Win7 lädt fast keine Programme und findet nichts mehr.

Helli1965 · 16.11.2016, 20:47

Hallo Leute,
Windows 7
Servicepack 1
64 Bit System Core I5 3,00 GHZ
4GB Arbeitsspeicher
macht seit ein paar Tagen nichts mehr.
Ich habe Ihn Abends runtergefahren alles OK.
Es tauchen verschiedene Fehlermeldungen auf, hier mal was ich so finde.

Nun startet er Firefox nicht mehr, Fehlermeldung Couldn't load XPCOM

Auf dem startscreen, sind einige Icons weg, da sind jetzt viele Programme die das gleiche ICON haben. Also im Prinzip kein ICON haben.

Im rechts unten neben der Uhr, wo die geöffneten Programme sind, ist lange nicht alles gestartet, alle Viren Programme sind aus

Programme die ich starten will, findet er nicht, dann kommt z.B. Das Element "mbam.exe" auf das sich die Verknüpfung bezieht,wurde verändert oder verschoben.

Ich habe jetzt eine exe auf einen USB Stick kopiert und wollte die starten, aber auch da schreibt er die Datei konnte nicht gefunden werden.

Was geht, ist das email Programm Thunderbird, der Rest ist fast alles nicht startbar

Habt Ihr eine Ahnung was das sein könnte?
Also ins Internet komme ich nicht rein ausser mit dem email Programm.

Alles andere schreit nach xpcom

Gruß Helmut

cosinus · 17.11.2016, 13:29

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Helli1965 · 19.11.2016, 17:24

Hallo, ich musste den Scan im abgesicherten Modus machen,
weil ich sonst frst nicht starten konnte.

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-11-2016 01
durchgeführt von Helli (Administrator) auf HELLI-PC (19-11-2016 17:00:28)
Gestartet von F:\
Geladene Profile: Helli (Verfügbare Profile: Helli & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Safe Mode (minimal)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Amazon Music] => C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Dropbox Update] => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {a7d6756a-2742-11e1-ab8c-8c89a56d6ec7} - F:\Startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {ae8179f2-85a7-11e3-8bbf-8c89a56d6ec7} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {b8c3669f-1ccf-11e6-bc6b-8c89a56d6ec7} - F:\startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {f5a8b434-910a-11e1-a003-8c89a56d6ec7} - I:\Startme.exe
HKU\S-1-5-18\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
Startup: C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll Keine Datei 
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => Keine Datei
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL => Keine Datei
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => Keine Datei
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll => Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL => Keine Datei
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll Keine Datei
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll Keine Datei
Toolbar: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll Keine Datei
DPF: HKLM-x32 {DF2F1634-A3AA-4E1B-9945-13F2BC455C0C} hxxp://at.sc12.greentube.com/xsl_gamebase/_magic/game_loader/ActiveXInstaller1.2.cab
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\myMugle\Skype4COM.dll [2009-10-29] (Skype Technologies)
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Keine Datei

FireFox:
========
FF DefaultProfile: lhzyh3cl.default-1471875564901
FF ProfilePath: C:\Users\Helli\AppData\Roaming\Mozilla\Sunbird\Profiles\m4o8ug72.default [2016-05-18]
FF Extension: (FoxyDeal) - C:\Users\Helli\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-01-25] [ist nicht signiert]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Mozilla Sunbird\extensions\calendar-timezones@mozilla.org [2012-05-18] [ist nicht signiert]
FF Extension: (Lightning stub extension for Sunbird) - C:\Program Files (x86)\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [2012-05-18] [ist nicht signiert]
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2067386785-177352631-409754499-1002\FireFox [2016-10-30]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2067386785-177352631-409754499-1002\FireFox\user.js [2016-10-24]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden]
FF ProfilePath: C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901 [2016-11-13]
FF user.js: detected! => C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901\user.js [2016-10-24]
FF Extension: (eBay für Firefox) - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2016-10-22]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei]
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [Keine Datei]
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [Keine Datei]
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.kappes-helmut.de/"
CHR Profile: C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default [2016-11-06]
CHR Extension: (Google Cast) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-04-29]
CHR Extension: (Musik Songs Spieler) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdenlcnfdjepagejpfajlkicggieknab [2016-01-17]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2016-01-17]
CHR Extension: (Kaspersky Protection) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-11]
CHR Extension: (Streaming Media Player) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggnklnmaecfofafepejcjcjkcohgcfb [2016-01-17]
CHR Extension: (Media Player for YouTube™) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\moebmmkeehmohghiialcoemcmebekbap [2016-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-06]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-02-10] ()
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert]
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 Apple Mobile Device Service; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]
S2 AVP15.0.1; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe" -r [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S2 Garmin Device Interaction Service; "C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
S2 HTCMonitorService; "C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe" [X]
S2 IAStorDataMgrSvc; "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [X]
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [X]
S2 MbaeSvc; "C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe" [X]
S2 MBAMScheduler; "C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe" [X]
S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" [X]
S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [X]
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [X]
S2 PSI_SVC_2; "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [X]
S2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [X]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
S2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
S2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X]
S3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X]
S3 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (www.winchiphead.com)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
S2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-29] (Kaspersky Lab ZAO)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-11] (Kaspersky Lab ZAO)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
S1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-29] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-13] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20024 2010-02-20] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39992 2010-02-20] (Deon van der Westhuysen)
S1 ESProtectionDriver; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [X]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-19 17:00 - 2016-11-19 17:00 - 00000000 ____D C:\FRST
2016-11-14 19:18 - 2016-11-19 17:00 - 00617130 _____ C:\Windows\ntbtlog.txt
2016-11-14 08:28 - 2016-11-14 08:28 - 00003536 ____N C:\bootsqm.dat
2016-11-14 08:25 - 2016-11-14 08:25 - 00000000 __SHD C:\found.000
2016-11-10 21:55 - 2016-11-10 21:55 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 21:06 - 2016-11-10 22:01 - 1918497831 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e03.108-pret.mkv
2016-11-10 08:53 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-10 08:53 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-10 08:53 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-10 08:53 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-10 08:53 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-10 08:53 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-10 08:53 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-10 08:53 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-10 08:53 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-10 08:53 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-10 08:53 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-10 08:53 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-10 08:53 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-10 08:53 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-10 08:53 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-10 08:53 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-10 08:53 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-10 08:53 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-10 08:53 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-10 08:53 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-10 08:53 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-10 08:53 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-10 08:53 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-10 08:53 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-10 08:53 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-10 08:53 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-10 08:53 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-10 08:53 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-10 08:53 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-10 08:53 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-10 08:53 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-10 08:53 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-10 08:53 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-10 08:53 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-10 08:53 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-10 08:53 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-10 08:53 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-10 08:53 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-10 08:53 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-10 08:53 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-10 08:53 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-10 08:53 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-10 08:53 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-10 08:53 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-10 08:53 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-10 08:53 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-10 08:53 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-10 08:53 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-10 08:53 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-10 08:53 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-10 08:53 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-10 08:53 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-10 08:53 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-10 08:53 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-10 08:53 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-10 08:53 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-10 08:53 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-10 08:53 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-10 08:53 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-10 08:53 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-10 08:53 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-10 08:53 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-10 08:53 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-10 08:53 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-10 08:53 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-10 08:53 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-10 08:53 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-10 08:53 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-10 08:53 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-10 08:53 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-10 08:53 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-10 08:53 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-10 08:53 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-10 08:53 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-10 08:53 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-10 08:53 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-10 08:53 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-10 08:53 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-10 08:53 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-10 08:53 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-10 08:53 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-10 08:53 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-10 08:53 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-10 08:53 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-10 08:53 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-10 08:53 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-10 08:53 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-10 08:53 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-10 08:53 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-10 08:53 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-10 08:53 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-10 08:52 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-10 08:52 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-10 08:52 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-10 08:52 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-10 08:52 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-10 08:52 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-10 08:52 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-10 08:52 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-10 08:52 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-10 08:52 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-10 08:52 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-10 08:52 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-10 08:52 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-10 08:52 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-10 08:52 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-10 08:52 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-10 08:52 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-10 08:52 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-10 08:52 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-10 08:52 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-10 08:52 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-10 08:52 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-10 08:52 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-10 08:52 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-07 19:30 - 2016-11-07 19:30 - 00002148 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-07 19:30 - 2016-11-07 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-05 16:39 - 2016-11-05 17:40 - 2068406120 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e02.108-pret.mkv
2016-11-05 16:07 - 2016-11-17 15:17 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399.job
2016-11-05 16:07 - 2016-11-16 08:17 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a.job
2016-11-05 16:07 - 2016-11-10 08:12 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399
2016-11-05 16:07 - 2016-11-10 08:12 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a
2016-11-05 16:05 - 2016-11-05 16:05 - 00001894 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2016-11-05 16:05 - 2016-11-05 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-02 18:16 - 2016-11-02 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-30 19:02 - 2016-10-30 19:02 - 00363536 _____ C:\Users\Helli\Documents\cc_20161030_190224.reg
2016-10-30 15:51 - 2016-10-30 15:52 - 08270712 _____ (Piriform Ltd) C:\Users\Helli\Downloads\ccsetup523.exe
2016-10-29 23:43 - 2016-11-17 15:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-29 23:43 - 2016-11-08 20:25 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-29 23:43 - 2016-11-08 20:25 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-29 23:43 - 2016-11-08 20:25 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-29 14:57 - 2016-10-29 15:06 - 254404960 _____ C:\Users\Helli\Downloads\ALDI_Bestellsoftware_Installation(2).exe
2016-10-29 14:56 - 2016-10-29 15:04 - 254404960 _____ C:\Users\Helli\Downloads\ALDI_Bestellsoftware_Installation(1).exe
2016-10-27 20:34 - 2016-10-27 20:34 - 00000000 ____D C:\Users\Helli\AppData\Local\{813CD780-1B5D-4959-B2B3-0E0B40C21D2F}
2016-10-27 19:23 - 2016-10-27 20:24 - 2086650489 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e01.108-pret.mkv
2016-10-24 17:18 - 2016-10-29 13:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\5E2D5B40.sys
2016-10-24 16:49 - 2016-11-14 08:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-18 10:07 - 2011-05-16 15:04 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-11-18 10:07 - 2011-05-16 15:04 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-11-18 10:07 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-18 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-18 10:05 - 2015-10-26 18:11 - 00000000 ___RD C:\Users\Helli\OneDrive
2016-11-18 10:05 - 2014-10-11 11:31 - 00000000 ___RD C:\Users\Helli\Dropbox
2016-11-18 10:04 - 2016-07-29 11:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job
2016-11-18 10:03 - 2011-09-05 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-18 10:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-17 15:28 - 2016-07-29 11:23 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job
2016-11-17 15:27 - 2016-07-29 11:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job
2016-11-17 13:53 - 2009-07-14 05:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-17 13:53 - 2009-07-14 05:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-14 08:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-14 07:57 - 2013-01-11 17:11 - 00000000 ____D C:\CS_2.0_GR_Extras_1
2016-11-13 20:41 - 2011-12-01 20:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-11-13 17:18 - 2015-01-10 12:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-13 16:25 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-11-13 16:24 - 2014-01-25 15:30 - 00000000 ____D C:\Users\Helli\AppData\Local\HTC MediaHub
2016-11-13 14:42 - 2014-01-06 18:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Audacity
2016-11-13 14:26 - 2012-01-23 09:30 - 00000000 ____D C:\temp
2016-11-12 15:09 - 2009-07-14 05:45 - 00504112 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-10 22:50 - 2013-07-19 15:25 - 00000000 ____D C:\Windows\system32\MRT
2016-11-10 22:25 - 2011-07-18 21:31 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-10 21:56 - 2014-10-11 11:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Dropbox
2016-11-10 12:28 - 2016-07-29 11:23 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job
2016-11-08 20:25 - 2012-04-25 19:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 20:25 - 2011-07-18 22:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-07 12:20 - 2014-12-31 15:42 - 00000000 ____D C:\Users\Helli\Documents\ASV 2015
2016-11-07 12:20 - 2014-12-31 15:07 - 00000000 ____D C:\Users\Helli\Documents\ASV 2014
2016-11-07 10:55 - 2014-12-31 15:11 - 00000000 ____D C:\Users\Helli\Documents\ASV 2013
2016-11-07 10:49 - 2014-12-31 15:15 - 00000000 ____D C:\Users\Helli\Documents\ASV 2012
2016-11-07 10:48 - 2015-01-02 10:35 - 00000000 ____D C:\Users\Helli\Documents\ASV 2011
2016-11-07 10:41 - 2015-08-28 20:54 - 00000000 ____D C:\Users\Helli\Wlan_Atheros_Win7_64_VER920514
2016-11-06 14:33 - 2016-01-21 14:25 - 00000000 ____D C:\Users\Helli\Documents\ASV 2016
2016-11-05 16:10 - 2013-03-28 15:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-05 16:05 - 2015-02-24 09:40 - 00003552 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2016-11-03 11:25 - 2012-05-03 19:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-02 21:18 - 2012-10-12 19:11 - 00000000 ____D C:\Users\Helli\AppData\Roaming\TeamViewer
2016-11-02 20:19 - 2016-01-23 17:32 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-11-02 20:19 - 2016-01-23 17:32 - 00000963 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-11-02 20:19 - 2012-10-12 19:11 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-02 18:16 - 2011-12-02 20:58 - 00000000 ____D C:\Users\Gast
2016-10-30 18:08 - 2012-08-24 09:46 - 00000000 ____D C:\Windows\Minidump
2016-10-30 17:52 - 2016-01-21 13:43 - 00000000 ____D C:\Users\Helli\AppData\Local\Spotify
2016-10-30 17:52 - 2016-01-21 13:42 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Spotify
2016-10-30 15:53 - 2013-08-20 16:21 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-29 23:42 - 2011-12-01 21:14 - 00000000 ____D C:\Users\Helli\AppData\Local\Adobe
2016-10-29 23:21 - 2011-12-31 12:44 - 00001155 _____ C:\Users\Public\Desktop\ALDI Bestellsoftware.lnk
2016-10-29 13:37 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-10-27 19:37 - 2015-01-10 12:22 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-27 19:37 - 2015-01-10 12:22 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-26 17:29 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-24 17:31 - 2012-01-12 12:50 - 00000000 ____D C:\Users\Helli\Documents\Corel User Files
2016-10-24 17:26 - 2014-02-16 19:07 - 00000000 ____D C:\ProgramData\HeloCut5
2016-10-22 19:56 - 2012-02-10 08:05 - 00000000 ___RD C:\Users\Helli\Podcasts
2016-10-22 19:48 - 2014-12-11 19:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-22 19:48 - 2014-05-06 21:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-22 19:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-22 19:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-10 20:39 - 2015-04-20 18:22 - 0000352 _____ () C:\Users\Helli\AppData\Roaming\dpdhl.versandhelfer_state.xml
2013-06-09 12:20 - 2014-05-03 15:18 - 0000293 _____ () C:\Users\Helli\AppData\Roaming\FotoSketcher.ini
2014-04-13 21:22 - 2016-07-07 16:15 - 0007253 _____ () C:\Users\Helli\AppData\Roaming\HELLI-PC.MTBF.txt
2014-04-13 21:22 - 2016-07-07 16:46 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManager.log
2014-04-13 21:22 - 2016-05-21 15:17 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-09-04 17:56 - 2013-09-04 17:56 - 0139076 _____ () C:\Users\Helli\AppData\Local\ars.cache
2013-09-04 17:56 - 2013-09-04 17:56 - 0266054 _____ () C:\Users\Helli\AppData\Local\census.cache
2012-01-13 09:47 - 2016-08-10 06:48 - 0062464 _____ () C:\Users\Helli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-04 17:33 - 2013-09-04 17:33 - 0000036 _____ () C:\Users\Helli\AppData\Local\housecall.guid.cache
2014-05-05 11:27 - 2014-05-05 11:27 - 0000218 _____ () C:\Users\Helli\AppData\Local\recently-used.xbel
2012-08-26 16:33 - 2013-01-04 22:10 - 0007605 _____ () C:\Users\Helli\AppData\Local\resmon.resmoncfg
2015-09-01 20:39 - 2015-09-05 14:15 - 0061736 _____ () C:\Users\Helli\AppData\Local\Silberhochzeit.ssp
2015-12-26 19:53 - 2015-12-26 19:53 - 0000000 _____ () C:\Users\Helli\AppData\Local\{69DDDAC2-65A2-46F4-8809-D2D44F7A8F31}
2012-01-25 16:19 - 2014-12-14 15:51 - 0000166 ___SH () C:\ProgramData\.zreglib
2015-06-23 19:08 - 2015-06-23 19:08 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-02-12 20:25 - 2014-01-19 20:01 - 0004430 _____ () C:\ProgramData\__FileUploader.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-09 18:08

