 14:58 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 14:58 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 14:58 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 14:58 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 14:58 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 14:58 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 14:58 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 14:58 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 14:58 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 14:58 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 14:58 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 14:58 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 14:58 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 14:58 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 14:58 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 14:58 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 14:58 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 14:58 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 14:58 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 14:58 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 14:58 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 14:58 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 14:58 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 14:58 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 14:58 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-09 14:58 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-09 14:58 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 14:58 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-09 14:58 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-09 14:58 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-09 14:58 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-09 14:58 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 14:58 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 14:58 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 14:58 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-09 14:58 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-09 14:58 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-09 14:58 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 14:58 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 14:58 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 14:58 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-09 14:58 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-09 14:58 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-09 14:58 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-09 14:58 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-09 14:58 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-09 14:58 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-09 14:58 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-09 14:58 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-09 14:58 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-09 14:58 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-09 14:58 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-09 14:58 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 14:58 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-09 14:58 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 14:58 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-09 14:58 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-09 14:58 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-09 14:58 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 14:58 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-09 14:57 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-09 14:57 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-09 14:57 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-09 01:03 - 2016-11-09 15:08 - 00016721 _____ C:\Users\Besitzer\Desktop\OpenDocument Text (neu).odt
2016-11-08 19:41 - 2016-11-11 11:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-07 20:51 - 2016-11-08 01:16 - 00014193 _____ C:\Users\Besitzer\Desktop\Rente.odt
2016-11-04 23:09 - 2016-11-04 23:09 - 00049849 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0032016_vom_31.10.2016_20161104110941.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00048086 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3250180__Nr.0112016_vom_31.10.2016_20161104110943.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00048086 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3250180__Nr.0112016_vom_31.10.2016_20161104110937.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00047376 _____ C:\Users\Besitzer\Downloads\Kontoauszug_7503298787__Nr.0012016_vom_31.10.2016_20161104110945.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00047376 _____ C:\Users\Besitzer\Downloads\Kontoauszug_7503298787__Nr.0012016_vom_31.10.2016_20161104110940.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00043901 _____ C:\Users\Besitzer\Downloads\Mitteilung_3298787_vom_31.10.2016_20161104111001.pdf
2016-11-04 23:09 - 2016-11-04 23:09 - 00043892 _____ C:\Users\Besitzer\Downloads\Mitteilung_3250180_vom_31.10.2016_20161104110925.pdf
2016-11-04 17:37 - 2016-11-04 17:38 - 00000000 ____D C:\KVRT_Data
2016-11-04 07:48 - 2016-11-04 07:48 - 00000000 ____D C:\Users\Besitzer\Documents\ProcAlyzer Dumps
2016-11-04 07:36 - 2016-11-04 07:36 - 00004260 _____ C:\Windows\System32\Tasks\avast! BCU UpdateS-1-5-21-1843646025-399791798-1682867763-1001
2016-11-04 07:36 - 2016-11-04 07:36 - 00003316 _____ C:\Windows\System32\Tasks\avastBCLS-1-5-21-1843646025-399791798-1682867763-1001
2016-11-04 07:36 - 2016-11-04 07:36 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup
2016-11-04 07:36 - 2016-11-04 07:36 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\AVAST Software
2016-10-27 15:20 - 2016-10-27 15:23 - 06766720 _____ (ESET spol. s r.o.) C:\Users\Besitzer\Downloads\ESETOnlineScanner_DEU.exe
2016-10-21 20:19 - 2016-11-06 21:50 - 00251251 _____ C:\Users\Besitzer\Desktop\NINA UND CARMEN.mcf
2016-10-21 20:19 - 2016-11-06 21:50 - 00000000 ____D C:\Users\Besitzer\Desktop\NINA UND CARMEN_mcf-Dateien
2016-10-21 20:19 - 2016-11-03 00:16 - 00249706 _____ C:\Users\Besitzer\Desktop\NINA UND CARMEN.mcf~
2016-10-20 23:42 - 2016-10-20 23:42 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\NVIDIA
2016-10-19 23:33 - 2016-10-19 23:42 - 00000000 ____D C:\Users\Besitzer\Desktop\Neuer Ordner
2016-10-19 23:23 - 2016-10-19 23:23 - 00000000 ____D C:\Users\Besitzer\Desktop\Cewe
2016-10-19 03:05 - 2016-10-19 03:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnlineFotoservice
2016-10-19 02:51 - 2016-10-19 02:51 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\hps-install
2016-10-19 02:41 - 2016-10-19 02:42 - 01628760 _____ C:\Users\Besitzer\Downloads\setup_OnlineFotoservice.exe
2016-10-15 01:33 - 2016-10-15 01:33 - 00068712 _____ C:\Users\Besitzer\Downloads\Rechnung-2016176299-165274.pdf
2016-10-12 21:47 - 2016-10-12 21:47 - 00043956 _____ C:\Users\Besitzer\Downloads\Mitteilung_3250180_vom_01.10.2016_20161012104746.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00051378 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3250180__Nr.0102016_vom_01.10.2016_20161012104642.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00049670 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0022016_vom_01.10.2016_20161012104647.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00047092 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0012016_vom_31.08.2016_20161012104635.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00043956 _____ C:\Users\Besitzer\Downloads\Mitteilung_3250180_vom_01.10.2016_20161012104702.pdf
2016-10-12 21:46 - 2016-10-12 21:46 - 00043956 _____ C:\Users\Besitzer\Downloads\Mitteilung_3250180_vom_01.10.2016_20161012104658.pdf
2016-10-12 21:45 - 2016-10-12 21:45 - 00051378 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3250180__Nr.0102016_vom_01.10.2016_20161012104506.pdf
2016-10-12 21:45 - 2016-10-12 21:45 - 00049670 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0022016_vom_01.10.2016_20161012104524.pdf
2016-10-12 21:45 - 2016-10-12 21:45 - 00047092 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0012016_vom_31.08.2016_20161012104532.pdf
2016-10-12 21:44 - 2016-10-12 21:44 - 00049670 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0022016_vom_01.10.2016_20161012104443.pdf
2016-10-12 21:44 - 2016-10-12 21:44 - 00049670 _____ C:\Users\Besitzer\Downloads\Kontoauszug_3298787__Nr.0022016_vom_01.10.2016_20161012104439.pdf
2016-10-12 18:02 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 18:02 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 18:02 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 18:02 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 18:02 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 18:02 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-12 18:02 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-12 18:02 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-12 18:02 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-12 18:02 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 18:02 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 18:02 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 18:02 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 18:02 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-12 18:02 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-12 18:02 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-12 18:02 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-12 18:02 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-12 18:02 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-12 18:02 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-12 18:02 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-12 18:02 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-12 18:02 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-12 18:02 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-12 18:02 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 18:02 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-12 18:02 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-12 18:02 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-12 18:02 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-12 18:02 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-12 18:02 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-12 18:02 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-12 18:02 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-12 18:02 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-12 18:02 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-12 18:02 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-12 18:02 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-12 18:02 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-12 18:02 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-12 18:02 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-12 18:02 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-12 18:02 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-12 00:50 - 2016-10-12 01:01 - 00000000 ____D C:\Users\Besitzer\Desktop\Neuer Ordner (2)