==================== Ende von FRST.txt ============================

Helli1965 · 19.11.2016, 17:25

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-11-2016 01
durchgeführt von Helli (19-11-2016 17:02:12)
Gestartet von F:\
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-01 19:14:57)
Start-Modus: Safe Mode (minimal)
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2067386785-177352631-409754499-500 - Administrator - Disabled)
Gast (S-1-5-21-2067386785-177352631-409754499-501 - Limited - Enabled) => C:\Users\Gast
Helli (S-1-5-21-2067386785-177352631-409754499-1002 - Administrator - Enabled) => C:\Users\Helli
HomeGroupUser$ (S-1-5-21-2067386785-177352631-409754499-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
ALDI Bestellsoftware (HKLM-x32\...\ALDI Bestellsoftware) (Version: 5.1.1. - ORWO_Net)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Audio Converter 4.0.1 (HKLM-x32\...\Any Audio Converter_is1) (Version:  - Any-Audio-Converter.com)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.0.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Battlefield Play4Free (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BOcncV2 (HKLM-x32\...\{123700E7-CAC7-48BB-B309-48FAFAC4FA2F}) (Version: 1.0.0 - Standardfirmenname)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
ChromecastApp (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.1 - Corel Corporation)
CSS3 Menu (HKLM-x32\...\CSS3 Menu_is1) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.1928 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
DJI driver version 1.0 (HKLM-x32\...\{9A2C30EE-6E35-4479-B0E6-B1B47A54E8CD}_is1) (Version: 1.0 - DJI)
DJI NAZA-M LITE Assistant version 1.00 (HKLM-x32\...\{D8F3FE44-7EF0-4349-97EC-25DB781FB42F}_is1) (Version: 1.00 - DJI)
Dropbox (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
dslrBooth 5.8.43.1 (HKLM\...\{19FB8BF8-8E63-4542-8C79-D2B76CEDAB3F}) (Version: 5.8.43.1 - Hope Pictures LLC)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version:  - EASEUS)
Easy Button & Menu Maker 3 (HKLM-x32\...\Easy Button & Menu Maker_is1) (Version: 3.0 - Karlis Blumentals)
Elevated Installer (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150309 - Landesfinanzdirektion Thüringen)
EPSON Print CD (HKLM-x32\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version:  - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{2444562A-A7DC-42B8-A4D8-1BCF704B1480}) (Version: 1.0.1 - Red Giant)
Filmmaker's Toolkit for Studio (x32 Version: 1.0.1 - Red Giant) Hidden
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
FotoSketcher 2.42 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
Frontplatten Designer (HKLM-x32\...\Frontplatten Designer) (Version: 4.1.1 - Schaeffer AG)
FTP Commander (HKLM-x32\...\FTP Commander) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
helo_usb_drv_x64 (HKLM-x32\...\{8169725C-186E-4F92-AE39-26611F45ACE3}) (Version: 1.00.0000 - HELO)
HeloCut 5 (HKLM-x32\...\{8580EDDE-ACD8-4AC5-A5A3-309C41B16BF4}) (Version: 5.09.8000 - )
HeloCut 5 (HKLM-x32\...\{BC79822D-3183-4AA0-AC02-E1DF4C4183EC}) (Version: 5.09.8000 - VECAP Software Solutions)
HeloCut5 Update (HKLM-x32\...\{FE440F55-D821-4F2E-B831-3A3A883D41EF}) (Version: 5.15.0000 - VECAP IT Solutions GmbH)
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.1 - Corel Corporation)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.33.0 - HTC)
HyperCam 3 (HKLM-x32\...\HyperCam 3) (Version: 3.2.1107.8 - Solveig Multimedia)
ImageMagick 6.9.1-2 Q16 (64-bit) (2015-05-15) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Exploit version 1.9.1.1235 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.9.1.1235 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}) (Version: 1.0.1 - Red Giant)
Motion Graphics Toolkit for Studio (x32 Version: 1.0.1 - Red Giant) Hidden
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NetObjects Fusion 1&1 Edition (HKLM-x32\...\{61921186-7300-4E0E-A674-2CA8B9D5793E}) (Version: 11.0 German - )
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.a - Runtime Games Ltd)
PhoenixCreator 2.5.a (HKLM-x32\...\{36E1E13F-3137-4EC0-8872-AAD6AE612486}) (Version: 2.5.1 - Runtime Games Ltd)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio 17 - Install Manager (HKLM-x32\...\{F04D92CC-5C3A-46FA-9C98-6EACBDD262FF}) (Version: 17.0.128 - Corel Corporation)
Pinnacle Studio 17 - Standard Content Pack (HKLM-x32\...\{BA98BFA8-5EDF-450B-A92E-C096DC135D0E}) (Version: 17.0 - Corel Corporation)
Pinnacle Studio 17 (HKLM-x32\...\{3DA8F808-72E2-4361-82EC-433081D23005}) (Version: 17.5.0.327 - Corel Corporation)
Pinnacle Studio 17 Add-Ons (x32 Version: 17.0 - Corel) Hidden
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PPJoy Joystick Driver 0.8.4.6 (HKLM-x32\...\PPJoy Joystick Driver) (Version: 0.8.4.6 - Deon van der Westhuysen)
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.1 - Corel Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6368 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.1 - Corel Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{EE537655-630E-47E8-9609-EEBCAA1DDEDF}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
SketchUp 8 (HKLM-x32\...\{B8F4A45C-581C-4707-8EF2-2B9E6722270C}) (Version: 3.0.16944 - Trimble Navigation Limited)
Ski Challenge 12 (AT) (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\sc12-AT_MAIN) (Version:  - )
Ski Challenge 13 (AT) (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\sc13-AT_MAIN) (Version:  - )
Slideshow Creator (HKLM-x32\...\{4E1A63B1-F547-4CFC-91F7-F32F1A6BF430}_is1) (Version: 2.2 - Bolide Software)
Snooper Map Downloader (HKLM-x32\...\{A744A90A-BF76-4338-84A1-74F114B0F419}) (Version: 1.23 - Performance Products Ltd.)
SNS-HDR Lite v1.4.22 (HKLM\...\SNS-HDR Lite_is1) (Version:  - Sebastian Nibisz)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Spotify) (Version: 1.0.41.375.g040056ca - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.1 - Corel Corporation)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer) (Version: 1.6 - Deutsche Post AG)
Versandhelfer (x32 Version: 1.6 - Deutsche Post AG) Hidden
VG JPEG-Repair Online (HKLM-x32\...\{45820D27-B25B-4D94-8AA1-DEB467171024}) (Version: 1.6.7 - VG Solutions)
Vistaprint Fotobücher (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{BA786D68-3AD8-42DC-8BE1-9E09B4737A27}_is1) (Version: 9.2.0.1065 - Vistaprint)
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.0.340 - Steinberg)
Windows Driver Package - wch.cn (CH341SER_A64) Ports  (11/04/2011 3.3.2011.11) (HKLM\...\97C9A01181CB4369C61AF9B1459B09809636C13D) (Version: 11/04/2011 3.3.2011.11 - wch.cn)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Liven asennustyökalu (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows-Treiberpaket - dji-innovations inc. (usbser) Ports  (01/19/2011 5.1.2600.5512) (HKLM\...\2DC11E587B8BA912FF8FD5433B426EE46F8E22DD) (Version: 01/19/2011 5.1.2600.5512 - dji-innovations inc.)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02676FF1-805C-4ACF-A30D-C26681A93649} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {0374D25E-5B8E-45E5-81BF-E16B248771F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {0F5B2D0F-FCF9-496F-B884-A4043B8A0181} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {0FB95DEC-3CAF-460E-AB1A-52B83FD4D302} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe
Task: {1F9822F8-B338-48FB-8656-AD47BB6A36CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {26851BAC-1CEE-42A2-BEC1-0FF7545A4955} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2870E50D-4D54-456B-8D0F-79C6515FFA80} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2A3E614F-4A8C-4665-B74C-6766AA8C154C} - System32\Tasks\{CF9D2DDC-EEAB-4C4F-B08A-5303A1D11280} => C:\Games\World_of_Warplanes\WOWpLauncher.exe
Task: {4049D6DB-AC4E-43A7-8C62-C758055E87FC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399 => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {4299A1C6-EE8D-41FB-A748-021A5F441918} - System32\Tasks\{B93A9C8C-E6C9-41A4-8FC0-DBCDEBDF11E1} => pcalua.exe -a C:\Users\Helli\Downloads\graupner_pc_software_de\Graupner_PC_Software_DE\Receiver_Setup.exe -d C:\Users\Helli\Downloads\graupner_pc_software_de\Graupner_PC_Software_DE
Task: {450FB7DA-F722-42C6-B7A8-E6EF76DCCF09} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {4B7D0251-266C-422A-BAC7-E30DF56C64BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {4F02A42E-FEE7-429F-A9D3-0D613BDFAD19} - System32\Tasks\{8AB10502-1A27-4039-854A-AE2DCE65C57F} => pcalua.exe -a C:\Users\Helli\Downloads\Sunbird_Setup_1.0_Beta_1.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {5E03BDD9-CADA-4D24-A692-41AB0A1225E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => \Windows Media Player\wmpnscfg.exe
Task: {7ACAABE6-98AB-462B-8AD1-AA9611F5F78B} - System32\Tasks\{DC9563FA-0A04-4B15-AE63-A95787C1B62E} => pcalua.exe -a C:\Users\Helli\Downloads\Adobe\CS_2.0_GR_Extras_1.exe -d C:\Users\Helli\Downloads\Adobe
Task: {8784AECF-8BD5-44AE-8C85-272720AA2639} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {8CEC623E-E1AF-4E1C-BDE6-1BE1E3B374AC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Task: {8CF958C1-5469-4B3F-B3A7-57CE2170526A} - System32\Tasks\{9A6B2E68-840A-47C3-9F0D-D18AA7979B79} => pcalua.exe -a C:\Users\Helli\Downloads\agsetup183se.exe -d C:\Users\Helli\Downloads
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9B417D00-9371-44C5-BC5D-4567DE665EC5} - System32\Tasks\{5D9D153F-F2CB-4570-BAE1-B4AA18B4311D} => pcalua.exe -a "E:\Win7 USB\SETUP.EXE" -d "E:\Win7 USB"
Task: {9CB7A533-4C6A-489D-AEA4-92784F4F4DC5} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {AAC452C4-A19E-4690-B461-A84D24A1929D} - System32\Tasks\{A24E3D1D-D17B-46FA-87DE-E557E20A6CDE} => pcalua.exe -a C:\Users\Helli\Downloads\Adobe\CS2_RetNon_Ger_3.exe -d C:\Users\Helli\Downloads\Adobe
Task: {B6CA9322-7490-458D-8A17-D0351FF6DC94} - System32\Tasks\{80AC71C8-0543-4AD4-BF6F-84482AE19BDA} => pcalua.exe -a E:\Autorun.exe -d E:\
Task: {BA9D8BA4-30B4-406C-A23E-7FC77565F343} - System32\Tasks\{CAAA3F79-29FF-452A-9832-06F473BBE0BB} => pcalua.exe -a C:\Users\Helli\Downloads\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI.exe -d C:\Users\Helli\Downloads\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI_2_2b2
Task: {CA7DF40A-77AE-4EF5-8F2F-1C7EAF77A98A} - System32\Tasks\{C259DCE7-C4D2-41C3-9CDB-BA64A4C09FDA} => pcalua.exe -a C:\Users\Helli\Downloads\SimpleBGC_GUI_2_40b7\SimpleBGC_GUI_2_40\SimpleBGC_GUI.exe -d C:\Users\Helli\Downloads\SimpleBGC_GUI_2_40b7\SimpleBGC_GUI_2_40
Task: {DC66455B-FBFD-4604-8DA0-F4737FE37B3D} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a.job => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399.job => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-08-24 17:11 - 2016-08-24 17:11 - 01864384 _____ () C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"
e"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2067386785-177352631-409754499-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk => C:\Windows\pss\watchmi tray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify => "C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869
FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900
FirewallRules: [{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C0B4056E-B896-435C-BBE5-FF8029F17959}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E256B328-C528-4EAF-B332-CC4B183C86EE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E1F6AE30-4249-4692-9004-771693CBFBE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FB2F82EE-DEB4-4909-9EE4-A18310BE384A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{87B4BC7C-A2BE-428C-8AE5-0F8F7063EBB6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{C04AE569-E1F7-4C22-AD6A-DA98EB2712E8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{29373102-88B8-4D47-B105-4BBD82D21ED6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{806E67FF-BEBA-4548-9A3F-2FBAC0F98E10}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{B3319756-B179-4AC5-94C3-C9C9FA5E420D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{03491E0D-FA98-4574-9FB8-63329D41CE5B}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{429C5531-915C-435C-B0C4-FA1483B84C43}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1EC9D45E-95F2-4096-8B7C-A33BA93C062B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C50E2646-F02B-4F36-B4D6-AEF9AA368A3C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FF4E220C-1C9A-43AB-A68D-376B58F8C1CF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{AD9C6B1D-2FF7-4076-AB69-3F8DC765F3B8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{019D6199-5B85-4452-A79C-55861A359844}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{3E19E9BA-A4DA-4274-8106-E3DA59630A53}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FD6DB47C-13A9-4C47-96B4-54CA57D8B6DF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E25504B7-9CF4-4969-8D42-310BDD34835D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16A41F44-CFA5-4A8D-B9C3-AD22BF0BF8F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A2D8D71B-E710-41A3-887F-36FC6BD78191}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A500A9AA-3549-48B1-BB6A-63BF9735A6A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{CA422FF4-7A06-4712-8C07-BA17B50ED8ED}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{B5AE1388-51E6-459A-BF2A-A542C0FFF427}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [{8B268F4F-0C90-4F88-ACBF-5EFC2BDF0F42}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{49FE939F-27D6-4763-8A28-7753C0229E37}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{BE62E31A-ED9E-48CE-8930-4A932C9FCA64}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{2651BC27-381C-43D5-A77C-4C0D45E8BC7A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{944FC4AC-06DC-4BE7-86E0-6C3F3E2ABA67}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0AE6E609-53FA-4D67-8D08-88169B59E549}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{26AB6CBE-2D46-495D-943D-DA226824BED8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{D2B75AE4-ACA7-4B7D-AB6C-739A54072B48}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{D74D9B78-02EA-4696-8B34-AAA473019E87}C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe] => (Allow) C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe
FirewallRules: [UDP Query User{B219A230-4551-43A4-A9D7-0EA61915558E}C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe] => (Allow) C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe
FirewallRules: [TCP Query User{922C8C4E-F070-43FB-B54E-839B439089C5}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{D16BB7D2-99B9-4574-88A3-A98FE8D417D7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{FB3E5598-23CC-4FF1-A4C7-B9EF116740DB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6164FAA6-3A28-4E11-8DF3-21E89CF27588}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{78AF04A3-B48C-4F90-8E73-3CF0723F16C4}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{275B5807-2988-4AA1-B757-3AA1E6F108D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{485B18DD-7609-4827-8552-F7E6BB196C64}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D490CBE6-DA72-43E5-9B6C-851A6101799A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2C57B42A-ED43-42BF-BF1A-B168EE2F786C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0033A636-ED6A-4699-8C56-B3F1DBF234CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9191D8F8-423F-46FB-902A-A7D3DA865C22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C25CA83A-75E3-4410-A3D6-5B7016793DBE}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{FA5A1528-02C1-401F-8959-E15F474B79B4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{3BC30513-F5A4-436D-911E-9F5D9F4744A3}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{4A7EBA7C-AB2F-46D1-9545-C3F727A8170C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{3441E80C-B975-4627-BB35-3AA370AC1999}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{9E3B0C05-3612-444E-A31E-739765FE8FAF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{07888844-6A66-4C72-9236-938667E02DB4}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{B7B69043-4955-4BCF-88B0-6759D6AF2F68}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{CDD93FC2-711E-4894-8DD4-4CF60889D567}] => (Allow) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{144FAD38-E814-4392-AECE-EE286D1C4C82}] => (Allow) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EA2D6A13-0F24-4DD6-B161-E0E4BB53C2EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{470A3940-FF7B-44F5-B1F4-4FEF43EAD303}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0DDFD6CE-7493-4119-9FD8-40F8518A6508}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B10302FD-BBC3-4AF5-9BD8-3D8443EEABD1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0FE5523A-58AF-4347-91A4-9992662E01EF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DBC48B4-5EF0-436A-B252-3BA65671AFA1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61834444-AD52-4D4C-8F2B-5BE3C6792C93}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{AC81599F-6782-43FD-AC0D-CBFAC2D4519F}C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6206C2CF-BB80-445D-B420-C5FF83EFA41E}C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{51C0210B-0065-4170-B983-A24A2A4325F7}C:\program files (x86)\dslrbooth\dslrbooth.exe] => (Allow) C:\Program Files (x86)\dslrBooth\dslrbooth.exe
FirewallRules: [UDP Query User{70BFE554-4451-4585-B04E-CDF6EF498BDB}C:\program files (x86)\dslrbooth\dslrbooth.exe] => (Allow) C:\Program Files (x86)\dslrBooth\dslrbooth.exe
FirewallRules: [TCP Query User{CD405E4D-59E6-4445-8052-E7D29406B973}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7CDE6156-382F-44BD-A949-798046414E54}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [{90DE1E8D-BAAC-4DC0-9578-FAE5BFA12F6F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{374A559F-1419-413D-8405-E46F3C8ABE60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D92C506-8908-4B95-8680-EBA294F999CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{374BF525-7D45-4A92-97DC-D916BF6BBC01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{14944F10-DB18-4A99-8989-2C22809D622C}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6A9D8FD0-BFD5-497E-86D2-9A3DD82BECFF}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6484AD0D-8648-4E30-B3BC-9A4D24DDC342}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9B0D5101-C20E-48F2-A8CD-303AC4057025}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{66DCA489-E691-44ED-AF0A-52DCE763E0E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{61C08636-5AAB-4435-AC22-30ECC472BF4C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0BA010FC-03E9-4C90-9584-020ACCD1CDE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/19/2016 04:59:45 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: Der ausgewählte Wiederherstellungspunkt wurde während der Wiederherstellung beschädigt oder gelöscht (Windows Update).

Error: (11/14/2016 07:36:11 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: Der ausgewählte Wiederherstellungspunkt wurde während der Wiederherstellung beschädigt oder gelöscht (Windows Update).

Error: (11/12/2016 03:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.23392, Zeitstempel: 0x56eb2f8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00033a56
ID des fehlerhaften Prozesses: 0x1044
Startzeit der fehlerhaften Anwendung: 0x01d23cf00b600c7f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll
Berichtskennung: 9f522ff9-a8e3-11e6-959a-8c89a56d6ec7

Error: (11/12/2016 03:23:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x100c9860
ID des fehlerhaften Prozesses: 0x1044
Startzeit der fehlerhaften Anwendung: 0x01d23cf00b600c7f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: nvspcap.dll
Berichtskennung: 87384132-a8e3-11e6-959a-8c89a56d6ec7

Error: (11/10/2016 09:41:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ALDI Bestellsoftware.exe, Version 5.1.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4a8

Startzeit: 01d23b20b42acc59

Endzeit: 218

Anwendungspfad: C:\Program Files (x86)\ALDI Bestellsoftware\ALDI Bestellsoftware.exe

Berichts-ID: 49873f95-a721-11e6-a874-8c89a56d6ec7

Error: (11/10/2016 08:08:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x1000c292
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0x01d23b20a019f2ca
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: nvspcap.dll
Berichtskennung: 70be65f0-a714-11e6-a874-8c89a56d6ec7

Error: (11/10/2016 08:07:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x100c9860
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0x01d23b20a019f2ca
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: nvspcap.dll
Berichtskennung: 5d5d8b24-a714-11e6-a874-8c89a56d6ec7

Error: (11/07/2016 07:27:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ALDI Bestellsoftware.exe, Version 5.1.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 874

Startzeit: 01d2391cb71cf2e3

Endzeit: 62

Anwendungspfad: C:\Program Files (x86)\ALDI Bestellsoftware\ALDI Bestellsoftware.exe

Berichts-ID: b5e261e3-a517-11e6-b4c1-8c89a56d6ec7

Error: (11/07/2016 03:40:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ALDI Bestellsoftware.exe, Version 5.1.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f04

Startzeit: 01d239043da149fe

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\ALDI Bestellsoftware\ALDI Bestellsoftware.exe

Berichts-ID: f1e30837-a4f7-11e6-a867-8c89a56d6ec7

Error: (10/31/2016 03:56:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ALDI Bestellsoftware.exe, Version 5.1.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 186c

Startzeit: 01d233868f5f4576

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\ALDI Bestellsoftware\ALDI Bestellsoftware.exe

Berichts-ID: 1b386e36-9f7a-11e6-98c2-8c89a56d6ec7


Systemfehler:
=============
Error: (11/19/2016 04:59:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (11/19/2016 04:59:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (11/19/2016 04:59:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (11/19/2016 04:59:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (11/19/2016 04:59:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (11/19/2016 04:59:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (11/19/2016 04:59:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Bei DCOM ist der Fehler "1084" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/19/2016 04:59:56 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Bei DCOM ist der Fehler "1084" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (11/19/2016 04:59:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.

Error: (11/19/2016 04:59:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.


CodeIntegrity:
===================================
  Date: 2015-03-09 18:30:43.512
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-09 18:30:43.494
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-09 18:30:43.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.311
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.217
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.124
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 07:21:50.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 07:21:50.331
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 4077.64 MB
Verfügbarer physikalischer RAM: 3320.47 MB
Summe virtueller Speicher: 8153.46 MB
Verfügbarer virtueller Speicher: 7475.95 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:627.66 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.71 GB) NTFS
Drive f: () (Removable) (Total:1.92 GB) (Free:1.86 GB) NTFS
Drive i: (HDDRIVE2GO) (Fixed) (Total:931.28 GB) (Free:672.85 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 57A991D6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: 9833AAFB)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

cosinus · 19.11.2016, 17:33

Zitat:

C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe

Da ist gecrackte Software drauf, mindestens Microsoft Office ist gecrackt.
Solange wir illegales Zeugs sehen, gibt es keinen Bereinigungssupport.

Wenn du weitere Hilfe willst musst du alle Cracks/Keygens löschen und auch die gecrackte Software deinstallieren.

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

Helli1965 · 19.11.2016, 19:29

Hallo, dann hoffe ich das es geklappt hat mit dem Deinstallieren, da ja nicht alles funktioniert,
bin ich mir nicht sicher ob es weg ist. Aber ich denke das Du es siehst und mir noch sagst wenn da irgendwie noch was drin ist.
Die Verknüpfungen vom Office sind noch alle auf dem Desktop, das verunsichert mich etwas.

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-11-2016 01
durchgeführt von Helli (Administrator) auf HELLI-PC (19-11-2016 19:25:40)
Gestartet von F:\
Geladene Profile: Helli (Verfügbare Profile: Helli & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Amazon Music] => C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Dropbox Update] => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Spotify Web Helper] => C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-10-27] (Spotify Ltd)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {a7d6756a-2742-11e1-ab8c-8c89a56d6ec7} - F:\Startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {ae8179f2-85a7-11e3-8bbf-8c89a56d6ec7} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {b8c3669f-1ccf-11e6-bc6b-8c89a56d6ec7} - F:\startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {f5a8b434-910a-11e1-a003-8c89a56d6ec7} - I:\Startme.exe
HKU\S-1-5-18\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
Startup: C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll Keine Datei 
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => Keine Datei
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL => Keine Datei
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => Keine Datei
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll => Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL => Keine Datei
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll Keine Datei
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll Keine Datei
Toolbar: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll Keine Datei
DPF: HKLM-x32 {DF2F1634-A3AA-4E1B-9945-13F2BC455C0C} hxxp://at.sc12.greentube.com/xsl_gamebase/_magic/game_loader/ActiveXInstaller1.2.cab
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\myMugle\Skype4COM.dll [2009-10-29] (Skype Technologies)
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Keine Datei

FireFox:
========
FF DefaultProfile: lhzyh3cl.default-1471875564901
FF ProfilePath: C:\Users\Helli\AppData\Roaming\Mozilla\Sunbird\Profiles\m4o8ug72.default [2016-05-18]
FF Extension: (FoxyDeal) - C:\Users\Helli\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-01-25] [ist nicht signiert]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Mozilla Sunbird\extensions\calendar-timezones@mozilla.org [2012-05-18] [ist nicht signiert]
FF Extension: (Lightning stub extension for Sunbird) - C:\Program Files (x86)\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [2012-05-18] [ist nicht signiert]
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2067386785-177352631-409754499-1002\FireFox [2016-11-19]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2067386785-177352631-409754499-1002\FireFox\user.js [2016-10-24]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden]
FF ProfilePath: C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901 [2016-11-19]
FF user.js: detected! => C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901\user.js [2016-10-24]
FF Extension: (eBay für Firefox) - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2016-10-22]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei]
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [Keine Datei]
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [Keine Datei]
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.kappes-helmut.de/"
CHR Profile: C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default [2016-11-06]
CHR Extension: (Google Cast) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-04-29]
CHR Extension: (Musik Songs Spieler) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdenlcnfdjepagejpfajlkicggieknab [2016-01-17]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2016-01-17]
CHR Extension: (Kaspersky Protection) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-11]
CHR Extension: (Streaming Media Player) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggnklnmaecfofafepejcjcjkcohgcfb [2016-01-17]
CHR Extension: (Media Player for YouTube™) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\moebmmkeehmohghiialcoemcmebekbap [2016-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-06]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-02-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert]
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 Apple Mobile Device Service; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]
S2 AVP15.0.1; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe" -r [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S2 Garmin Device Interaction Service; "C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
S2 HTCMonitorService; "C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe" [X]
S2 IAStorDataMgrSvc; "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [X]
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [X]
S2 MbaeSvc; "C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe" [X]
S2 MBAMScheduler; "C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe" [X]
S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" [X]
S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [X]
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [X]
S2 PSI_SVC_2; "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [X]
S2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [X]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
S2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
S2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X]
S3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X]
S3 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (www.winchiphead.com)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-29] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-29] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-13] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20024 2010-02-20] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39992 2010-02-20] (Deon van der Westhuysen)
S1 ESProtectionDriver; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [X]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-19 19:04 - 2016-11-19 19:04 - 00000000 ___HD C:\OneDriveTemp
2016-11-19 18:16 - 2016-11-19 18:16 - 00000000 ____D C:\Program Files\CCleaner
2016-11-19 17:00 - 2016-11-19 19:25 - 00000000 ____D C:\FRST
2016-11-14 19:18 - 2016-11-19 18:42 - 01188562 _____ C:\Windows\ntbtlog.txt
2016-11-14 08:28 - 2016-11-14 08:28 - 00003536 ____N C:\bootsqm.dat
2016-11-14 08:25 - 2016-11-14 08:25 - 00000000 __SHD C:\found.000
2016-11-10 21:55 - 2016-11-10 21:55 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 21:06 - 2016-11-10 22:01 - 1918497831 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e03.108-pret.mkv
2016-11-10 08:53 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-10 08:53 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-10 08:53 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-10 08:53 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-10 08:53 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-10 08:53 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-10 08:53 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-10 08:53 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-10 08:53 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-10 08:53 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-10 08:53 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-10 08:53 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-10 08:53 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-10 08:53 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-10 08:53 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-10 08:53 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-10 08:53 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-10 08:53 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-10 08:53 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-10 08:53 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-10 08:53 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-10 08:53 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-10 08:53 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-10 08:53 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-10 08:53 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-10 08:53 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-10 08:53 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-10 08:53 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-10 08:53 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-10 08:53 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-10 08:53 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-10 08:53 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-10 08:53 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-10 08:53 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-10 08:53 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-10 08:53 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-10 08:53 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-10 08:53 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-10 08:53 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-10 08:53 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-10 08:53 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-10 08:53 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-10 08:53 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-10 08:53 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-10 08:53 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-10 08:53 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-10 08:53 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-10 08:53 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-10 08:53 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-10 08:53 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-10 08:53 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-10 08:53 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-10 08:53 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-10 08:53 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-10 08:53 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-10 08:53 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-10 08:53 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-10 08:53 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-10 08:53 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-10 08:53 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-10 08:53 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-10 08:53 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-10 08:53 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-10 08:53 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-10 08:53 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-10 08:53 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-10 08:53 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-10 08:53 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-10 08:53 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-10 08:53 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-10 08:53 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-10 08:53 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-10 08:53 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-10 08:53 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-10 08:53 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-10 08:53 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-10 08:53 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-10 08:53 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-10 08:53 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-10 08:53 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-10 08:53 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-10 08:53 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-10 08:53 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-10 08:53 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-10 08:53 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-10 08:53 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-10 08:53 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-10 08:53 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-10 08:53 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-10 08:53 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-10 08:53 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-10 08:52 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-10 08:52 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-10 08:52 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-10 08:52 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-10 08:52 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-10 08:52 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-10 08:52 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-10 08:52 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-10 08:52 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-10 08:52 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-10 08:52 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-10 08:52 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-10 08:52 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-10 08:52 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-10 08:52 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-10 08:52 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-10 08:52 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-10 08:52 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-10 08:52 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-10 08:52 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-10 08:52 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-10 08:52 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-10 08:52 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-10 08:52 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-07 19:30 - 2016-11-07 19:30 - 00002148 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-07 19:30 - 2016-11-07 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-05 16:39 - 2016-11-05 17:40 - 2068406120 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e02.108-pret.mkv
2016-11-05 16:07 - 2016-11-19 19:18 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399.job
2016-11-05 16:07 - 2016-11-16 08:17 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a.job
2016-11-05 16:07 - 2016-11-10 08:12 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399
2016-11-05 16:07 - 2016-11-10 08:12 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a
2016-11-05 16:05 - 2016-11-05 16:05 - 00001894 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2016-11-05 16:05 - 2016-11-05 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-02 18:16 - 2016-11-02 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-30 19:02 - 2016-10-30 19:02 - 00363536 _____ C:\Users\Helli\Documents\cc_20161030_190224.reg
2016-10-30 15:51 - 2016-10-30 15:52 - 08270712 _____ (Piriform Ltd) C:\Users\Helli\Downloads\ccsetup523.exe
2016-10-29 23:43 - 2016-11-19 19:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-29 23:43 - 2016-11-08 20:25 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-29 23:43 - 2016-11-08 20:25 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-29 23:43 - 2016-11-08 20:25 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-29 14:57 - 2016-10-29 15:06 - 254404960 _____ C:\Users\Helli\Downloads\ALDI_Bestellsoftware_Installation(2).exe
2016-10-29 14:56 - 2016-10-29 15:04 - 254404960 _____ C:\Users\Helli\Downloads\ALDI_Bestellsoftware_Installation(1).exe
2016-10-27 20:34 - 2016-10-27 20:34 - 00000000 ____D C:\Users\Helli\AppData\Local\{813CD780-1B5D-4959-B2B3-0E0B40C21D2F}
2016-10-27 19:23 - 2016-10-27 20:24 - 2086650489 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e01.108-pret.mkv
2016-10-24 17:18 - 2016-10-29 13:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\5E2D5B40.sys
2016-10-24 16:49 - 2016-11-14 08:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-19 19:13 - 2009-07-14 05:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-19 19:13 - 2009-07-14 05:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-19 19:04 - 2016-07-29 11:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job
2016-11-19 19:04 - 2015-10-26 18:11 - 00000000 ___RD C:\Users\Helli\OneDrive
2016-11-19 19:04 - 2014-10-11 11:31 - 00000000 ___RD C:\Users\Helli\Dropbox
2016-11-19 19:04 - 2011-09-05 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-19 19:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-19 18:28 - 2016-07-29 11:23 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job
2016-11-19 18:27 - 2016-07-29 11:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job
2016-11-19 18:23 - 2012-10-12 19:11 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-19 18:16 - 2013-08-20 16:21 - 00000786 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-19 18:08 - 2016-01-21 13:43 - 00000000 ____D C:\Users\Helli\AppData\Local\Spotify
2016-11-19 18:08 - 2016-01-21 13:42 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Spotify
2016-11-18 10:07 - 2011-05-16 15:04 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-11-18 10:07 - 2011-05-16 15:04 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-11-18 10:07 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-18 10:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-14 08:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-14 07:57 - 2013-01-11 17:11 - 00000000 ____D C:\CS_2.0_GR_Extras_1
2016-11-13 20:41 - 2011-12-01 20:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-11-13 17:18 - 2015-01-10 12:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-13 16:25 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-11-13 16:24 - 2014-01-25 15:30 - 00000000 ____D C:\Users\Helli\AppData\Local\HTC MediaHub
2016-11-13 14:42 - 2014-01-06 18:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Audacity
2016-11-13 14:26 - 2012-01-23 09:30 - 00000000 ____D C:\temp
2016-11-12 15:09 - 2009-07-14 05:45 - 00504112 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-10 22:50 - 2013-07-19 15:25 - 00000000 ____D C:\Windows\system32\MRT
2016-11-10 22:25 - 2011-07-18 21:31 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-10 21:56 - 2014-10-11 11:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Dropbox
2016-11-10 12:28 - 2016-07-29 11:23 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job
2016-11-08 20:25 - 2012-04-25 19:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 20:25 - 2011-07-18 22:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-07 12:20 - 2014-12-31 15:42 - 00000000 ____D C:\Users\Helli\Documents\ASV 2015
2016-11-07 12:20 - 2014-12-31 15:07 - 00000000 ____D C:\Users\Helli\Documents\ASV 2014
2016-11-07 10:55 - 2014-12-31 15:11 - 00000000 ____D C:\Users\Helli\Documents\ASV 2013
2016-11-07 10:49 - 2014-12-31 15:15 - 00000000 ____D C:\Users\Helli\Documents\ASV 2012
2016-11-07 10:48 - 2015-01-02 10:35 - 00000000 ____D C:\Users\Helli\Documents\ASV 2011
2016-11-07 10:41 - 2015-08-28 20:54 - 00000000 ____D C:\Users\Helli\Wlan_Atheros_Win7_64_VER920514
2016-11-06 14:33 - 2016-01-21 14:25 - 00000000 ____D C:\Users\Helli\Documents\ASV 2016
2016-11-05 16:10 - 2013-03-28 15:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-05 16:05 - 2015-02-24 09:40 - 00003552 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2016-11-03 11:25 - 2012-05-03 19:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-02 21:18 - 2012-10-12 19:11 - 00000000 ____D C:\Users\Helli\AppData\Roaming\TeamViewer
2016-11-02 20:19 - 2016-01-23 17:32 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-11-02 20:19 - 2016-01-23 17:32 - 00000963 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-11-02 18:16 - 2011-12-02 20:58 - 00000000 ____D C:\Users\Gast
2016-10-30 18:08 - 2012-08-24 09:46 - 00000000 ____D C:\Windows\Minidump
2016-10-29 23:42 - 2011-12-01 21:14 - 00000000 ____D C:\Users\Helli\AppData\Local\Adobe
2016-10-29 23:21 - 2011-12-31 12:44 - 00001155 _____ C:\Users\Public\Desktop\ALDI Bestellsoftware.lnk
2016-10-29 13:37 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-10-27 19:37 - 2015-01-10 12:22 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-27 19:37 - 2015-01-10 12:22 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-26 17:29 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-24 17:31 - 2012-01-12 12:50 - 00000000 ____D C:\Users\Helli\Documents\Corel User Files
2016-10-24 17:26 - 2014-02-16 19:07 - 00000000 ____D C:\ProgramData\HeloCut5
2016-10-22 19:56 - 2012-02-10 08:05 - 00000000 ___RD C:\Users\Helli\Podcasts
2016-10-22 19:48 - 2014-12-11 19:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-22 19:48 - 2014-05-06 21:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-22 19:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-22 19:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-10 20:39 - 2015-04-20 18:22 - 0000352 _____ () C:\Users\Helli\AppData\Roaming\dpdhl.versandhelfer_state.xml
2013-06-09 12:20 - 2014-05-03 15:18 - 0000293 _____ () C:\Users\Helli\AppData\Roaming\FotoSketcher.ini
2014-04-13 21:22 - 2016-07-07 16:15 - 0007253 _____ () C:\Users\Helli\AppData\Roaming\HELLI-PC.MTBF.txt
2014-04-13 21:22 - 2016-07-07 16:46 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManager.log
2014-04-13 21:22 - 2016-05-21 15:17 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-09-04 17:56 - 2013-09-04 17:56 - 0139076 _____ () C:\Users\Helli\AppData\Local\ars.cache
2013-09-04 17:56 - 2013-09-04 17:56 - 0266054 _____ () C:\Users\Helli\AppData\Local\census.cache
2012-01-13 09:47 - 2016-08-10 06:48 - 0062464 _____ () C:\Users\Helli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-04 17:33 - 2013-09-04 17:33 - 0000036 _____ () C:\Users\Helli\AppData\Local\housecall.guid.cache
2014-05-05 11:27 - 2014-05-05 11:27 - 0000218 _____ () C:\Users\Helli\AppData\Local\recently-used.xbel
2012-08-26 16:33 - 2013-01-04 22:10 - 0007605 _____ () C:\Users\Helli\AppData\Local\resmon.resmoncfg
2015-09-01 20:39 - 2015-09-05 14:15 - 0061736 _____ () C:\Users\Helli\AppData\Local\Silberhochzeit.ssp
2015-12-26 19:53 - 2015-12-26 19:53 - 0000000 _____ () C:\Users\Helli\AppData\Local\{69DDDAC2-65A2-46F4-8809-D2D44F7A8F31}
2012-01-25 16:19 - 2014-12-14 15:51 - 0000166 ___SH () C:\ProgramData\.zreglib
2015-06-23 19:08 - 2015-06-23 19:08 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-02-12 20:25 - 2014-01-19 20:01 - 0004430 _____ () C:\ProgramData\__FileUploader.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-09 18:08

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

Helli1965 · 19.11.2016, 19:33

Also das scheint noch drin zu sein.... wie bekomme ich das denn weg?
Gibt es da Hilfe für?