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-11 13:57 - 2014-12-19 23:24 - 00000000 ____D C:\AdwCleaner
2016-11-11 13:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-11-11 13:30 - 2015-02-04 12:39 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001UA.job
2016-11-11 12:10 - 2016-09-10 21:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-11 12:10 - 2016-09-10 21:56 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-11 11:27 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-11 11:27 - 2009-07-14 05:45 - 00028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-11 11:17 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-11 11:16 - 2014-12-19 22:25 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-11 11:16 - 2013-03-18 20:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-11 11:16 - 2013-03-18 19:54 - 00000000 ____D C:\ProgramData\Avira
2016-11-11 11:14 - 2014-12-19 22:25 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-11-11 11:13 - 2013-03-18 20:00 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Avira
2016-11-11 11:13 - 2013-03-18 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-11-11 11:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-11 10:44 - 2013-03-18 20:33 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-11 04:30 - 2013-03-18 20:05 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1843646025-399791798-1682867763-1001Core.job
2016-11-11 00:20 - 2013-03-29 13:12 - 21154816 ___SH C:\Users\Besitzer\Desktop\Thumbs.db
2016-11-10 21:55 - 2012-09-23 11:47 - 09966594 _____ C:\Windows\system32\perfh007.dat
2016-11-10 21:55 - 2012-09-23 11:47 - 03141758 _____ C:\Windows\system32\perfc007.dat
2016-11-10 21:55 - 2009-07-14 06:13 - 00006260 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-10 03:29 - 2009-07-14 05:45 - 00291320 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-10 03:10 - 2013-07-16 23:32 - 00000000 ____D C:\Windows\system32\MRT
2016-11-10 02:04 - 2015-02-09 22:02 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 19:39 - 2013-11-10 16:21 - 00000000 ____D C:\ProgramData\tmp
2016-11-08 19:39 - 2013-11-10 16:21 - 00000000 ____D C:\ProgramData\hps
2016-11-06 15:42 - 2013-03-20 00:33 - 00000000 ___RD C:\Users\Besitzer\Desktop\Wichtige Programme
2016-11-06 02:33 - 2012-09-23 02:01 - 00000000 ____D C:\Users\UpdatusUser
2016-11-05 18:28 - 2015-01-31 12:49 - 00000000 ___RD C:\Users\Besitzer\Desktop\Sabine
2016-11-03 22:18 - 2015-07-11 22:33 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-30 02:31 - 2013-03-18 20:05 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Google
2016-10-27 15:10 - 2013-03-20 00:36 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CrashDumps
2016-10-26 16:29 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-26 00:15 - 2014-12-27 21:22 - 00000000 ___RD C:\Users\Besitzer\Desktop\IN BEARBEITUNG
2016-10-25 01:30 - 2016-02-10 22:07 - 00000000 ___RD C:\Users\Besitzer\Desktop\Party
2016-10-25 00:36 - 2013-03-18 20:10 - 00002386 _____ C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-23 00:12 - 2013-03-22 22:28 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\vlc
2016-10-19 20:09 - 2012-10-12 08:25 - 00000000 ____D C:\Users\Besitzer
2016-10-18 00:31 - 2015-09-27 18:06 - 00000000 ___RD C:\Users\Besitzer\Desktop\WEB
2016-10-13 03:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-13 03:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 02:39 - 2014-12-13 09:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-12 02:37 - 2013-03-18 20:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 02:37 - 2013-03-18 20:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 02:35 - 2014-12-11 09:06 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 02:35 - 2014-05-07 09:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 02:07 - 2013-03-18 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-01-20 23:30 - 2016-09-04 16:16 - 0009216 _____ () C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-23 02:26 - 2012-09-23 02:29 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log
2012-09-23 02:29 - 2012-12-16 19:02 - 0000032 _____ () C:\ProgramData\PS.log