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-11-2016 01
durchgeführt von Helli (19-11-2016 19:25:58)
Gestartet von F:\
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-01 19:14:57)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2067386785-177352631-409754499-500 - Administrator - Disabled)
Gast (S-1-5-21-2067386785-177352631-409754499-501 - Limited - Enabled) => C:\Users\Gast
Helli (S-1-5-21-2067386785-177352631-409754499-1002 - Administrator - Enabled) => C:\Users\Helli
HomeGroupUser$ (S-1-5-21-2067386785-177352631-409754499-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
ALDI Bestellsoftware (HKLM-x32\...\ALDI Bestellsoftware) (Version: 5.1.1. - ORWO_Net)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Audio Converter 4.0.1 (HKLM-x32\...\Any Audio Converter_is1) (Version:  - Any-Audio-Converter.com)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.0.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Battlefield Play4Free (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
BOcncV2 (HKLM-x32\...\{123700E7-CAC7-48BB-B309-48FAFAC4FA2F}) (Version: 1.0.0 - Standardfirmenname)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
ChromecastApp (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.1 - Corel Corporation)
CSS3 Menu (HKLM-x32\...\CSS3 Menu_is1) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.1928 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
DJI driver version 1.0 (HKLM-x32\...\{9A2C30EE-6E35-4479-B0E6-B1B47A54E8CD}_is1) (Version: 1.0 - DJI)
DJI NAZA-M LITE Assistant version 1.00 (HKLM-x32\...\{D8F3FE44-7EF0-4349-97EC-25DB781FB42F}_is1) (Version: 1.00 - DJI)
Dropbox (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
dslrBooth 5.8.43.1 (HKLM\...\{19FB8BF8-8E63-4542-8C79-D2B76CEDAB3F}) (Version: 5.8.43.1 - Hope Pictures LLC)
EASEUS Data Recovery Wizard Free Edition 5.5.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Free Edition 5.5.1_is1) (Version:  - EASEUS)
Easy Button & Menu Maker 3 (HKLM-x32\...\Easy Button & Menu Maker_is1) (Version: 3.0 - Karlis Blumentals)
Elevated Installer (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150309 - Landesfinanzdirektion Thüringen)
EPSON Print CD (HKLM-x32\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version:  - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{2444562A-A7DC-42B8-A4D8-1BCF704B1480}) (Version: 1.0.1 - Red Giant)
Filmmaker's Toolkit for Studio (x32 Version: 1.0.1 - Red Giant) Hidden
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
FotoSketcher 2.42 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version:  - David THOIRON)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
Frontplatten Designer (HKLM-x32\...\Frontplatten Designer) (Version: 4.1.1 - Schaeffer AG)
FTP Commander (HKLM-x32\...\FTP Commander) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
helo_usb_drv_x64 (HKLM-x32\...\{8169725C-186E-4F92-AE39-26611F45ACE3}) (Version: 1.00.0000 - HELO)
HeloCut 5 (HKLM-x32\...\{8580EDDE-ACD8-4AC5-A5A3-309C41B16BF4}) (Version: 5.09.8000 - )
HeloCut 5 (HKLM-x32\...\{BC79822D-3183-4AA0-AC02-E1DF4C4183EC}) (Version: 5.09.8000 - VECAP Software Solutions)
HeloCut5 Update (HKLM-x32\...\{FE440F55-D821-4F2E-B831-3A3A883D41EF}) (Version: 5.15.0000 - VECAP IT Solutions GmbH)
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.1 - Corel Corporation)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.33.0 - HTC)
HyperCam 3 (HKLM-x32\...\HyperCam 3) (Version: 3.2.1107.8 - Solveig Multimedia)
ImageMagick 6.9.1-2 Q16 (64-bit) (2015-05-15) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Exploit version 1.9.1.1235 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.9.1.1235 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}) (Version: 1.0.1 - Red Giant)
Motion Graphics Toolkit for Studio (x32 Version: 1.0.1 - Red Giant) Hidden
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NetObjects Fusion 1&1 Edition (HKLM-x32\...\{61921186-7300-4E0E-A674-2CA8B9D5793E}) (Version: 11.0 German - )
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.a - Runtime Games Ltd)
PhoenixCreator 2.5.a (HKLM-x32\...\{36E1E13F-3137-4EC0-8872-AAD6AE612486}) (Version: 2.5.1 - Runtime Games Ltd)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio 17 - Install Manager (HKLM-x32\...\{F04D92CC-5C3A-46FA-9C98-6EACBDD262FF}) (Version: 17.0.128 - Corel Corporation)
Pinnacle Studio 17 - Standard Content Pack (HKLM-x32\...\{BA98BFA8-5EDF-450B-A92E-C096DC135D0E}) (Version: 17.0 - Corel Corporation)
Pinnacle Studio 17 (HKLM-x32\...\{3DA8F808-72E2-4361-82EC-433081D23005}) (Version: 17.5.0.327 - Corel Corporation)
Pinnacle Studio 17 Add-Ons (x32 Version: 17.0 - Corel) Hidden
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PPJoy Joystick Driver 0.8.4.6 (HKLM-x32\...\PPJoy Joystick Driver) (Version: 0.8.4.6 - Deon van der Westhuysen)
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.1 - Corel Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6368 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.1 - Corel Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{EE537655-630E-47E8-9609-EEBCAA1DDEDF}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
SketchUp 8 (HKLM-x32\...\{B8F4A45C-581C-4707-8EF2-2B9E6722270C}) (Version: 3.0.16944 - Trimble Navigation Limited)
Ski Challenge 12 (AT) (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\sc12-AT_MAIN) (Version:  - )
Ski Challenge 13 (AT) (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\sc13-AT_MAIN) (Version:  - )
Slideshow Creator (HKLM-x32\...\{4E1A63B1-F547-4CFC-91F7-F32F1A6BF430}_is1) (Version: 2.2 - Bolide Software)
Snooper Map Downloader (HKLM-x32\...\{A744A90A-BF76-4338-84A1-74F114B0F419}) (Version: 1.23 - Performance Products Ltd.)
SNS-HDR Lite v1.4.22 (HKLM\...\SNS-HDR Lite_is1) (Version:  - Sebastian Nibisz)
SPEEDLINK Strike 2 Gamepad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Spotify) (Version: 1.0.41.375.g040056ca - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.1 - Corel Corporation)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer) (Version: 1.6 - Deutsche Post AG)
Versandhelfer (x32 Version: 1.6 - Deutsche Post AG) Hidden
VG JPEG-Repair Online (HKLM-x32\...\{45820D27-B25B-4D94-8AA1-DEB467171024}) (Version: 1.6.7 - VG Solutions)
Vistaprint Fotobücher (HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\{BA786D68-3AD8-42DC-8BE1-9E09B4737A27}_is1) (Version: 9.2.0.1065 - Vistaprint)
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.0.340 - Steinberg)
Windows Driver Package - wch.cn (CH341SER_A64) Ports  (11/04/2011 3.3.2011.11) (HKLM\...\97C9A01181CB4369C61AF9B1459B09809636C13D) (Version: 11/04/2011 3.3.2011.11 - wch.cn)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Liven asennustyökalu (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows-Treiberpaket - dji-innovations inc. (usbser) Ports  (01/19/2011 5.1.2600.5512) (HKLM\...\2DC11E587B8BA912FF8FD5433B426EE46F8E22DD) (Version: 01/19/2011 5.1.2600.5512 - dji-innovations inc.)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2067386785-177352631-409754499-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02676FF1-805C-4ACF-A30D-C26681A93649} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {0374D25E-5B8E-45E5-81BF-E16B248771F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {0F5B2D0F-FCF9-496F-B884-A4043B8A0181} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {0FB95DEC-3CAF-460E-AB1A-52B83FD4D302} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe
Task: {1F9822F8-B338-48FB-8656-AD47BB6A36CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {26851BAC-1CEE-42A2-BEC1-0FF7545A4955} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2870E50D-4D54-456B-8D0F-79C6515FFA80} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {2A3E614F-4A8C-4665-B74C-6766AA8C154C} - System32\Tasks\{CF9D2DDC-EEAB-4C4F-B08A-5303A1D11280} => C:\Games\World_of_Warplanes\WOWpLauncher.exe
Task: {4049D6DB-AC4E-43A7-8C62-C758055E87FC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399 => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {4299A1C6-EE8D-41FB-A748-021A5F441918} - System32\Tasks\{B93A9C8C-E6C9-41A4-8FC0-DBCDEBDF11E1} => pcalua.exe -a C:\Users\Helli\Downloads\graupner_pc_software_de\Graupner_PC_Software_DE\Receiver_Setup.exe -d C:\Users\Helli\Downloads\graupner_pc_software_de\Graupner_PC_Software_DE
Task: {450FB7DA-F722-42C6-B7A8-E6EF76DCCF09} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {4B7D0251-266C-422A-BAC7-E30DF56C64BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {4F02A42E-FEE7-429F-A9D3-0D613BDFAD19} - System32\Tasks\{8AB10502-1A27-4039-854A-AE2DCE65C57F} => pcalua.exe -a C:\Users\Helli\Downloads\Sunbird_Setup_1.0_Beta_1.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {5E03BDD9-CADA-4D24-A692-41AB0A1225E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-17] (Google Inc.)
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe
Task: {7ACAABE6-98AB-462B-8AD1-AA9611F5F78B} - System32\Tasks\{DC9563FA-0A04-4B15-AE63-A95787C1B62E} => pcalua.exe -a C:\Users\Helli\Downloads\Adobe\CS_2.0_GR_Extras_1.exe -d C:\Users\Helli\Downloads\Adobe
Task: {8784AECF-8BD5-44AE-8C85-272720AA2639} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {8CEC623E-E1AF-4E1C-BDE6-1BE1E3B374AC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Task: {8CF958C1-5469-4B3F-B3A7-57CE2170526A} - System32\Tasks\{9A6B2E68-840A-47C3-9F0D-D18AA7979B79} => pcalua.exe -a C:\Users\Helli\Downloads\agsetup183se.exe -d C:\Users\Helli\Downloads
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9B417D00-9371-44C5-BC5D-4567DE665EC5} - System32\Tasks\{5D9D153F-F2CB-4570-BAE1-B4AA18B4311D} => pcalua.exe -a "E:\Win7 USB\SETUP.EXE" -d "E:\Win7 USB"
Task: {9CB7A533-4C6A-489D-AEA4-92784F4F4DC5} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {AAC452C4-A19E-4690-B461-A84D24A1929D} - System32\Tasks\{A24E3D1D-D17B-46FA-87DE-E557E20A6CDE} => pcalua.exe -a C:\Users\Helli\Downloads\Adobe\CS2_RetNon_Ger_3.exe -d C:\Users\Helli\Downloads\Adobe
Task: {B6CA9322-7490-458D-8A17-D0351FF6DC94} - System32\Tasks\{80AC71C8-0543-4AD4-BF6F-84482AE19BDA} => pcalua.exe -a E:\Autorun.exe -d E:\
Task: {BA9D8BA4-30B4-406C-A23E-7FC77565F343} - System32\Tasks\{CAAA3F79-29FF-452A-9832-06F473BBE0BB} => pcalua.exe -a C:\Users\Helli\Downloads\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI.exe -d C:\Users\Helli\Downloads\SimpleBGC_GUI_2_2b2\SimpleBGC_GUI_2_2b2
Task: {CA7DF40A-77AE-4EF5-8F2F-1C7EAF77A98A} - System32\Tasks\{C259DCE7-C4D2-41C3-9CDB-BA64A4C09FDA} => pcalua.exe -a C:\Users\Helli\Downloads\SimpleBGC_GUI_2_40b7\SimpleBGC_GUI_2_40\SimpleBGC_GUI.exe -d C:\Users\Helli\Downloads\SimpleBGC_GUI_2_40b7\SimpleBGC_GUI_2_40
Task: {DC66455B-FBFD-4604-8DA0-F4737FE37B3D} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a.job => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399.job => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job => C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-05-23 14:51 - 2006-02-23 10:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2012-02-10 15:00 - 2012-02-10 15:00 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-10-07 11:23 - 2011-10-07 11:23 - 00070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2011-12-31 09:49 - 2011-12-31 09:49 - 00058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll
2011-12-31 09:49 - 2011-12-31 09:49 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll
2011-12-31 09:49 - 2011-12-31 09:49 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2011-12-31 09:49 - 2011-12-31 09:49 - 00079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll
2011-12-31 09:49 - 2011-12-31 09:49 - 00152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll
2011-12-31 09:49 - 2011-12-31 09:49 - 00029696 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Config\2.7.0.12__f722db7bec59a14b\Tvd.Config.dll
2011-12-31 09:49 - 2011-12-31 09:49 - 00112640 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\ApricoIJW.dll
2011-12-31 09:49 - 2011-12-31 09:49 - 06936576 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\axelspringer.dll
2016-08-24 17:11 - 2016-08-24 17:11 - 01864384 _____ () C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2014-12-24 13:29 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-08-24 17:11 - 2016-08-24 17:11 - 01383616 _____ () C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-24 17:11 - 2016-08-24 17:11 - 00118976 _____ () C:\Users\Helli\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-10-29 13:42 - 2016-10-10 17:29 - 00035792 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-11-10 21:55 - 2016-10-10 17:29 - 00145864 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-11-10 21:55 - 2016-10-10 17:29 - 00019408 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-11-10 21:55 - 2016-10-10 17:29 - 00116688 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-10-29 13:42 - 2016-10-10 17:29 - 00100296 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-10-29 13:42 - 2016-10-10 17:29 - 00018888 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\select.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00019760 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-10-29 13:42 - 2016-10-10 17:29 - 00694224 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-11-10 21:55 - 2016-11-07 23:58 - 00020816 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-10-29 13:42 - 2016-10-10 17:30 - 00123856 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-11-10 21:55 - 2016-11-07 23:58 - 01682760 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-11-10 21:55 - 2016-11-07 23:58 - 00020808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00105928 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00021312 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00052024 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00038696 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-11-10 21:55 - 2016-10-10 17:29 - 00392144 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-11-10 21:55 - 2016-10-10 17:31 - 00020936 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00024528 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00116176 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00381752 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00124880 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00025424 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00024016 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00175560 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00030160 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00043472 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00048592 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00057808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00024016 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-11-10 21:55 - 2016-11-07 23:58 - 00246592 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00026456 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-29 13:42 - 2016-10-10 17:30 - 00241104 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-11-10 21:55 - 2016-11-07 23:58 - 00020280 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00028616 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00023376 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00020800 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00019776 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00020800 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00350152 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00022352 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00024392 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-11-10 21:55 - 2016-10-10 17:27 - 00036296 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\librsync.dll
2016-11-10 21:55 - 2016-11-07 23:59 - 00084280 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-11-10 21:55 - 2016-11-07 23:59 - 01826096 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-10-29 13:42 - 2016-10-10 17:29 - 00083912 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\sip.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00531248 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 03928880 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 01972528 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00133424 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00224056 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00207672 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00020288 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-11-10 21:55 - 2016-10-10 17:33 - 00017864 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-11-10 21:55 - 2016-10-10 17:34 - 01631184 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-11-10 21:55 - 2016-11-07 23:59 - 00042808 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00168760 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00357680 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-10-29 13:42 - 2016-10-10 17:31 - 00060880 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-10-29 13:42 - 2016-11-07 23:59 - 00024904 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-10 21:55 - 2016-11-07 23:59 - 00546096 _____ () C:\Users\Helli\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2067386785-177352631-409754499-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk => C:\Windows\pss\watchmi tray.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Helli\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify => "C:\Users\Helli\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869
FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900
FirewallRules: [{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C0B4056E-B896-435C-BBE5-FF8029F17959}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E256B328-C528-4EAF-B332-CC4B183C86EE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{E1F6AE30-4249-4692-9004-771693CBFBE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FB2F82EE-DEB4-4909-9EE4-A18310BE384A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{87B4BC7C-A2BE-428C-8AE5-0F8F7063EBB6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{C04AE569-E1F7-4C22-AD6A-DA98EB2712E8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{29373102-88B8-4D47-B105-4BBD82D21ED6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{806E67FF-BEBA-4548-9A3F-2FBAC0F98E10}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{B3319756-B179-4AC5-94C3-C9C9FA5E420D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{03491E0D-FA98-4574-9FB8-63329D41CE5B}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{429C5531-915C-435C-B0C4-FA1483B84C43}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1EC9D45E-95F2-4096-8B7C-A33BA93C062B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C50E2646-F02B-4F36-B4D6-AEF9AA368A3C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FF4E220C-1C9A-43AB-A68D-376B58F8C1CF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{AD9C6B1D-2FF7-4076-AB69-3F8DC765F3B8}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{019D6199-5B85-4452-A79C-55861A359844}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{3E19E9BA-A4DA-4274-8106-E3DA59630A53}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FD6DB47C-13A9-4C47-96B4-54CA57D8B6DF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E25504B7-9CF4-4969-8D42-310BDD34835D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16A41F44-CFA5-4A8D-B9C3-AD22BF0BF8F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A2D8D71B-E710-41A3-887F-36FC6BD78191}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A500A9AA-3549-48B1-BB6A-63BF9735A6A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{CA422FF4-7A06-4712-8C07-BA17B50ED8ED}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [UDP Query User{B5AE1388-51E6-459A-BF2A-A542C0FFF427}C:\program files (x86)\phoenixrc\phoenixrc.exe] => (Allow) C:\program files (x86)\phoenixrc\phoenixrc.exe
FirewallRules: [{8B268F4F-0C90-4F88-ACBF-5EFC2BDF0F42}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{49FE939F-27D6-4763-8A28-7753C0229E37}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{BE62E31A-ED9E-48CE-8930-4A932C9FCA64}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{2651BC27-381C-43D5-A77C-4C0D45E8BC7A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{944FC4AC-06DC-4BE7-86E0-6C3F3E2ABA67}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0AE6E609-53FA-4D67-8D08-88169B59E549}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{26AB6CBE-2D46-495D-943D-DA226824BED8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{D2B75AE4-ACA7-4B7D-AB6C-739A54072B48}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{D74D9B78-02EA-4696-8B34-AAA473019E87}C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe] => (Allow) C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe
FirewallRules: [UDP Query User{B219A230-4551-43A4-A9D7-0EA61915558E}C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe] => (Allow) C:\users\helli\downloads\graupner_pc_software_de\graupner_pc_software_de\firmware_upgrade_grstudio_ver-3.0.exe
FirewallRules: [TCP Query User{922C8C4E-F070-43FB-B54E-839B439089C5}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{D16BB7D2-99B9-4574-88A3-A98FE8D417D7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{FB3E5598-23CC-4FF1-A4C7-B9EF116740DB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6164FAA6-3A28-4E11-8DF3-21E89CF27588}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{78AF04A3-B48C-4F90-8E73-3CF0723F16C4}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{275B5807-2988-4AA1-B757-3AA1E6F108D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{485B18DD-7609-4827-8552-F7E6BB196C64}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D490CBE6-DA72-43E5-9B6C-851A6101799A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2C57B42A-ED43-42BF-BF1A-B168EE2F786C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0033A636-ED6A-4699-8C56-B3F1DBF234CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9191D8F8-423F-46FB-902A-A7D3DA865C22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C25CA83A-75E3-4410-A3D6-5B7016793DBE}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{FA5A1528-02C1-401F-8959-E15F474B79B4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\RM.exe
FirewallRules: [{3BC30513-F5A4-436D-911E-9F5D9F4744A3}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{4A7EBA7C-AB2F-46D1-9545-C3F727A8170C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\NGStudio.exe
FirewallRules: [{3441E80C-B975-4627-BB35-3AA370AC1999}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{9E3B0C05-3612-444E-A31E-739765FE8FAF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 17\programs\UMI.exe
FirewallRules: [{07888844-6A66-4C72-9236-938667E02DB4}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{B7B69043-4955-4BCF-88B0-6759D6AF2F68}] => (Allow) C:\Program Files (x86)\PhoenixRC\OnlineInstaller.exe
FirewallRules: [{CDD93FC2-711E-4894-8DD4-4CF60889D567}] => (Allow) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{144FAD38-E814-4392-AECE-EE286D1C4C82}] => (Allow) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EA2D6A13-0F24-4DD6-B161-E0E4BB53C2EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{470A3940-FF7B-44F5-B1F4-4FEF43EAD303}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0DDFD6CE-7493-4119-9FD8-40F8518A6508}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B10302FD-BBC3-4AF5-9BD8-3D8443EEABD1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0FE5523A-58AF-4347-91A4-9992662E01EF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DBC48B4-5EF0-436A-B252-3BA65671AFA1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61834444-AD52-4D4C-8F2B-5BE3C6792C93}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{AC81599F-6782-43FD-AC0D-CBFAC2D4519F}C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6206C2CF-BB80-445D-B420-C5FF83EFA41E}C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\helli\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{51C0210B-0065-4170-B983-A24A2A4325F7}C:\program files (x86)\dslrbooth\dslrbooth.exe] => (Allow) C:\Program Files (x86)\dslrBooth\dslrbooth.exe
FirewallRules: [UDP Query User{70BFE554-4451-4585-B04E-CDF6EF498BDB}C:\program files (x86)\dslrbooth\dslrbooth.exe] => (Allow) C:\Program Files (x86)\dslrBooth\dslrbooth.exe
FirewallRules: [TCP Query User{CD405E4D-59E6-4445-8052-E7D29406B973}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7CDE6156-382F-44BD-A949-798046414E54}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [{90DE1E8D-BAAC-4DC0-9578-FAE5BFA12F6F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{374A559F-1419-413D-8405-E46F3C8ABE60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D92C506-8908-4B95-8680-EBA294F999CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{374BF525-7D45-4A92-97DC-D916BF6BBC01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{14944F10-DB18-4A99-8989-2C22809D622C}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6A9D8FD0-BFD5-497E-86D2-9A3DD82BECFF}C:\users\helli\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helli\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6484AD0D-8648-4E30-B3BC-9A4D24DDC342}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9B0D5101-C20E-48F2-A8CD-303AC4057025}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{66DCA489-E691-44ED-AF0A-52DCE763E0E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{61C08636-5AAB-4435-AC22-30ECC472BF4C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0BA010FC-03E9-4C90-9584-020ACCD1CDE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{3EF2D9F8-BD7C-450E-8760-D31EBF4C3868}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{4E6EF22C-F4E7-42A2-A3C1-D1626D150F88}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe

==================== Wiederherstellungspunkte =========================

19-11-2016 17:53:03 Microsoft Office 2010 wird entfernt
19-11-2016 18:07:49 Microsoft Office 2010 wird entfernt
19-11-2016 18:11:22 Microsoft Office 2010 wird entfernt
19-11-2016 18:24:44 Microsoft Office 2010 wird entfernt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Malwarebytes Anti-Exploit
Description: Malwarebytes Anti-Exploit
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ESProtectionDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/19/2016 06:10:58 PM) (Source: MsiInstaller) (EventID: 11706) (User: Helli-PC)
Description: Produkt: Microsoft Office Single Image 2010 -- Fehler 1706.Die erforderlichen Dateien können von Setup nicht gefunden werden. Überprüfen Sie die Verbindung mit dem Netzwerk oder dem CD-ROM-Laufwerk.    Weitere mögliche Lösungen für dieses Problem erhalten Sie unter SETUP.CHM.

Error: (11/19/2016 04:59:45 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: Der ausgewählte Wiederherstellungspunkt wurde während der Wiederherstellung beschädigt oder gelöscht (Windows Update).

Error: (11/14/2016 07:36:11 PM) (Source: System Restore) (EventID: 8206) (User: )
Description: Der ausgewählte Wiederherstellungspunkt wurde während der Wiederherstellung beschädigt oder gelöscht (Windows Update).

Error: (11/12/2016 03:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.23392, Zeitstempel: 0x56eb2f8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00033a56
ID des fehlerhaften Prozesses: 0x1044
Startzeit der fehlerhaften Anwendung: 0x01d23cf00b600c7f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\ole32.dll
Berichtskennung: 9f522ff9-a8e3-11e6-959a-8c89a56d6ec7

Error: (11/12/2016 03:23:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x100c9860
ID des fehlerhaften Prozesses: 0x1044
Startzeit der fehlerhaften Anwendung: 0x01d23cf00b600c7f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: nvspcap.dll
Berichtskennung: 87384132-a8e3-11e6-959a-8c89a56d6ec7

Error: (11/10/2016 09:41:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ALDI Bestellsoftware.exe, Version 5.1.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4a8

Startzeit: 01d23b20b42acc59

Endzeit: 218

Anwendungspfad: C:\Program Files (x86)\ALDI Bestellsoftware\ALDI Bestellsoftware.exe

Berichts-ID: 49873f95-a721-11e6-a874-8c89a56d6ec7

Error: (11/10/2016 08:08:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x1000c292
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0x01d23b20a019f2ca
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: nvspcap.dll
Berichtskennung: 70be65f0-a714-11e6-a874-8c89a56d6ec7

Error: (11/10/2016 08:07:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc0000005
Fehleroffset: 0x100c9860
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0x01d23b20a019f2ca
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Pfad des fehlerhaften Moduls: nvspcap.dll
Berichtskennung: 5d5d8b24-a714-11e6-a874-8c89a56d6ec7

Error: (11/07/2016 07:27:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ALDI Bestellsoftware.exe, Version 5.1.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 874

Startzeit: 01d2391cb71cf2e3

Endzeit: 62

Anwendungspfad: C:\Program Files (x86)\ALDI Bestellsoftware\ALDI Bestellsoftware.exe

Berichts-ID: b5e261e3-a517-11e6-b4c1-8c89a56d6ec7

Error: (11/07/2016 03:40:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ALDI Bestellsoftware.exe, Version 5.1.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f04

Startzeit: 01d239043da149fe

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\ALDI Bestellsoftware\ALDI Bestellsoftware.exe

Berichts-ID: f1e30837-a4f7-11e6-a867-8c89a56d6ec7


Systemfehler:
=============
Error: (11/19/2016 07:07:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intel(R) Management and Security Application User Notification Service" ist vom Dienst "Intel(R) Management and Security Application Local Management Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Das System kann die angegebene Datei nicht finden.

Error: (11/19/2016 07:07:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/19/2016 07:07:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WMPNetworkSvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/19/2016 07:07:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet: 
Das angegebene Modul wurde nicht gefunden.

Error: (11/19/2016 07:07:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/19/2016 07:07:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/19/2016 07:07:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/19/2016 07:05:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ESProtectionDriver

Error: (11/19/2016 07:04:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/19/2016 07:04:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Protexis Licensing V2" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2015-03-09 18:30:43.512
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-09 18:30:43.494
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-03-09 18:30:43.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.311
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.249
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.217
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 11:43:41.124
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 07:21:50.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 07:21:50.331
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 4077.64 MB
Verfügbarer physikalischer RAM: 2331.98 MB
Summe virtueller Speicher: 8153.46 MB
Verfügbarer virtueller Speicher: 6484.98 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:629.77 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:25.71 GB) NTFS
Drive f: () (Removable) (Total:1.92 GB) (Free:1.86 GB) NTFS
Drive i: (HDDRIVE2GO) (Fixed) (Total:931.28 GB) (Free:672.85 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 57A991D6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

========================================================
Disk: 5 (Size: 1.9 GB) (Disk ID: 9833AAFB)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

cosinus · 19.11.2016, 19:51

1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Helli1965 · 19.11.2016, 21:26

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.11.19.07
  rootkit: v2016.10.31.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18524
Helli :: HELLI-PC [administrator]

19.11.2016 20:03:20
mbar-log-2016-11-19 (20-03-20).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 457082
Time elapsed: 57 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

21:01:11.0937 0x0f10  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
21:01:16.0165 0x0f10  ============================================================
21:01:16.0165 0x0f10  Current date / time: 2016/11/19 21:01:16.0165
21:01:16.0165 0x0f10  SystemInfo:
21:01:16.0165 0x0f10  
21:01:16.0165 0x0f10  OS Version: 6.1.7601 ServicePack: 1.0
21:01:16.0165 0x0f10  Product type: Workstation
21:01:16.0165 0x0f10  ComputerName: HELLI-PC
21:01:16.0165 0x0f10  UserName: Helli
21:01:16.0165 0x0f10  Windows directory: C:\Windows
21:01:16.0165 0x0f10  System windows directory: C:\Windows
21:01:16.0165 0x0f10  Running under WOW64
21:01:16.0165 0x0f10  Processor architecture: Intel x64
21:01:16.0165 0x0f10  Number of processors: 4
21:01:16.0180 0x0f10  Page size: 0x1000
21:01:16.0180 0x0f10  Boot type: Normal boot
21:01:16.0180 0x0f10  CodeIntegrityOptions = 0x00000001
21:01:16.0180 0x0f10  ============================================================
21:01:16.0492 0x0f10  KLMD registered as C:\Windows\system32\drivers\88924329.sys
21:01:16.0492 0x0f10  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23569, osProperties = 0x1
21:01:16.0851 0x0f10  System UUID: {711FF3E9-3D1A-BB36-1CE2-25198753BCCC}
21:01:17.0116 0x0f10  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:01:17.0132 0x0f10  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:01:20.0704 0x0f10  Drive \Device\Harddisk5\DR11 - Size: 0x7AF00000 ( 1.92 Gb ), SectorSize: 0x200, Cylinders: 0xFA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:01:20.0704 0x0f10  ============================================================
21:01:20.0704 0x0f10  \Device\Harddisk0\DR0:
21:01:20.0704 0x0f10  MBR partitions:
21:01:20.0704 0x0f10  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:01:20.0704 0x0f10  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE27D5800
21:01:20.0704 0x0f10  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE2808000, BlocksNum 0x6400000
21:01:20.0704 0x0f10  \Device\Harddisk1\DR1:
21:01:20.0704 0x0f10  MBR partitions:
21:01:20.0704 0x0f10  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
21:01:20.0704 0x0f10  \Device\Harddisk5\DR11:
21:01:20.0704 0x0f10  MBR partitions:
21:01:20.0704 0x0f10  \Device\Harddisk5\DR11\Partition1: MBR, Type 0x7, StartLBA 0x9F0, BlocksNum 0x3D6E10
21:01:20.0704 0x0f10  ============================================================
21:01:20.0751 0x0f10  C: <-> \Device\Harddisk0\DR0\Partition2
21:01:20.0798 0x0f10  D: <-> \Device\Harddisk0\DR0\Partition3
21:01:20.0798 0x0f10  I: <-> \Device\Harddisk1\DR1\Partition1
21:01:20.0798 0x0f10  ============================================================
21:01:20.0798 0x0f10  Initialize success
21:01:20.0798 0x0f10  ============================================================
21:01:34.0136 0x0d00  ============================================================
21:01:34.0136 0x0d00  Scan started
21:01:34.0136 0x0d00  Mode: Manual; 
21:01:34.0136 0x0d00  ============================================================
21:01:34.0136 0x0d00  KSN ping started
21:01:45.0306 0x0d00  KSN ping finished: true
21:01:45.0930 0x0d00  ================ Scan system memory ========================
21:01:45.0930 0x0d00  System memory - ok
21:01:45.0930 0x0d00  ================ Scan services =============================
21:01:46.0054 0x0d00  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:01:46.0054 0x0d00  1394ohci - ok
21:01:46.0086 0x0d00  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883           C:\Windows\system32\DRIVERS\61883.sys
21:01:46.0086 0x0d00  61883 - ok
21:01:46.0117 0x0d00  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:01:46.0132 0x0d00  ACPI - ok
21:01:46.0148 0x0d00  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:01:46.0164 0x0d00  AcpiPmi - ok
21:01:46.0179 0x0d00  AdobeARMservice - ok
21:01:46.0288 0x0d00  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:01:46.0288 0x0d00  AdobeFlashPlayerUpdateSvc - ok
21:01:46.0335 0x0d00  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:01:46.0351 0x0d00  adp94xx - ok
21:01:46.0382 0x0d00  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:01:46.0398 0x0d00  adpahci - ok
21:01:46.0413 0x0d00  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:01:46.0413 0x0d00  adpu320 - ok
21:01:46.0444 0x0d00  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:01:46.0444 0x0d00  AeLookupSvc - ok
21:01:46.0476 0x0d00  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
21:01:46.0491 0x0d00  AFD - ok
21:01:46.0507 0x0d00  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:01:46.0507 0x0d00  agp440 - ok
21:01:46.0538 0x0d00  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:01:46.0538 0x0d00  ALG - ok
21:01:46.0554 0x0d00  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:01:46.0554 0x0d00  aliide - ok
21:01:46.0585 0x0d00  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:01:46.0585 0x0d00  amdide - ok
21:01:46.0632 0x0d00  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:01:46.0632 0x0d00  AmdK8 - ok
21:01:46.0647 0x0d00  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:01:46.0647 0x0d00  AmdPPM - ok
21:01:46.0678 0x0d00  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:01:46.0678 0x0d00  amdsata - ok
21:01:46.0710 0x0d00  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:01:46.0710 0x0d00  amdsbs - ok
21:01:46.0741 0x0d00  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:01:46.0741 0x0d00  amdxata - ok
21:01:46.0772 0x0d00  [ 9F83C7EA6A97124DA6C207C1BE1FB3AC, 0C3315125F74C6252204016FE22591299208CE8EA076419D5B4FD92C09F569EB ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
21:01:46.0772 0x0d00  AnyDVD - ok
21:01:46.0819 0x0d00  [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID           C:\Windows\system32\drivers\appid.sys
21:01:46.0819 0x0d00  AppID - ok
21:01:46.0850 0x0d00  [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:01:46.0866 0x0d00  AppIDSvc - ok
21:01:46.0897 0x0d00  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
21:01:46.0897 0x0d00  Appinfo - ok
21:01:46.0912 0x0d00  Apple Mobile Device Service - ok
21:01:46.0928 0x0d00  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:01:46.0944 0x0d00  arc - ok
21:01:46.0975 0x0d00  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:01:46.0975 0x0d00  arcsas - ok
21:01:47.0006 0x0d00  [ 0AA7A996792FB0287B33A57A8093AE44, 41894F055F3CDA05794FC46E1F2C59979D1DAF7602F44E4ADF6347E199B8137C ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
21:01:47.0006 0x0d00  asmthub3 - ok
21:01:47.0037 0x0d00  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC, FEFF8C37CD688F39C8E341F8BF7A712AA8C0F431B064E07C3EA66A96250D855B ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
21:01:47.0053 0x0d00  asmtxhci - ok
21:01:47.0146 0x0d00  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:01:47.0146 0x0d00  aspnet_state - ok
21:01:47.0178 0x0d00  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:01:47.0178 0x0d00  AsyncMac - ok
21:01:47.0193 0x0d00  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:01:47.0193 0x0d00  atapi - ok
21:01:47.0240 0x0d00  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:01:47.0271 0x0d00  AudioEndpointBuilder - ok
21:01:47.0287 0x0d00  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:01:47.0287 0x0d00  AudioSrv - ok
21:01:47.0396 0x0d00  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc             C:\Windows\system32\DRIVERS\avc.sys
21:01:47.0396 0x0d00  Avc - ok
21:01:47.0396 0x0d00  AVP15.0.1 - ok
21:01:47.0427 0x0d00  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:01:47.0427 0x0d00  AxInstSV - ok
21:01:47.0474 0x0d00  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:01:47.0490 0x0d00  b06bdrv - ok
21:01:47.0552 0x0d00  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:01:47.0568 0x0d00  b57nd60a - ok
21:01:47.0583 0x0d00  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:01:47.0599 0x0d00  BDESVC - ok
21:01:47.0599 0x0d00  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:01:47.0599 0x0d00  Beep - ok
21:01:47.0630 0x0d00  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:01:47.0646 0x0d00  BFE - ok
21:01:47.0708 0x0d00  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:01:47.0724 0x0d00  BITS - ok
21:01:47.0755 0x0d00  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:01:47.0755 0x0d00  blbdrive - ok
21:01:47.0755 0x0d00  Bonjour Service - ok
21:01:47.0786 0x0d00  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:01:47.0786 0x0d00  bowser - ok
21:01:47.0817 0x0d00  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:01:47.0817 0x0d00  BrFiltLo - ok
21:01:47.0833 0x0d00  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:01:47.0833 0x0d00  BrFiltUp - ok
21:01:47.0864 0x0d00  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:01:47.0864 0x0d00  Browser - ok
21:01:47.0895 0x0d00  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:01:47.0895 0x0d00  Brserid - ok
21:01:47.0911 0x0d00  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:01:47.0911 0x0d00  BrSerWdm - ok
21:01:47.0942 0x0d00  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:01:47.0942 0x0d00  BrUsbMdm - ok
21:01:47.0942 0x0d00  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:01:47.0942 0x0d00  BrUsbSer - ok
21:01:47.0973 0x0d00  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:01:47.0973 0x0d00  BTHMODEM - ok
21:01:47.0989 0x0d00  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:01:47.0989 0x0d00  bthserv - ok
21:01:48.0004 0x0d00  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:01:48.0020 0x0d00  cdfs - ok
21:01:48.0036 0x0d00  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:01:48.0036 0x0d00  cdrom - ok
21:01:48.0051 0x0d00  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:01:48.0067 0x0d00  CertPropSvc - ok
21:01:48.0098 0x0d00  [ C58EC27035731337ADD1326880086B16, 1A48A57D7FF5332AD380AF7884F516548DB535CFE23F3AE7D5AF291307CBC435 ] CH341SER_A64    C:\Windows\system32\Drivers\CH341S64.SYS
21:01:48.0098 0x0d00  CH341SER_A64 - ok
21:01:48.0114 0x0d00  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:01:48.0129 0x0d00  circlass - ok
21:01:48.0145 0x0d00  [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS            C:\Windows\system32\CLFS.sys
21:01:48.0160 0x0d00  CLFS - ok
21:01:48.0207 0x0d00  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:01:48.0207 0x0d00  clr_optimization_v2.0.50727_32 - ok
21:01:48.0254 0x0d00  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:01:48.0254 0x0d00  clr_optimization_v2.0.50727_64 - ok
21:01:48.0301 0x0d00  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:01:48.0301 0x0d00  clr_optimization_v4.0.30319_32 - ok
21:01:48.0316 0x0d00  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:01:48.0332 0x0d00  clr_optimization_v4.0.30319_64 - ok
21:01:48.0332 0x0d00  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:01:48.0332 0x0d00  CmBatt - ok
21:01:48.0363 0x0d00  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:01:48.0363 0x0d00  cmdide - ok
21:01:48.0394 0x0d00  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
21:01:48.0394 0x0d00  cm_km_w - ok
21:01:48.0426 0x0d00  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:01:48.0441 0x0d00  CNG - ok
21:01:48.0457 0x0d00  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:01:48.0457 0x0d00  Compbatt - ok
21:01:48.0488 0x0d00  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:01:48.0488 0x0d00  CompositeBus - ok
21:01:48.0488 0x0d00  COMSysApp - ok
21:01:48.0488 0x0d00  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:01:48.0488 0x0d00  crcdisk - ok
21:01:48.0535 0x0d00  [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:01:48.0550 0x0d00  CryptSvc - ok
21:01:48.0597 0x0d00  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:01:48.0613 0x0d00  DcomLaunch - ok
21:01:48.0644 0x0d00  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:01:48.0644 0x0d00  defragsvc - ok
21:01:48.0675 0x0d00  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:01:48.0675 0x0d00  DfsC - ok
21:01:48.0706 0x0d00  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:01:48.0706 0x0d00  Dhcp - ok
21:01:48.0784 0x0d00  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:01:48.0831 0x0d00  DiagTrack - ok
21:01:48.0831 0x0d00  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:01:48.0847 0x0d00  discache - ok
21:01:48.0862 0x0d00  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
21:01:48.0862 0x0d00  Disk - ok
21:01:48.0894 0x0d00  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:01:48.0909 0x0d00  Dnscache - ok
21:01:48.0925 0x0d00  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:01:48.0940 0x0d00  dot3svc - ok
21:01:48.0956 0x0d00  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:01:48.0956 0x0d00  DPS - ok
21:01:48.0972 0x0d00  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:01:48.0972 0x0d00  drmkaud - ok
21:01:49.0034 0x0d00  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:01:49.0065 0x0d00  DXGKrnl - ok
21:01:49.0096 0x0d00  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:01:49.0096 0x0d00  EapHost - ok
21:01:49.0206 0x0d00  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:01:49.0315 0x0d00  ebdrv - ok
21:01:49.0362 0x0d00  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS             C:\Windows\System32\lsass.exe
21:01:49.0362 0x0d00  EFS - ok
21:01:49.0424 0x0d00  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:01:49.0440 0x0d00  ehRecvr - ok
21:01:49.0440 0x0d00  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:01:49.0455 0x0d00  ehSched - ok
21:01:49.0471 0x0d00  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
21:01:49.0471 0x0d00  ElbyCDFL - ok
21:01:49.0486 0x0d00  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
21:01:49.0486 0x0d00  ElbyCDIO - ok
21:01:49.0518 0x0d00  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:01:49.0533 0x0d00  elxstor - ok
21:01:49.0549 0x0d00  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:01:49.0549 0x0d00  ErrDev - ok
21:01:49.0580 0x0d00  ESProtectionDriver - ok
21:01:49.0627 0x0d00  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:01:49.0627 0x0d00  EventSystem - ok
21:01:49.0658 0x0d00  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:01:49.0658 0x0d00  exfat - ok
21:01:49.0674 0x0d00  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:01:49.0689 0x0d00  fastfat - ok
21:01:49.0705 0x0d00  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:01:49.0720 0x0d00  Fax - ok
21:01:49.0736 0x0d00  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:01:49.0736 0x0d00  fdc - ok
21:01:49.0752 0x0d00  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:01:49.0767 0x0d00  fdPHost - ok
21:01:49.0767 0x0d00  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:01:49.0767 0x0d00  FDResPub - ok
21:01:49.0783 0x0d00  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:01:49.0783 0x0d00  FileInfo - ok
21:01:49.0798 0x0d00  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:01:49.0798 0x0d00  Filetrace - ok
21:01:49.0814 0x0d00  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:01:49.0814 0x0d00  flpydisk - ok
21:01:49.0830 0x0d00  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:01:49.0845 0x0d00  FltMgr - ok
21:01:49.0923 0x0d00  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
21:01:49.0954 0x0d00  FontCache - ok
21:01:49.0986 0x0d00  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:01:49.0986 0x0d00  FontCache3.0.0.0 - ok
21:01:50.0001 0x0d00  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:01:50.0001 0x0d00  FsDepends - ok
21:01:50.0017 0x0d00  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:01:50.0017 0x0d00  Fs_Rec - ok
21:01:50.0048 0x0d00  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:01:50.0064 0x0d00  fvevol - ok
21:01:50.0079 0x0d00  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:01:50.0079 0x0d00  gagp30kx - ok
21:01:50.0095 0x0d00  Garmin Device Interaction Service - ok
21:01:50.0126 0x0d00  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:01:50.0126 0x0d00  GEARAspiWDM - ok
21:01:50.0188 0x0d00  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
21:01:50.0220 0x0d00  gpsvc - ok
21:01:50.0220 0x0d00  gupdate - ok
21:01:50.0220 0x0d00  gupdatem - ok
21:01:50.0220 0x0d00  gusvc - ok
21:01:50.0235 0x0d00  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:01:50.0235 0x0d00  hcw85cir - ok
21:01:50.0282 0x0d00  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:01:50.0282 0x0d00  HdAudAddService - ok
21:01:50.0313 0x0d00  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:01:50.0329 0x0d00  HDAudBus - ok
21:01:50.0344 0x0d00  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:01:50.0344 0x0d00  HidBatt - ok
21:01:50.0360 0x0d00  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:01:50.0376 0x0d00  HidBth - ok
21:01:50.0376 0x0d00  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:01:50.0391 0x0d00  HidIr - ok
21:01:50.0407 0x0d00  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:01:50.0407 0x0d00  hidserv - ok
21:01:50.0438 0x0d00  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:01:50.0438 0x0d00  HidUsb - ok
21:01:50.0454 0x0d00  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:01:50.0469 0x0d00  hkmsvc - ok
21:01:50.0485 0x0d00  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:01:50.0485 0x0d00  HomeGroupListener - ok
21:01:50.0516 0x0d00  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:01:50.0516 0x0d00  HomeGroupProvider - ok
21:01:50.0547 0x0d00  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:01:50.0547 0x0d00  HpSAMD - ok
21:01:50.0563 0x0d00  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:01:50.0563 0x0d00  HTCAND64 - ok
21:01:50.0563 0x0d00  HTCMonitorService - ok
21:01:50.0594 0x0d00  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
21:01:50.0594 0x0d00  htcnprot - ok
21:01:50.0641 0x0d00  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:01:50.0672 0x0d00  HTTP - ok
21:01:50.0688 0x0d00  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:01:50.0688 0x0d00  hwpolicy - ok
21:01:50.0703 0x0d00  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:01:50.0719 0x0d00  i8042prt - ok
21:01:50.0750 0x0d00  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
21:01:50.0766 0x0d00  iaStor - ok
21:01:50.0766 0x0d00  IAStorDataMgrSvc - ok
21:01:50.0797 0x0d00  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:01:50.0812 0x0d00  iaStorV - ok
21:01:50.0875 0x0d00  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:01:50.0906 0x0d00  idsvc - ok
21:01:50.0906 0x0d00  IEEtwCollectorService - ok
21:01:51.0093 0x0d00  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:01:51.0265 0x0d00  igfx - ok
21:01:51.0280 0x0d00  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:01:51.0280 0x0d00  iirsp - ok
21:01:51.0343 0x0d00  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:01:51.0358 0x0d00  IKEEXT - ok