Einige Dateien in TEMP:
====================
C:\Users\Besitzer\AppData\Local\Temp\libeay32.dll
C:\Users\Besitzer\AppData\Local\Temp\msvcr120.dll
C:\Users\Besitzer\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-04 07:19

==================== Ende von FRST.txt ============================
wie kann man bei sowas noch durchblicken :-D

Alt 11.11.2016, 15:12   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.11.2016, 15:20   #15
ascard
 
Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - Standard

Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-11-2016
durchgeführt von Besitzer (11-11-2016 15:16:39) Run:1
Gestartet von C:\Users\Besitzer\Desktop\Wichtige Programme\antivir
Geladene Profile: UpdatusUser & Besitzer (Verfügbare Profile: UpdatusUser & Besitzer)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
emptytemp:

*****************


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15840515 B
Java, Flash, Steam htmlcache => 532 B
Windows/system/drivers => 7198 B
Edge => 0 B
Chrome => 377153690 B
Firefox => 23970336 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 159646 B
systemprofile32 => 137981 B
LocalService => 0 B
NetworkService => 3500 B
UpdatusUser => 0 B
Besitzer => 18858035 B

RecycleBin => 0 B
EmptyTemp: => 415.9 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:16:46 ====

Antwort
Seite 1 von 2 1 2

Themen zu Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen
besuch, blockiert, destroy, ebay, folge, folgende, gen, hallo zusammen, plötzlich, search, spybot, zusammen


« adw cleaner, hkcu (marlware), wie lösche ich das? | Kaspersky Total security warnung vor svchost.exe »


Ähnliche Themen: Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen


  1. Spybot Search and Destroy hängt bei Zlob.zip.codec
    Log-Analyse und Auswertung - 26.04.2016 (1)
  2. Spybot Search and Destroy seltsame Ergebnisse
    Log-Analyse und Auswertung - 22.04.2015 (3)
  3. Spybot-Search & Destroy hat ein Trojaner gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (4)
  4. SpyBot - Search & Destroy und Avira AntiVir
    Antiviren-, Firewall- und andere Schutzprogramme - 27.01.2010 (3)
  5. Spybot Search & Destroy Echtzeitschutz?
    Antiviren-, Firewall- und andere Schutzprogramme - 18.10.2009 (5)
  6. Spybot Search & Destroy meldet Virtumonde.dll
    Plagegeister aller Art und deren Bekämpfung - 28.07.2009 (15)
  7. Spybot Search & Destroy
    Anleitungen, FAQs & Links - 29.10.2008 (2)
  8. Meldung von Spybot - Search & Destroy
    Plagegeister aller Art und deren Bekämpfung - 09.11.2007 (3)
  9. Spybot Search & Destroy + Antivir
    Antiviren-, Firewall- und andere Schutzprogramme - 10.10.2007 (5)
  10. Spybot-Search and Destroy-Fehler
    Antiviren-, Firewall- und andere Schutzprogramme - 27.08.2007 (1)
  11. Logfile von Spybot - Search & Destroy
    Log-Analyse und Auswertung - 17.02.2006 (4)
  12. Spybot - Search & Destroy
    Plagegeister aller Art und deren Bekämpfung - 03.06.2005 (6)
  13. Spybot Search & Destroy 1.4
    Antiviren-, Firewall- und andere Schutzprogramme - 01.06.2005 (5)
  14. Spybot Search & Destroy
    Plagegeister aller Art und deren Bekämpfung - 11.11.2004 (3)
  15. SpyBot Search & Destroy V1.3.1 TX
    Antiviren-, Firewall- und andere Schutzprogramme - 04.11.2004 (14)
  16. SpyBot Search & Destroy V1.3.1 TX II
    Antiviren-, Firewall- und andere Schutzprogramme - 29.10.2004 (2)
  17. Spybot - search and destroy
    Antiviren-, Firewall- und andere Schutzprogramme - 20.08.2004 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen - hallo zusammen, Spybot - Search & Destroy bringt mir bei dem besuch von ebay neuerdings folgende meldung : - Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen...
Archiv
Du betrachtest: Spybot - Search & Destroy blockiert plötzlich ebay Artikelbeschreibungen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130