21:01:51.0468 0x0d00  [ 8F6ED52134EBB4CE2953EC37C9275497, 5381A9CBB0C05F447E6DCD18EAF195A6CDC934A04792C8865814A46E5B883308 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:01:51.0546 0x0d00  IntcAzAudAddService - ok
21:01:51.0561 0x0d00  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:01:51.0561 0x0d00  intelide - ok
21:01:51.0592 0x0d00  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:01:51.0592 0x0d00  intelppm - ok
21:01:51.0608 0x0d00  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:01:51.0624 0x0d00  IPBusEnum - ok
21:01:51.0639 0x0d00  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:01:51.0639 0x0d00  IpFilterDriver - ok
21:01:51.0702 0x0d00  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:01:51.0717 0x0d00  iphlpsvc - ok
21:01:51.0733 0x0d00  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:01:51.0733 0x0d00  IPMIDRV - ok
21:01:51.0733 0x0d00  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:01:51.0748 0x0d00  IPNAT - ok
21:01:51.0748 0x0d00  iPod Service - ok
21:01:51.0764 0x0d00  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:01:51.0764 0x0d00  IRENUM - ok
21:01:51.0780 0x0d00  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:01:51.0780 0x0d00  isapnp - ok
21:01:51.0811 0x0d00  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:01:51.0811 0x0d00  iScsiPrt - ok
21:01:51.0842 0x0d00  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:01:51.0842 0x0d00  kbdclass - ok
21:01:51.0858 0x0d00  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:01:51.0873 0x0d00  kbdhid - ok
21:01:51.0873 0x0d00  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso          C:\Windows\system32\lsass.exe
21:01:51.0873 0x0d00  KeyIso - ok
21:01:51.0936 0x0d00  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
21:01:51.0951 0x0d00  KL1 - ok
21:01:51.0967 0x0d00  [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
21:01:51.0967 0x0d00  kldisk - ok
21:01:52.0014 0x0d00  [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
21:01:52.0014 0x0d00  klflt - ok
21:01:52.0045 0x0d00  [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
21:01:52.0060 0x0d00  klhk - ok
21:01:52.0107 0x0d00  [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
21:01:52.0138 0x0d00  KLIF - ok
21:01:52.0154 0x0d00  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
21:01:52.0154 0x0d00  KLIM6 - ok
21:01:52.0170 0x0d00  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
21:01:52.0170 0x0d00  klkbdflt - ok
21:01:52.0185 0x0d00  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
21:01:52.0185 0x0d00  klmouflt - ok
21:01:52.0201 0x0d00  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
21:01:52.0201 0x0d00  klpd - ok
21:01:52.0216 0x0d00  [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
21:01:52.0216 0x0d00  kltdi - ok
21:01:52.0232 0x0d00  [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
21:01:52.0248 0x0d00  Klwtp - ok
21:01:52.0248 0x0d00  KMService - ok
21:01:52.0279 0x0d00  [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
21:01:52.0279 0x0d00  kneps - ok
21:01:52.0326 0x0d00  [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:01:52.0326 0x0d00  KSecDD - ok
21:01:52.0341 0x0d00  [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:01:52.0341 0x0d00  KSecPkg - ok
21:01:52.0372 0x0d00  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:01:52.0372 0x0d00  ksthunk - ok
21:01:52.0404 0x0d00  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:01:52.0419 0x0d00  KtmRm - ok
21:01:52.0466 0x0d00  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:01:52.0482 0x0d00  LanmanServer - ok
21:01:52.0497 0x0d00  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:01:52.0513 0x0d00  LanmanWorkstation - ok
21:01:52.0528 0x0d00  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:01:52.0528 0x0d00  lltdio - ok
21:01:52.0560 0x0d00  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:01:52.0575 0x0d00  lltdsvc - ok
21:01:52.0575 0x0d00  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:01:52.0575 0x0d00  lmhosts - ok
21:01:52.0591 0x0d00  LMS - ok
21:01:52.0606 0x0d00  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:01:52.0606 0x0d00  LSI_FC - ok
21:01:52.0638 0x0d00  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:01:52.0638 0x0d00  LSI_SAS - ok
21:01:52.0669 0x0d00  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:01:52.0669 0x0d00  LSI_SAS2 - ok
21:01:52.0700 0x0d00  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:01:52.0700 0x0d00  LSI_SCSI - ok
21:01:52.0716 0x0d00  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:01:52.0716 0x0d00  luafv - ok
21:01:52.0762 0x0d00  [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
21:01:52.0762 0x0d00  MarvinBus - ok
21:01:52.0794 0x0d00  MbaeSvc - ok
21:01:52.0825 0x0d00  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:01:52.0825 0x0d00  MBAMProtector - ok
21:01:52.0825 0x0d00  MBAMScheduler - ok
21:01:52.0825 0x0d00  MBAMService - ok
21:01:52.0840 0x0d00  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:01:52.0840 0x0d00  MBAMWebAccessControl - ok
21:01:52.0856 0x0d00  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:01:52.0856 0x0d00  Mcx2Svc - ok
21:01:52.0872 0x0d00  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:01:52.0872 0x0d00  megasas - ok
21:01:52.0903 0x0d00  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:01:52.0918 0x0d00  MegaSR - ok
21:01:52.0950 0x0d00  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
21:01:52.0950 0x0d00  MEIx64 - ok
21:01:52.0950 0x0d00  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:01:52.0965 0x0d00  MMCSS - ok
21:01:52.0981 0x0d00  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:01:52.0981 0x0d00  Modem - ok
21:01:52.0981 0x0d00  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:01:52.0996 0x0d00  monitor - ok
21:01:53.0028 0x0d00  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:01:53.0028 0x0d00  mouclass - ok
21:01:53.0043 0x0d00  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:01:53.0043 0x0d00  mouhid - ok
21:01:53.0074 0x0d00  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:01:53.0074 0x0d00  mountmgr - ok
21:01:53.0137 0x0d00  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:01:53.0137 0x0d00  MozillaMaintenance - ok
21:01:53.0168 0x0d00  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:01:53.0168 0x0d00  mpio - ok
21:01:53.0199 0x0d00  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:01:53.0199 0x0d00  mpsdrv - ok
21:01:53.0246 0x0d00  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:01:53.0262 0x0d00  MpsSvc - ok
21:01:53.0308 0x0d00  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:01:53.0324 0x0d00  MRxDAV - ok
21:01:53.0371 0x0d00  [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:01:53.0371 0x0d00  mrxsmb - ok
21:01:53.0418 0x0d00  [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:01:53.0418 0x0d00  mrxsmb10 - ok
21:01:53.0433 0x0d00  [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:01:53.0433 0x0d00  mrxsmb20 - ok
21:01:53.0464 0x0d00  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:01:53.0464 0x0d00  msahci - ok
21:01:53.0464 0x0d00  MSCamSvc - ok
21:01:53.0496 0x0d00  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:01:53.0496 0x0d00  msdsm - ok
21:01:53.0511 0x0d00  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:01:53.0511 0x0d00  MSDTC - ok
21:01:53.0542 0x0d00  [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
21:01:53.0542 0x0d00  MSDV - ok
21:01:53.0558 0x0d00  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:01:53.0558 0x0d00  Msfs - ok
21:01:53.0558 0x0d00  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:01:53.0574 0x0d00  mshidkmdf - ok
21:01:53.0605 0x0d00  [ 55218F924E55FD2786ED40EDF4ED79C3, C6000DE3A1FB526ECB77438A03F7212517CCD5E0CC9DDA07826865F8B980BEA0 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
21:01:53.0605 0x0d00  MSHUSBVideo - ok
21:01:53.0620 0x0d00  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:01:53.0620 0x0d00  msisadrv - ok
21:01:53.0652 0x0d00  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:01:53.0652 0x0d00  MSiSCSI - ok
21:01:53.0667 0x0d00  msiserver - ok
21:01:53.0667 0x0d00  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:01:53.0667 0x0d00  MSKSSRV - ok
21:01:53.0683 0x0d00  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:01:53.0683 0x0d00  MSPCLOCK - ok
21:01:53.0698 0x0d00  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:01:53.0698 0x0d00  MSPQM - ok
21:01:53.0730 0x0d00  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:01:53.0745 0x0d00  MsRPC - ok
21:01:53.0761 0x0d00  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:01:53.0761 0x0d00  mssmbios - ok
21:01:53.0776 0x0d00  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:01:53.0792 0x0d00  MSTEE - ok
21:01:53.0808 0x0d00  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:01:53.0808 0x0d00  MTConfig - ok
21:01:53.0823 0x0d00  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:01:53.0823 0x0d00  Mup - ok
21:01:53.0854 0x0d00  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:01:53.0870 0x0d00  napagent - ok
21:01:53.0886 0x0d00  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:01:53.0886 0x0d00  NativeWifiP - ok
21:01:53.0917 0x0d00  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:01:53.0948 0x0d00  NDIS - ok
21:01:53.0964 0x0d00  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:01:53.0964 0x0d00  NdisCap - ok
21:01:53.0979 0x0d00  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:01:53.0995 0x0d00  NdisTapi - ok
21:01:54.0010 0x0d00  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:01:54.0010 0x0d00  Ndisuio - ok
21:01:54.0026 0x0d00  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:54.0026 0x0d00  NdisWan - ok
21:01:54.0042 0x0d00  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:01:54.0057 0x0d00  NDProxy - ok
21:01:54.0073 0x0d00  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:01:54.0073 0x0d00  NetBIOS - ok
21:01:54.0120 0x0d00  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:01:54.0120 0x0d00  NetBT - ok
21:01:54.0151 0x0d00  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon        C:\Windows\system32\lsass.exe
21:01:54.0151 0x0d00  Netlogon - ok
21:01:54.0182 0x0d00  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:01:54.0198 0x0d00  Netman - ok
21:01:54.0229 0x0d00  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:54.0229 0x0d00  NetMsmqActivator - ok
21:01:54.0244 0x0d00  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:54.0244 0x0d00  NetPipeActivator - ok
21:01:54.0276 0x0d00  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:01:54.0276 0x0d00  netprofm - ok
21:01:54.0291 0x0d00  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:54.0291 0x0d00  NetTcpActivator - ok
21:01:54.0291 0x0d00  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:54.0291 0x0d00  NetTcpPortSharing - ok
21:01:54.0322 0x0d00  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:01:54.0322 0x0d00  nfrd960 - ok
21:01:54.0338 0x0d00  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:01:54.0338 0x0d00  NlaSvc - ok
21:01:54.0354 0x0d00  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:01:54.0354 0x0d00  Npfs - ok
21:01:54.0354 0x0d00  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:01:54.0369 0x0d00  nsi - ok
21:01:54.0369 0x0d00  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:01:54.0369 0x0d00  nsiproxy - ok
21:01:54.0447 0x0d00  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:01:54.0494 0x0d00  Ntfs - ok
21:01:54.0510 0x0d00  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:01:54.0510 0x0d00  Null - ok
21:01:54.0525 0x0d00  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:01:54.0525 0x0d00  NVHDA - ok
21:01:54.0837 0x0d00  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:01:55.0149 0x0d00  nvlddmkm - ok
21:01:55.0227 0x0d00  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:01:55.0258 0x0d00  NvNetworkService - ok
21:01:55.0258 0x0d00  nvpciflt - ok
21:01:55.0274 0x0d00  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:01:55.0274 0x0d00  nvraid - ok
21:01:55.0290 0x0d00  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:01:55.0305 0x0d00  nvstor - ok
21:01:55.0305 0x0d00  NvStreamSvc - ok
21:01:55.0336 0x0d00  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:01:55.0352 0x0d00  nvsvc - ok
21:01:55.0368 0x0d00  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:01:55.0368 0x0d00  nvvad_WaveExtensible - ok
21:01:55.0383 0x0d00  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:01:55.0399 0x0d00  nv_agp - ok
21:01:55.0414 0x0d00  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:01:55.0414 0x0d00  ohci1394 - ok
21:01:55.0430 0x0d00  ose - ok
21:01:55.0430 0x0d00  osppsvc - ok
21:01:55.0477 0x0d00  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:01:55.0492 0x0d00  p2pimsvc - ok
21:01:55.0524 0x0d00  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:01:55.0539 0x0d00  p2psvc - ok
21:01:55.0555 0x0d00  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:01:55.0570 0x0d00  Parport - ok
21:01:55.0586 0x0d00  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:01:55.0586 0x0d00  partmgr - ok
21:01:55.0602 0x0d00  PassThru Service - ok
21:01:55.0648 0x0d00  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:01:55.0648 0x0d00  PcaSvc - ok
21:01:55.0664 0x0d00  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:01:55.0680 0x0d00  pci - ok
21:01:55.0695 0x0d00  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:01:55.0695 0x0d00  pciide - ok
21:01:55.0711 0x0d00  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:01:55.0726 0x0d00  pcmcia - ok
21:01:55.0742 0x0d00  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:01:55.0742 0x0d00  pcw - ok
21:01:55.0804 0x0d00  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:01:55.0820 0x0d00  PEAUTH - ok
21:01:55.0867 0x0d00  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:01:55.0867 0x0d00  PerfHost - ok
21:01:55.0929 0x0d00  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:01:55.0976 0x0d00  pla - ok
21:01:56.0007 0x0d00  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:01:56.0007 0x0d00  PlugPlay - ok
21:01:56.0007 0x0d00  PnkBstrA - ok
21:01:56.0023 0x0d00  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:01:56.0023 0x0d00  PNRPAutoReg - ok
21:01:56.0038 0x0d00  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:01:56.0038 0x0d00  PNRPsvc - ok
21:01:56.0070 0x0d00  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:01:56.0085 0x0d00  PolicyAgent - ok
21:01:56.0101 0x0d00  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:01:56.0101 0x0d00  Power - ok
21:01:56.0116 0x0d00  [ 2679383C17C7A61C75347E496EEFC5DE, 4D092C548186D7C877806095CAF7CDFC94F66C1693B820BD5C6D702D67B37763 ] PPJoyBus        C:\Windows\system32\DRIVERS\PPJoyBus64.sys
21:01:56.0116 0x0d00  PPJoyBus - ok
21:01:56.0132 0x0d00  [ 21BAC8DDC2EE0962DCFD417FFFAF0BA2, A198222CB1B60D894813055ABAACBB632008DD73099BC8676CCA8F8D83CC427C ] PPortJoystick   C:\Windows\system32\DRIVERS\PPortJoy64.sys
21:01:56.0132 0x0d00  PPortJoystick - ok
21:01:56.0163 0x0d00  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:01:56.0163 0x0d00  PptpMiniport - ok
21:01:56.0179 0x0d00  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:01:56.0179 0x0d00  Processor - ok
21:01:56.0210 0x0d00  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:01:56.0226 0x0d00  ProfSvc - ok
21:01:56.0241 0x0d00  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\Windows\system32\lsass.exe
21:01:56.0257 0x0d00  ProtectedStorage - ok
21:01:56.0272 0x0d00  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:01:56.0272 0x0d00  Psched - ok
21:01:56.0288 0x0d00  PSI_SVC_2 - ok
21:01:56.0350 0x0d00  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:01:56.0397 0x0d00  ql2300 - ok
21:01:56.0428 0x0d00  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:01:56.0428 0x0d00  ql40xx - ok
21:01:56.0444 0x0d00  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:01:56.0444 0x0d00  QWAVE - ok
21:01:56.0460 0x0d00  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:01:56.0460 0x0d00  QWAVEdrv - ok
21:01:56.0506 0x0d00  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
21:01:56.0522 0x0d00  RapiMgr - ok
21:01:56.0538 0x0d00  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:01:56.0538 0x0d00  RasAcd - ok
21:01:56.0553 0x0d00  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:01:56.0553 0x0d00  RasAgileVpn - ok
21:01:56.0569 0x0d00  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:01:56.0584 0x0d00  RasAuto - ok
21:01:56.0600 0x0d00  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:01:56.0600 0x0d00  Rasl2tp - ok
21:01:56.0631 0x0d00  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:01:56.0647 0x0d00  RasMan - ok
21:01:56.0662 0x0d00  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:01:56.0662 0x0d00  RasPppoe - ok
21:01:56.0662 0x0d00  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:01:56.0662 0x0d00  RasSstp - ok
21:01:56.0694 0x0d00  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:01:56.0694 0x0d00  rdbss - ok
21:01:56.0709 0x0d00  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:01:56.0709 0x0d00  rdpbus - ok
21:01:56.0725 0x0d00  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:01:56.0725 0x0d00  RDPCDD - ok
21:01:56.0740 0x0d00  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:01:56.0740 0x0d00  RDPENCDD - ok
21:01:56.0740 0x0d00  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:01:56.0740 0x0d00  RDPREFMP - ok
21:01:56.0818 0x0d00  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:01:56.0818 0x0d00  RdpVideoMiniport - ok
21:01:56.0850 0x0d00  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:01:56.0865 0x0d00  RDPWD - ok
21:01:56.0881 0x0d00  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:01:56.0896 0x0d00  rdyboost - ok
21:01:56.0928 0x0d00  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:01:56.0928 0x0d00  RemoteAccess - ok
21:01:56.0943 0x0d00  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:01:56.0959 0x0d00  RemoteRegistry - ok
21:01:56.0974 0x0d00  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:01:56.0974 0x0d00  RpcEptMapper - ok
21:01:56.0990 0x0d00  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:01:56.0990 0x0d00  RpcLocator - ok
21:01:57.0037 0x0d00  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
21:01:57.0052 0x0d00  RpcSs - ok
21:01:57.0084 0x0d00  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:01:57.0084 0x0d00  rspndr - ok
21:01:57.0130 0x0d00  [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:01:57.0146 0x0d00  RTL8167 - ok
21:01:57.0177 0x0d00  [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
21:01:57.0208 0x0d00  RTL8192su - ok
21:01:57.0224 0x0d00  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs           C:\Windows\system32\lsass.exe
21:01:57.0224 0x0d00  SamSs - ok
21:01:57.0240 0x0d00  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:01:57.0240 0x0d00  sbp2port - ok
21:01:57.0255 0x0d00  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:01:57.0271 0x0d00  SCardSvr - ok
21:01:57.0271 0x0d00  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:01:57.0271 0x0d00  scfilter - ok
21:01:57.0333 0x0d00  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
21:01:57.0380 0x0d00  Schedule - ok
21:01:57.0396 0x0d00  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:01:57.0396 0x0d00  SCPolicySvc - ok
21:01:57.0411 0x0d00  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:01:57.0411 0x0d00  SDRSVC - ok
21:01:57.0427 0x0d00  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:01:57.0442 0x0d00  secdrv - ok
21:01:57.0458 0x0d00  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
21:01:57.0458 0x0d00  seclogon - ok
21:01:57.0474 0x0d00  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:01:57.0474 0x0d00  SENS - ok
21:01:57.0489 0x0d00  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:01:57.0489 0x0d00  SensrSvc - ok
21:01:57.0505 0x0d00  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:01:57.0505 0x0d00  Serenum - ok
21:01:57.0520 0x0d00  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:01:57.0520 0x0d00  Serial - ok
21:01:57.0536 0x0d00  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:01:57.0536 0x0d00  sermouse - ok
21:01:57.0552 0x0d00  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:01:57.0567 0x0d00  SessionEnv - ok
21:01:57.0583 0x0d00  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:01:57.0583 0x0d00  sffdisk - ok
21:01:57.0598 0x0d00  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:01:57.0598 0x0d00  sffp_mmc - ok
21:01:57.0630 0x0d00  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:01:57.0630 0x0d00  sffp_sd - ok
21:01:57.0630 0x0d00  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:01:57.0630 0x0d00  sfloppy - ok
21:01:57.0676 0x0d00  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:01:57.0676 0x0d00  SharedAccess - ok
21:01:57.0708 0x0d00  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:01:57.0723 0x0d00  ShellHWDetection - ok
21:01:57.0739 0x0d00  [ 7799106FEE728B907A86D9C9751E02D5, EE85E8D3CF3819DB28221BFC103DE8DF0E14E1878CECF54E8CD8C161B0E0AF3C ] silabenm        C:\Windows\system32\DRIVERS\silabenm.sys
21:01:57.0739 0x0d00  silabenm - ok
21:01:57.0770 0x0d00  [ 300ACF1ABD7A8E6D5FA553CA462226EE, 2C35943FE55E43C05D490D87AE00981206167BAAFE1CB628011E9400F1A0F1D6 ] silabser        C:\Windows\system32\DRIVERS\silabser.sys
21:01:57.0770 0x0d00  silabser - ok
21:01:57.0786 0x0d00  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:01:57.0786 0x0d00  SiSRaid2 - ok
21:01:57.0801 0x0d00  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:01:57.0817 0x0d00  SiSRaid4 - ok
21:01:57.0832 0x0d00  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:01:57.0832 0x0d00  Smb - ok
21:01:57.0848 0x0d00  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:01:57.0864 0x0d00  SNMPTRAP - ok
21:01:57.0864 0x0d00  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:01:57.0864 0x0d00  spldr - ok
21:01:57.0895 0x0d00  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:01:57.0910 0x0d00  Spooler - ok
21:01:58.0020 0x0d00  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:01:58.0066 0x0d00  sppsvc - ok
21:01:58.0082 0x0d00  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:01:58.0082 0x0d00  sppuinotify - ok
21:01:58.0129 0x0d00  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:01:58.0144 0x0d00  srv - ok
21:01:58.0160 0x0d00  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:01:58.0160 0x0d00  srv2 - ok
21:01:58.0176 0x0d00  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:01:58.0176 0x0d00  srvnet - ok
21:01:58.0207 0x0d00  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:01:58.0207 0x0d00  SSDPSRV - ok
21:01:58.0207 0x0d00  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:01:58.0222 0x0d00  SstpSvc - ok
21:01:58.0300 0x0d00  [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:01:58.0316 0x0d00  Stereo Service - ok
21:01:58.0316 0x0d00  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:01:58.0316 0x0d00  stexstor - ok
21:01:58.0378 0x0d00  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:01:58.0410 0x0d00  stisvc - ok
21:01:58.0425 0x0d00  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:01:58.0425 0x0d00  swenum - ok
21:01:58.0456 0x0d00  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:01:58.0472 0x0d00  swprv - ok
21:01:58.0550 0x0d00  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
21:01:58.0597 0x0d00  SysMain - ok
21:01:58.0612 0x0d00  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:01:58.0612 0x0d00  TabletInputService - ok
21:01:58.0628 0x0d00  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:01:58.0644 0x0d00  TapiSrv - ok
21:01:58.0737 0x0d00  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:01:58.0862 0x0d00  Tcpip - ok
21:01:58.0909 0x0d00  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:01:58.0940 0x0d00  TCPIP6 - ok
21:01:58.0971 0x0d00  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:01:58.0971 0x0d00  tcpipreg - ok
21:01:59.0002 0x0d00  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:01:59.0002 0x0d00  TDPIPE - ok
21:01:59.0018 0x0d00  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:01:59.0018 0x0d00  TDTCP - ok
21:01:59.0049 0x0d00  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:01:59.0065 0x0d00  tdx - ok
21:01:59.0299 0x0d00  [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
21:01:59.0408 0x0d00  TeamViewer - ok
21:01:59.0439 0x0d00  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:01:59.0439 0x0d00  TermDD - ok
21:01:59.0486 0x0d00  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:01:59.0502 0x0d00  TermService - ok
21:01:59.0517 0x0d00  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:01:59.0517 0x0d00  Themes - ok
21:01:59.0548 0x0d00  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:01:59.0548 0x0d00  THREADORDER - ok
21:01:59.0564 0x0d00  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:01:59.0580 0x0d00  TrkWks - ok
21:01:59.0611 0x0d00  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:01:59.0626 0x0d00  TrustedInstaller - ok
21:01:59.0642 0x0d00  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:01:59.0642 0x0d00  tssecsrv - ok
21:01:59.0689 0x0d00  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:01:59.0689 0x0d00  TsUsbFlt - ok
21:01:59.0704 0x0d00  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:01:59.0704 0x0d00  TsUsbGD - ok
21:01:59.0720 0x0d00  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:01:59.0736 0x0d00  tunnel - ok
21:01:59.0751 0x0d00  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:01:59.0751 0x0d00  uagp35 - ok
21:01:59.0767 0x0d00  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:01:59.0782 0x0d00  udfs - ok
21:01:59.0798 0x0d00  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:01:59.0814 0x0d00  UI0Detect - ok
21:01:59.0829 0x0d00  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:01:59.0829 0x0d00  uliagpkx - ok
21:01:59.0845 0x0d00  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:01:59.0845 0x0d00  umbus - ok
21:01:59.0860 0x0d00  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:01:59.0860 0x0d00  UmPass - ok
21:01:59.0876 0x0d00  UNS - ok
21:01:59.0892 0x0d00  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:01:59.0907 0x0d00  upnphost - ok
21:01:59.0938 0x0d00  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:01:59.0938 0x0d00  USBAAPL64 - ok
21:01:59.0970 0x0d00  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:01:59.0970 0x0d00  usbaudio - ok
21:02:00.0001 0x0d00  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
21:02:00.0001 0x0d00  usbccgp - ok
21:02:00.0016 0x0d00  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:02:00.0032 0x0d00  usbcir - ok
21:02:00.0063 0x0d00  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:02:00.0063 0x0d00  usbehci - ok
21:02:00.0110 0x0d00  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
21:02:00.0126 0x0d00  usbhub - ok
21:02:00.0141 0x0d00  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:02:00.0141 0x0d00  usbohci - ok
21:02:00.0157 0x0d00  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:02:00.0157 0x0d00  usbprint - ok
21:02:00.0172 0x0d00  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
21:02:00.0188 0x0d00  usbser - ok
21:02:00.0204 0x0d00  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:02:00.0219 0x0d00  USBSTOR - ok
21:02:00.0250 0x0d00  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:02:00.0250 0x0d00  usbuhci - ok
21:02:00.0282 0x0d00  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:02:00.0282 0x0d00  usbvideo - ok
21:02:00.0297 0x0d00  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:02:00.0313 0x0d00  UxSms - ok
21:02:00.0313 0x0d00  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc        C:\Windows\system32\lsass.exe
21:02:00.0313 0x0d00  VaultSvc - ok
21:02:00.0344 0x0d00  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:02:00.0344 0x0d00  vdrvroot - ok
21:02:00.0375 0x0d00  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:02:00.0391 0x0d00  vds - ok
21:02:00.0406 0x0d00  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:02:00.0406 0x0d00  vga - ok
21:02:00.0422 0x0d00  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:02:00.0422 0x0d00  VgaSave - ok
21:02:00.0453 0x0d00  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:02:00.0453 0x0d00  vhdmp - ok
21:02:00.0484 0x0d00  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:02:00.0484 0x0d00  viaide - ok
21:02:00.0500 0x0d00  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:02:00.0500 0x0d00  volmgr - ok
21:02:00.0531 0x0d00  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:02:00.0531 0x0d00  volmgrx - ok
21:02:00.0562 0x0d00  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:02:00.0578 0x0d00  volsnap - ok
21:02:00.0609 0x0d00  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:02:00.0609 0x0d00  vsmraid - ok
21:02:00.0672 0x0d00  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:02:00.0718 0x0d00  VSS - ok
21:02:00.0718 0x0d00  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:02:00.0718 0x0d00  vwifibus - ok
21:02:00.0734 0x0d00  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:02:00.0734 0x0d00  vwififlt - ok
21:02:00.0750 0x0d00  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:02:00.0750 0x0d00  vwifimp - ok
21:02:00.0765 0x0d00  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:02:00.0781 0x0d00  W32Time - ok
21:02:00.0796 0x0d00  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:02:00.0796 0x0d00  WacomPen - ok
21:02:00.0812 0x0d00  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:02:00.0812 0x0d00  WANARP - ok
21:02:00.0812 0x0d00  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:02:00.0812 0x0d00  Wanarpv6 - ok
21:02:00.0874 0x0d00  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:02:00.0906 0x0d00  WatAdminSvc - ok
21:02:00.0952 0x0d00  [ 261A725F8ACEDDA695C7FFF6D6EDE6B5, 7DE18FDD707F073909FC990F6755CBF562020B6F3D5C698D90C7907EE0F3B420 ] watchmi         C:\Program Files (x86)\watchmi\TvdService.exe
21:02:00.0952 0x0d00  watchmi - ok
21:02:01.0015 0x0d00  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:02:01.0062 0x0d00  wbengine - ok
21:02:01.0077 0x0d00  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:02:01.0077 0x0d00  WbioSrvc - ok
21:02:01.0108 0x0d00  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
21:02:01.0108 0x0d00  WcesComm - ok
21:02:01.0140 0x0d00  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:02:01.0140 0x0d00  wcncsvc - ok
21:02:01.0155 0x0d00  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:02:01.0155 0x0d00  WcsPlugInService - ok
21:02:01.0171 0x0d00  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:02:01.0171 0x0d00  Wd - ok
21:02:01.0249 0x0d00  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:02:01.0264 0x0d00  Wdf01000 - ok
21:02:01.0296 0x0d00  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:02:01.0296 0x0d00  WdiServiceHost - ok
21:02:01.0311 0x0d00  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:02:01.0311 0x0d00  WdiSystemHost - ok
21:02:01.0374 0x0d00  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
21:02:01.0374 0x0d00  WebClient - ok
21:02:01.0405 0x0d00  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:02:01.0420 0x0d00  Wecsvc - ok
21:02:01.0420 0x0d00  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:02:01.0436 0x0d00  wercplsupport - ok
21:02:01.0436 0x0d00  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:02:01.0452 0x0d00  WerSvc - ok
21:02:01.0452 0x0d00  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:02:01.0467 0x0d00  WfpLwf - ok
21:02:01.0467 0x0d00  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:02:01.0467 0x0d00  WIMMount - ok
21:02:01.0498 0x0d00  WinDefend - ok
21:02:01.0498 0x0d00  WinHttpAutoProxySvc - ok
21:02:01.0561 0x0d00  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:02:01.0561 0x0d00  Winmgmt - ok
21:02:01.0654 0x0d00  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:02:01.0701 0x0d00  WinRM - ok
21:02:01.0732 0x0d00  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUsb.sys
21:02:01.0732 0x0d00  WinUSB - ok
21:02:01.0779 0x0d00  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:02:01.0795 0x0d00  Wlansvc - ok
21:02:01.0810 0x0d00  wlcrasvc - ok
21:02:01.0810 0x0d00  wlidsvc - ok
21:02:01.0826 0x0d00  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:02:01.0826 0x0d00  WmiAcpi - ok
21:02:01.0857 0x0d00  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:02:01.0873 0x0d00  wmiApSrv - ok
21:02:01.0873 0x0d00  WMPNetworkSvc - ok
21:02:01.0888 0x0d00  WMZuneComm - ok
21:02:01.0888 0x0d00  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:02:01.0904 0x0d00  WPCSvc - ok
21:02:01.0904 0x0d00  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:02:01.0920 0x0d00  WPDBusEnum - ok
21:02:01.0920 0x0d00  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:02:01.0920 0x0d00  ws2ifsl - ok
21:02:01.0935 0x0d00  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:02:01.0951 0x0d00  wscsvc - ok
21:02:01.0951 0x0d00  WSearch - ok
21:02:01.0982 0x0d00  [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
21:02:01.0982 0x0d00  wsvd - ok
21:02:02.0076 0x0d00  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:02:02.0107 0x0d00  wuauserv - ok
21:02:02.0138 0x0d00  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:02:02.0138 0x0d00  WudfPf - ok
21:02:02.0169 0x0d00  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:02:02.0169 0x0d00  WUDFRd - ok
21:02:02.0200 0x0d00  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:02:02.0200 0x0d00  wudfsvc - ok
21:02:02.0247 0x0d00  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:02:02.0263 0x0d00  WwanSvc - ok
21:02:02.0263 0x0d00  ZuneNetworkSvc - ok
21:02:02.0263 0x0d00  ZuneWlanCfgSvc - ok
21:02:02.0278 0x0d00  ================ Scan global ===============================
21:02:02.0325 0x0d00  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:02:02.0356 0x0d00  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
21:02:02.0388 0x0d00  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
21:02:02.0388 0x0d00  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:02:02.0434 0x0d00  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:02:02.0450 0x0d00  [ Global ] - ok
21:02:02.0450 0x0d00  ================ Scan MBR ==================================
21:02:02.0450 0x0d00  [ 753CA1D394F3C0855134963D7361060F ] \Device\Harddisk0\DR0
21:02:04.0166 0x0d00  \Device\Harddisk0\DR0 - ok
21:02:04.0166 0x0d00  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:02:04.0166 0x0d00  \Device\Harddisk1\DR1 - ok
21:02:04.0182 0x0d00  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk5\DR11
21:02:04.0182 0x0d00  \Device\Harddisk5\DR11 - ok
21:02:04.0182 0x0d00  ================ Scan VBR ==================================
21:02:04.0182 0x0d00  [ EBF48FF7D3EF6FFED6E8C9EDE3A0ECBE ] \Device\Harddisk0\DR0\Partition1
21:02:04.0182 0x0d00  \Device\Harddisk0\DR0\Partition1 - ok
21:02:04.0182 0x0d00  [ 723B1384481DF8BCF39370C73915C3B3 ] \Device\Harddisk0\DR0\Partition2
21:02:04.0182 0x0d00  \Device\Harddisk0\DR0\Partition2 - ok
21:02:04.0182 0x0d00  [ 321024554349D673DA11DF6C854568BF ] \Device\Harddisk0\DR0\Partition3
21:02:04.0182 0x0d00  \Device\Harddisk0\DR0\Partition3 - ok
21:02:04.0182 0x0d00  [ 66312B2F56616FEA51833A772C227B05 ] \Device\Harddisk1\DR1\Partition1
21:02:04.0182 0x0d00  \Device\Harddisk1\DR1\Partition1 - ok
21:02:04.0197 0x0d00  [ 822F0FB99005C9350BDAADDA1853A3EB ] \Device\Harddisk5\DR11\Partition1
21:02:04.0197 0x0d00  \Device\Harddisk5\DR11\Partition1 - ok
21:02:04.0197 0x0d00  ================ Scan generic autorun ======================
21:02:04.0291 0x0d00  [ EE73B56ED71EB6383F25FA5468923BB2, 0A13F25C55D97A3F86766BED449265514147D41ABB392C9451B9FB070EC7E8E4 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:02:04.0322 0x0d00  NvBackend - ok
21:02:04.0338 0x0d00  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
21:02:04.0338 0x0d00  ShadowPlay - ok
21:02:04.0338 0x0d00  Malwarebytes Anti-Exploit - ok
21:02:04.0447 0x0d00  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:02:04.0494 0x0d00  Sidebar - ok
21:02:04.0525 0x0d00  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:02:04.0540 0x0d00  mctadmin - ok
21:02:04.0603 0x0d00  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:02:04.0618 0x0d00  Sidebar - ok
21:02:04.0618 0x0d00  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:02:04.0634 0x0d00  mctadmin - ok
21:02:04.0884 0x0d00  [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
21:02:04.0977 0x0d00  Amazon Music - ok
21:02:05.0055 0x0d00  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
21:02:05.0055 0x0d00  Dropbox Update - ok
21:02:05.0055 0x0d00  GarminExpressTrayApp - ok
21:02:05.0118 0x0d00  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Helli\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:02:05.0133 0x0d00  OneDrive - ok
21:02:05.0242 0x0d00  [ D871A58A7DB7B8D4E78D844BADF6931B, 41C34B1322D54F11DD99BF9B64B2BD9FCFB2916017A0EE4BD1025EC6FF7F969E ] C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:02:05.0258 0x0d00  Spotify Web Helper - ok
21:02:05.0258 0x0d00  Sidebar - ok
21:02:05.0258 0x0d00  swg - ok
21:02:05.0258 0x0d00  Waiting for KSN requests completion. In queue: 100
21:02:06.0303 0x0d00  Win FW state via NFP2: enabled ( trusted )
21:02:06.0475 0x0d00  ============================================================
21:02:06.0475 0x0d00  Scan finished
21:02:06.0475 0x0d00  ============================================================
21:02:06.0475 0x0900  Detected object count: 0
21:02:06.0475 0x0900  Actual detected object count: 0

cosinus · 19.11.2016, 22:32

Zitat:

21:01:34.0136 0x0d00 Scan started
21:01:34.0136 0x0d00 Mode: Manual;

Anleitungen bitte richtig lesen; der tdsskiller wurde falsch eingestellt

Helli1965 · 19.11.2016, 23:29

Oja, sorry....

Code:

ATTFilter

23:24:51.0311 0x050c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
23:24:55.0944 0x050c  ============================================================
23:24:55.0944 0x050c  Current date / time: 2016/11/19 23:24:55.0944
23:24:55.0944 0x050c  SystemInfo:
23:24:55.0944 0x050c  
23:24:55.0944 0x050c  OS Version: 6.1.7601 ServicePack: 1.0
23:24:55.0944 0x050c  Product type: Workstation
23:24:55.0944 0x050c  ComputerName: HELLI-PC
23:24:55.0944 0x050c  UserName: Helli
23:24:55.0944 0x050c  Windows directory: C:\Windows
23:24:55.0944 0x050c  System windows directory: C:\Windows
23:24:55.0944 0x050c  Running under WOW64
23:24:55.0944 0x050c  Processor architecture: Intel x64
23:24:55.0944 0x050c  Number of processors: 4
23:24:55.0944 0x050c  Page size: 0x1000
23:24:55.0944 0x050c  Boot type: Normal boot
23:24:55.0944 0x050c  CodeIntegrityOptions = 0x00000001
23:24:55.0944 0x050c  ============================================================
23:24:56.0287 0x050c  KLMD registered as C:\Windows\system32\drivers\27842601.sys
23:24:56.0287 0x050c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23569, osProperties = 0x1
23:24:56.0631 0x050c  System UUID: {711FF3E9-3D1A-BB36-1CE2-25198753BCCC}
23:24:56.0880 0x050c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:24:56.0896 0x050c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:24:56.0911 0x050c  Drive \Device\Harddisk5\DR12 - Size: 0x7AF00000 ( 1.92 Gb ), SectorSize: 0x200, Cylinders: 0xFA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:24:56.0911 0x050c  ============================================================
23:24:56.0911 0x050c  \Device\Harddisk0\DR0:
23:24:56.0911 0x050c  MBR partitions:
23:24:56.0911 0x050c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:24:56.0911 0x050c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE27D5800
23:24:56.0911 0x050c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE2808000, BlocksNum 0x6400000
23:24:56.0911 0x050c  \Device\Harddisk1\DR1:
23:24:57.0130 0x050c  MBR partitions:
23:24:57.0130 0x050c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
23:24:57.0130 0x050c  \Device\Harddisk5\DR12:
23:24:57.0130 0x050c  MBR partitions:
23:24:57.0130 0x050c  \Device\Harddisk5\DR12\Partition1: MBR, Type 0x7, StartLBA 0x9F0, BlocksNum 0x3D6E10
23:24:57.0130 0x050c  ============================================================
23:24:57.0161 0x050c  C: <-> \Device\Harddisk0\DR0\Partition2
23:24:57.0223 0x050c  D: <-> \Device\Harddisk0\DR0\Partition3
23:24:57.0223 0x050c  I: <-> \Device\Harddisk1\DR1\Partition1
23:24:57.0223 0x050c  ============================================================
23:24:57.0223 0x050c  Initialize success
23:24:57.0223 0x050c  ============================================================
23:25:04.0009 0x04c4  ============================================================
23:25:04.0009 0x04c4  Scan started
23:25:04.0009 0x04c4  Mode: Manual; SigCheck; TDLFS; 
23:25:04.0009 0x04c4  ============================================================
23:25:04.0009 0x04c4  KSN ping started
23:25:15.0444 0x04c4  KSN ping finished: true
23:25:15.0975 0x04c4  ================ Scan system memory ========================
23:25:15.0975 0x04c4  System memory - ok
23:25:15.0975 0x04c4  ================ Scan services =============================
23:25:16.0131 0x04c4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:25:16.0162 0x04c4  1394ohci - ok
23:25:16.0193 0x04c4  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883           C:\Windows\system32\DRIVERS\61883.sys
23:25:16.0209 0x04c4  61883 - ok
23:25:16.0240 0x04c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:25:16.0240 0x04c4  ACPI - ok
23:25:16.0255 0x04c4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:25:16.0271 0x04c4  AcpiPmi - ok
23:25:16.0302 0x04c4  AdobeARMservice - ok
23:25:16.0396 0x04c4  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:25:16.0427 0x04c4  AdobeFlashPlayerUpdateSvc - ok
23:25:16.0458 0x04c4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:25:16.0474 0x04c4  adp94xx - ok
23:25:16.0505 0x04c4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:25:16.0521 0x04c4  adpahci - ok
23:25:16.0536 0x04c4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:25:16.0552 0x04c4  adpu320 - ok
23:25:16.0567 0x04c4  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:25:16.0567 0x04c4  AeLookupSvc - ok
23:25:16.0599 0x04c4  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
23:25:16.0614 0x04c4  AFD - ok
23:25:16.0630 0x04c4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:25:16.0645 0x04c4  agp440 - ok
23:25:16.0661 0x04c4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:25:16.0677 0x04c4  ALG - ok
23:25:16.0692 0x04c4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:25:16.0692 0x04c4  aliide - ok
23:25:16.0723 0x04c4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:25:16.0723 0x04c4  amdide - ok
23:25:16.0755 0x04c4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:25:16.0770 0x04c4  AmdK8 - ok
23:25:16.0786 0x04c4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:25:16.0801 0x04c4  AmdPPM - ok
23:25:16.0833 0x04c4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:25:16.0848 0x04c4  amdsata - ok
23:25:16.0864 0x04c4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:25:16.0864 0x04c4  amdsbs - ok
23:25:16.0895 0x04c4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:25:16.0911 0x04c4  amdxata - ok
23:25:16.0926 0x04c4  [ 9F83C7EA6A97124DA6C207C1BE1FB3AC, 0C3315125F74C6252204016FE22591299208CE8EA076419D5B4FD92C09F569EB ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
23:25:16.0942 0x04c4  AnyDVD - ok
23:25:16.0989 0x04c4  [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID           C:\Windows\system32\drivers\appid.sys
23:25:17.0004 0x04c4  AppID - ok
23:25:17.0067 0x04c4  [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:25:17.0082 0x04c4  AppIDSvc - ok
23:25:17.0113 0x04c4  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
23:25:17.0129 0x04c4  Appinfo - ok
23:25:17.0145 0x04c4  Apple Mobile Device Service - ok
23:25:17.0176 0x04c4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
23:25:17.0191 0x04c4  arc - ok
23:25:17.0207 0x04c4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:25:17.0223 0x04c4  arcsas - ok
23:25:17.0238 0x04c4  [ 0AA7A996792FB0287B33A57A8093AE44, 41894F055F3CDA05794FC46E1F2C59979D1DAF7602F44E4ADF6347E199B8137C ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
23:25:17.0254 0x04c4  asmthub3 - ok
23:25:17.0269 0x04c4  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC, FEFF8C37CD688F39C8E341F8BF7A712AA8C0F431B064E07C3EA66A96250D855B ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
23:25:17.0285 0x04c4  asmtxhci - ok
23:25:17.0379 0x04c4  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:25:17.0394 0x04c4  aspnet_state - ok
23:25:17.0410 0x04c4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:25:17.0457 0x04c4  AsyncMac - ok
23:25:17.0472 0x04c4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:25:17.0472 0x04c4  atapi - ok
23:25:17.0519 0x04c4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:25:17.0550 0x04c4  AudioEndpointBuilder - ok
23:25:17.0566 0x04c4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:25:17.0581 0x04c4  AudioSrv - ok
23:25:17.0613 0x04c4  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc             C:\Windows\system32\DRIVERS\avc.sys
23:25:17.0613 0x04c4  Avc - ok
23:25:17.0628 0x04c4  AVP15.0.1 - ok
23:25:17.0644 0x04c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:25:17.0659 0x04c4  AxInstSV - ok
23:25:17.0706 0x04c4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:25:17.0722 0x04c4  b06bdrv - ok
23:25:17.0753 0x04c4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:25:17.0753 0x04c4  b57nd60a - ok
23:25:17.0769 0x04c4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:25:17.0784 0x04c4  BDESVC - ok
23:25:17.0784 0x04c4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:25:17.0815 0x04c4  Beep - ok
23:25:17.0847 0x04c4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:25:17.0862 0x04c4  BFE - ok
23:25:17.0940 0x04c4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:25:17.0987 0x04c4  BITS - ok
23:25:18.0049 0x04c4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
23:25:18.0081 0x04c4  blbdrive - ok
23:25:18.0081 0x04c4  Bonjour Service - ok
23:25:18.0112 0x04c4  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:25:18.0127 0x04c4  bowser - ok
23:25:18.0174 0x04c4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:25:18.0190 0x04c4  BrFiltLo - ok
23:25:18.0221 0x04c4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:25:18.0237 0x04c4  BrFiltUp - ok
23:25:18.0268 0x04c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:25:18.0283 0x04c4  Browser - ok
23:25:18.0299 0x04c4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:25:18.0315 0x04c4  Brserid - ok
23:25:18.0346 0x04c4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:25:18.0361 0x04c4  BrSerWdm - ok
23:25:18.0361 0x04c4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:25:18.0377 0x04c4  BrUsbMdm - ok
23:25:18.0393 0x04c4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:25:18.0408 0x04c4  BrUsbSer - ok
23:25:18.0439 0x04c4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:25:18.0455 0x04c4  BTHMODEM - ok
23:25:18.0471 0x04c4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:25:18.0502 0x04c4  bthserv - ok
23:25:18.0533 0x04c4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:25:18.0549 0x04c4  cdfs - ok
23:25:18.0580 0x04c4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:25:18.0611 0x04c4  cdrom - ok
23:25:18.0611 0x04c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:25:18.0642 0x04c4  CertPropSvc - ok
23:25:18.0705 0x04c4  [ C58EC27035731337ADD1326880086B16, 1A48A57D7FF5332AD380AF7884F516548DB535CFE23F3AE7D5AF291307CBC435 ] CH341SER_A64    C:\Windows\system32\Drivers\CH341S64.SYS
23:25:18.0720 0x04c4  CH341SER_A64 - ok
23:25:18.0736 0x04c4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:25:18.0751 0x04c4  circlass - ok
23:25:18.0798 0x04c4  [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS            C:\Windows\system32\CLFS.sys
23:25:18.0814 0x04c4  CLFS - ok
23:25:18.0876 0x04c4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:25:18.0892 0x04c4  clr_optimization_v2.0.50727_32 - ok
23:25:18.0939 0x04c4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:25:18.0954 0x04c4  clr_optimization_v2.0.50727_64 - ok
23:25:19.0017 0x04c4  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:25:19.0032 0x04c4  clr_optimization_v4.0.30319_32 - ok
23:25:19.0048 0x04c4  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:25:19.0048 0x04c4  clr_optimization_v4.0.30319_64 - ok
23:25:19.0063 0x04c4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:25:19.0079 0x04c4  CmBatt - ok
23:25:19.0095 0x04c4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:25:19.0110 0x04c4  cmdide - ok
23:25:19.0126 0x04c4  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
23:25:19.0141 0x04c4  cm_km_w - ok
23:25:19.0188 0x04c4  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:25:19.0219 0x04c4  CNG - ok
23:25:19.0235 0x04c4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:25:19.0235 0x04c4  Compbatt - ok
23:25:19.0251 0x04c4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:25:19.0266 0x04c4  CompositeBus - ok
23:25:19.0266 0x04c4  COMSysApp - ok
23:25:19.0282 0x04c4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:25:19.0282 0x04c4  crcdisk - ok
23:25:19.0329 0x04c4  [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:25:19.0344 0x04c4  CryptSvc - ok
23:25:19.0407 0x04c4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:25:19.0422 0x04c4  DcomLaunch - ok
23:25:19.0453 0x04c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:25:19.0485 0x04c4  defragsvc - ok
23:25:19.0500 0x04c4  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:25:19.0516 0x04c4  DfsC - ok
23:25:19.0531 0x04c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:25:19.0547 0x04c4  Dhcp - ok
23:25:19.0594 0x04c4  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
23:25:19.0625 0x04c4  DiagTrack - ok
23:25:19.0641 0x04c4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:25:19.0656 0x04c4  discache - ok
23:25:19.0687 0x04c4  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
23:25:19.0687 0x04c4  Disk - ok
23:25:19.0719 0x04c4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:25:19.0719 0x04c4  Dnscache - ok
23:25:19.0750 0x04c4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:25:19.0765 0x04c4  dot3svc - ok
23:25:19.0781 0x04c4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:25:19.0797 0x04c4  DPS - ok
23:25:19.0812 0x04c4  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:25:19.0828 0x04c4  drmkaud - ok
23:25:19.0906 0x04c4  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:25:19.0937 0x04c4  DXGKrnl - ok
23:25:19.0968 0x04c4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:25:19.0984 0x04c4  EapHost - ok
23:25:20.0109 0x04c4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:25:20.0187 0x04c4  ebdrv - ok
23:25:20.0218 0x04c4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS             C:\Windows\System32\lsass.exe
23:25:20.0233 0x04c4  EFS - ok
23:25:20.0296 0x04c4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:25:20.0327 0x04c4  ehRecvr - ok
23:25:20.0327 0x04c4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:25:20.0343 0x04c4  ehSched - ok
23:25:20.0358 0x04c4  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
23:25:20.0358 0x04c4  ElbyCDFL - ok
23:25:20.0374 0x04c4  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
23:25:20.0389 0x04c4  ElbyCDIO - ok
23:25:20.0405 0x04c4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:25:20.0421 0x04c4  elxstor - ok
23:25:20.0452 0x04c4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:25:20.0452 0x04c4  ErrDev - ok
23:25:20.0483 0x04c4  ESProtectionDriver - ok
23:25:20.0514 0x04c4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:25:20.0545 0x04c4  EventSystem - ok
23:25:20.0561 0x04c4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:25:20.0592 0x04c4  exfat - ok
23:25:20.0623 0x04c4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:25:20.0639 0x04c4  fastfat - ok
23:25:20.0670 0x04c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:25:20.0701 0x04c4  Fax - ok
23:25:20.0733 0x04c4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
23:25:20.0748 0x04c4  fdc - ok
23:25:20.0779 0x04c4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:25:20.0811 0x04c4  fdPHost - ok
23:25:20.0811 0x04c4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:25:20.0842 0x04c4  FDResPub - ok
23:25:20.0842 0x04c4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:25:20.0857 0x04c4  FileInfo - ok
23:25:20.0873 0x04c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:25:20.0889 0x04c4  Filetrace - ok
23:25:20.0904 0x04c4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:25:20.0920 0x04c4  flpydisk - ok
23:25:20.0935 0x04c4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:25:20.0951 0x04c4  FltMgr - ok
23:25:20.0998 0x04c4  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
23:25:21.0029 0x04c4  FontCache - ok
23:25:21.0060 0x04c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:25:21.0076 0x04c4  FontCache3.0.0.0 - ok
23:25:21.0076 0x04c4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:25:21.0091 0x04c4  FsDepends - ok
23:25:21.0107 0x04c4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:25:21.0107 0x04c4  Fs_Rec - ok
23:25:21.0138 0x04c4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:25:21.0154 0x04c4  fvevol - ok
23:25:21.0169 0x04c4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:25:21.0169 0x04c4  gagp30kx - ok
23:25:21.0169 0x04c4  Garmin Device Interaction Service - ok
23:25:21.0216 0x04c4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:25:21.0232 0x04c4  GEARAspiWDM - ok
23:25:21.0279 0x04c4  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
23:25:21.0310 0x04c4  gpsvc - ok
23:25:21.0310 0x04c4  gupdate - ok
23:25:21.0310 0x04c4  gupdatem - ok
23:25:21.0310 0x04c4  gusvc - ok
23:25:21.0325 0x04c4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:25:21.0341 0x04c4  hcw85cir - ok
23:25:21.0372 0x04c4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:25:21.0388 0x04c4  HdAudAddService - ok
23:25:21.0403 0x04c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:25:21.0419 0x04c4  HDAudBus - ok
23:25:21.0435 0x04c4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:25:21.0450 0x04c4  HidBatt - ok
23:25:21.0450 0x04c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:25:21.0466 0x04c4  HidBth - ok
23:25:21.0481 0x04c4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:25:21.0497 0x04c4  HidIr - ok
23:25:21.0513 0x04c4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
23:25:21.0544 0x04c4  hidserv - ok
23:25:21.0575 0x04c4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:25:21.0591 0x04c4  HidUsb - ok
23:25:21.0622 0x04c4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:25:21.0653 0x04c4  hkmsvc - ok
23:25:21.0669 0x04c4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:25:21.0684 0x04c4  HomeGroupListener - ok
23:25:21.0700 0x04c4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:25:21.0715 0x04c4  HomeGroupProvider - ok
23:25:21.0731 0x04c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:25:21.0747 0x04c4  HpSAMD - ok
23:25:21.0762 0x04c4  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
23:25:21.0762 0x04c4  HTCAND64 - ok
23:25:21.0762 0x04c4  HTCMonitorService - ok
23:25:21.0793 0x04c4  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
23:25:21.0793 0x04c4  htcnprot - ok
23:25:21.0825 0x04c4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:25:21.0840 0x04c4  HTTP - ok
23:25:21.0871 0x04c4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:25:21.0871 0x04c4  hwpolicy - ok
23:25:21.0903 0x04c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:25:21.0918 0x04c4  i8042prt - ok
23:25:21.0934 0x04c4  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
23:25:21.0949 0x04c4  iaStor - ok
23:25:21.0949 0x04c4  IAStorDataMgrSvc - ok
23:25:21.0981 0x04c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:25:22.0012 0x04c4  iaStorV - ok
23:25:22.0074 0x04c4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:25:22.0105 0x04c4  idsvc - ok
23:25:22.0105 0x04c4  IEEtwCollectorService - ok
23:25:22.0293 0x04c4  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:25:22.0417 0x04c4  igfx - ok
23:25:22.0449 0x04c4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:25:22.0449 0x04c4  iirsp - ok
23:25:22.0511 0x04c4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:25:22.0542 0x04c4  IKEEXT - ok
23:25:22.0636 0x04c4  [ 8F6ED52134EBB4CE2953EC37C9275497, 5381A9CBB0C05F447E6DCD18EAF195A6CDC934A04792C8865814A46E5B883308 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:25:22.0698 0x04c4  IntcAzAudAddService - ok
23:25:22.0729 0x04c4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:25:22.0729 0x04c4  intelide - ok
23:25:22.0745 0x04c4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:25:22.0761 0x04c4  intelppm - ok
23:25:22.0792 0x04c4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:25:22.0854 0x04c4  IPBusEnum - ok
23:25:22.0854 0x04c4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:25:22.0885 0x04c4  IpFilterDriver - ok
23:25:22.0932 0x04c4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:25:22.0948 0x04c4  iphlpsvc - ok
23:25:22.0963 0x04c4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:25:22.0979 0x04c4  IPMIDRV - ok
23:25:22.0979 0x04c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:25:23.0010 0x04c4  IPNAT - ok
23:25:23.0010 0x04c4  iPod Service - ok
23:25:23.0026 0x04c4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:25:23.0041 0x04c4  IRENUM - ok
23:25:23.0057 0x04c4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:25:23.0057 0x04c4  isapnp - ok
23:25:23.0088 0x04c4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:25:23.0088 0x04c4  iScsiPrt - ok
23:25:23.0119 0x04c4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:25:23.0119 0x04c4  kbdclass - ok
23:25:23.0135 0x04c4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:25:23.0151 0x04c4  kbdhid - ok
23:25:23.0166 0x04c4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso          C:\Windows\system32\lsass.exe
23:25:23.0182 0x04c4  KeyIso - ok
23:25:23.0229 0x04c4  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] KL1             C:\Windows\system32\DRIVERS\kl1.sys
23:25:23.0260 0x04c4  KL1 - ok
23:25:23.0307 0x04c4  [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
23:25:23.0322 0x04c4  kldisk - ok
23:25:23.0353 0x04c4  [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
23:25:23.0369 0x04c4  klflt - ok
23:25:23.0400 0x04c4  [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
23:25:23.0431 0x04c4  klhk - ok
23:25:23.0478 0x04c4  [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
23:25:23.0509 0x04c4  KLIF - ok
23:25:23.0525 0x04c4  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
23:25:23.0525 0x04c4  KLIM6 - ok
23:25:23.0525 0x04c4  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
23:25:23.0541 0x04c4  klkbdflt - ok
23:25:23.0541 0x04c4  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
23:25:23.0541 0x04c4  klmouflt - ok
23:25:23.0556 0x04c4  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
23:25:23.0572 0x04c4  klpd - ok
23:25:23.0587 0x04c4  [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
23:25:23.0587 0x04c4  kltdi - ok
23:25:23.0619 0x04c4  [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
23:25:23.0619 0x04c4  Klwtp - ok
23:25:23.0619 0x04c4  KMService - ok
23:25:23.0650 0x04c4  [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
23:25:23.0650 0x04c4  kneps - ok
23:25:23.0681 0x04c4  [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:25:23.0697 0x04c4  KSecDD - ok
23:25:23.0712 0x04c4  [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:25:23.0728 0x04c4  KSecPkg - ok
23:25:23.0759 0x04c4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:25:23.0790 0x04c4  ksthunk - ok
23:25:23.0821 0x04c4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:25:23.0853 0x04c4  KtmRm - ok
23:25:23.0868 0x04c4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:25:23.0899 0x04c4  LanmanServer - ok
23:25:23.0915 0x04c4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:25:23.0962 0x04c4  LanmanWorkstation - ok
23:25:23.0977 0x04c4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:25:23.0993 0x04c4  lltdio - ok
23:25:24.0040 0x04c4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:25:24.0071 0x04c4  lltdsvc - ok
23:25:24.0071 0x04c4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:25:24.0102 0x04c4  lmhosts - ok
23:25:24.0102 0x04c4  LMS - ok
23:25:24.0133 0x04c4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:25:24.0133 0x04c4  LSI_FC - ok
23:25:24.0165 0x04c4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:25:24.0165 0x04c4  LSI_SAS - ok
23:25:24.0196 0x04c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:25:24.0196 0x04c4  LSI_SAS2 - ok
23:25:24.0227 0x04c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:25:24.0227 0x04c4  LSI_SCSI - ok
23:25:24.0243 0x04c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:25:24.0274 0x04c4  luafv - ok
23:25:24.0321 0x04c4  [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
23:25:24.0336 0x04c4  MarvinBus - ok
23:25:24.0383 0x04c4  MbaeSvc - ok
23:25:24.0414 0x04c4  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:25:24.0414 0x04c4  MBAMProtector - ok
23:25:24.0430 0x04c4  MBAMScheduler - ok
23:25:24.0430 0x04c4  MBAMService - ok
23:25:24.0445 0x04c4  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
23:25:24.0461 0x04c4  MBAMWebAccessControl - ok
23:25:24.0461 0x04c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:25:24.0477 0x04c4  Mcx2Svc - ok
23:25:24.0492 0x04c4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:25:24.0508 0x04c4  megasas - ok
23:25:24.0523 0x04c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:25:24.0539 0x04c4  MegaSR - ok
23:25:24.0555 0x04c4  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
23:25:24.0555 0x04c4  MEIx64 - ok
23:25:24.0570 0x04c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:25:24.0586 0x04c4  MMCSS - ok
23:25:24.0601 0x04c4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:25:24.0633 0x04c4  Modem - ok
23:25:24.0633 0x04c4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:25:24.0633 0x04c4  monitor - ok
23:25:24.0679 0x04c4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:25:24.0695 0x04c4  mouclass - ok
23:25:24.0711 0x04c4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:25:24.0711 0x04c4  mouhid - ok
23:25:24.0742 0x04c4  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:25:24.0757 0x04c4  mountmgr - ok
23:25:24.0820 0x04c4  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:25:24.0835 0x04c4  MozillaMaintenance - ok
23:25:24.0851 0x04c4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:25:24.0867 0x04c4  mpio - ok
23:25:24.0882 0x04c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:25:24.0913 0x04c4  mpsdrv - ok
23:25:24.0945 0x04c4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:25:24.0976 0x04c4  MpsSvc - ok
23:25:25.0007 0x04c4  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:25:25.0007 0x04c4  MRxDAV - ok
23:25:25.0054 0x04c4  [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:25:25.0069 0x04c4  mrxsmb - ok
23:25:25.0116 0x04c4  [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:25:25.0147 0x04c4  mrxsmb10 - ok
23:25:25.0179 0x04c4  [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:25:25.0179 0x04c4  mrxsmb20 - ok
23:25:25.0210 0x04c4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:25:25.0210 0x04c4  msahci - ok
23:25:25.0210 0x04c4  MSCamSvc - ok
23:25:25.0225 0x04c4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:25:25.0241 0x04c4  msdsm - ok
23:25:25.0257 0x04c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:25:25.0257 0x04c4  MSDTC - ok
23:25:25.0272 0x04c4  [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
23:25:25.0288 0x04c4  MSDV - ok
23:25:25.0288 0x04c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:25:25.0319 0x04c4  Msfs - ok
23:25:25.0319 0x04c4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:25:25.0350 0x04c4  mshidkmdf - ok
23:25:25.0366 0x04c4  [ 55218F924E55FD2786ED40EDF4ED79C3, C6000DE3A1FB526ECB77438A03F7212517CCD5E0CC9DDA07826865F8B980BEA0 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
23:25:25.0381 0x04c4  MSHUSBVideo - ok
23:25:25.0397 0x04c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:25:25.0397 0x04c4  msisadrv - ok
23:25:25.0428 0x04c4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:25:25.0444 0x04c4  MSiSCSI - ok
23:25:25.0444 0x04c4  msiserver - ok
23:25:25.0459 0x04c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:25:25.0475 0x04c4  MSKSSRV - ok
23:25:25.0491 0x04c4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:25:25.0506 0x04c4  MSPCLOCK - ok
23:25:25.0522 0x04c4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:25:25.0537 0x04c4  MSPQM - ok
23:25:25.0569 0x04c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:25:25.0584 0x04c4  MsRPC - ok
23:25:25.0600 0x04c4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:25:25.0600 0x04c4  mssmbios - ok
23:25:25.0615 0x04c4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:25:25.0631 0x04c4  MSTEE - ok
23:25:25.0662 0x04c4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:25:25.0662 0x04c4  MTConfig - ok
23:25:25.0678 0x04c4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:25:25.0678 0x04c4  Mup - ok
23:25:25.0709 0x04c4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:25:25.0740 0x04c4  napagent - ok
23:25:25.0756 0x04c4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:25:25.0771 0x04c4  NativeWifiP - ok
23:25:25.0803 0x04c4  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:25:25.0834 0x04c4  NDIS - ok
23:25:25.0849 0x04c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:25:25.0865 0x04c4  NdisCap - ok
23:25:25.0881 0x04c4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:25:25.0896 0x04c4  NdisTapi - ok
23:25:25.0912 0x04c4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:25:25.0927 0x04c4  Ndisuio - ok
23:25:25.0943 0x04c4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:25:25.0974 0x04c4  NdisWan - ok
23:25:25.0974 0x04c4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:25:26.0005 0x04c4  NDProxy - ok
23:25:26.0005 0x04c4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:25:26.0037 0x04c4  NetBIOS - ok
23:25:26.0068 0x04c4  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:25:26.0083 0x04c4  NetBT - ok
23:25:26.0115 0x04c4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon        C:\Windows\system32\lsass.exe
23:25:26.0115 0x04c4  Netlogon - ok
23:25:26.0146 0x04c4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:25:26.0177 0x04c4  Netman - ok
23:25:26.0208 0x04c4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:25:26.0224 0x04c4  NetMsmqActivator - ok
23:25:26.0224 0x04c4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:25:26.0224 0x04c4  NetPipeActivator - ok
23:25:26.0255 0x04c4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:25:26.0286 0x04c4  netprofm - ok
23:25:26.0286 0x04c4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:25:26.0302 0x04c4  NetTcpActivator - ok
23:25:26.0302 0x04c4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:25:26.0317 0x04c4  NetTcpPortSharing - ok
23:25:26.0333 0x04c4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:25:26.0333 0x04c4  nfrd960 - ok
23:25:26.0364 0x04c4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:25:26.0380 0x04c4  NlaSvc - ok
23:25:26.0380 0x04c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:25:26.0411 0x04c4  Npfs - ok
23:25:26.0411 0x04c4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:25:26.0442 0x04c4  nsi - ok
23:25:26.0442 0x04c4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:25:26.0473 0x04c4  nsiproxy - ok
23:25:26.0536 0x04c4  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:25:26.0567 0x04c4  Ntfs - ok
23:25:26.0583 0x04c4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:25:26.0598 0x04c4  Null - ok
23:25:26.0614 0x04c4  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:25:26.0629 0x04c4  NVHDA - ok
23:25:26.0941 0x04c4  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:25:27.0175 0x04c4  nvlddmkm - ok
23:25:27.0269 0x04c4  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:25:27.0300 0x04c4  NvNetworkService - ok
23:25:27.0300 0x04c4  nvpciflt - ok
23:25:27.0316 0x04c4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:25:27.0331 0x04c4  nvraid - ok
23:25:27.0347 0x04c4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:25:27.0347 0x04c4  nvstor - ok
23:25:27.0347 0x04c4  NvStreamSvc - ok
23:25:27.0378 0x04c4  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:25:27.0394 0x04c4  nvsvc - ok
23:25:27.0425 0x04c4  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
23:25:27.0425 0x04c4  nvvad_WaveExtensible - ok
23:25:27.0441 0x04c4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:25:27.0441 0x04c4  nv_agp - ok
23:25:27.0472 0x04c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:25:27.0472 0x04c4  ohci1394 - ok
23:25:27.0487 0x04c4  ose - ok
23:25:27.0487 0x04c4  osppsvc - ok
23:25:27.0519 0x04c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:25:27.0534 0x04c4  p2pimsvc - ok
23:25:27.0550 0x04c4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:25:27.0565 0x04c4  p2psvc - ok
23:25:27.0597 0x04c4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:25:27.0597 0x04c4  Parport - ok
23:25:27.0628 0x04c4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:25:27.0628 0x04c4  partmgr - ok
23:25:27.0628 0x04c4  PassThru Service - ok
23:25:27.0659 0x04c4  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:25:27.0675 0x04c4  PcaSvc - ok
23:25:27.0690 0x04c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:25:27.0706 0x04c4  pci - ok
23:25:27.0721 0x04c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:25:27.0721 0x04c4  pciide - ok
23:25:27.0753 0x04c4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:25:27.0753 0x04c4  pcmcia - ok
23:25:27.0768 0x04c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:25:27.0784 0x04c4  pcw - ok
23:25:27.0831 0x04c4  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:25:27.0862 0x04c4  PEAUTH - ok
23:25:27.0909 0x04c4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:25:27.0924 0x04c4  PerfHost - ok
23:25:27.0987 0x04c4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:25:28.0033 0x04c4  pla - ok
23:25:28.0080 0x04c4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:25:28.0111 0x04c4  PlugPlay - ok
23:25:28.0111 0x04c4  PnkBstrA - ok
23:25:28.0111 0x04c4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:25:28.0127 0x04c4  PNRPAutoReg - ok
23:25:28.0143 0x04c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:25:28.0158 0x04c4  PNRPsvc - ok
23:25:28.0221 0x04c4  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:25:28.0236 0x04c4  PolicyAgent - ok
23:25:28.0252 0x04c4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:25:28.0267 0x04c4  Power - ok
23:25:28.0299 0x04c4  [ 2679383C17C7A61C75347E496EEFC5DE, 4D092C548186D7C877806095CAF7CDFC94F66C1693B820BD5C6D702D67B37763 ] PPJoyBus        C:\Windows\system32\DRIVERS\PPJoyBus64.sys
23:25:28.0299 0x04c4  PPJoyBus - detected UnsignedFile.Multi.Generic ( 1 )
23:25:28.0470 0x04c4  Detect skipped due to KSN trusted
23:25:28.0470 0x04c4  PPJoyBus - ok
23:25:28.0501 0x04c4  [ 21BAC8DDC2EE0962DCFD417FFFAF0BA2, A198222CB1B60D894813055ABAACBB632008DD73099BC8676CCA8F8D83CC427C ] PPortJoystick   C:\Windows\system32\DRIVERS\PPortJoy64.sys
23:25:28.0501 0x04c4  PPortJoystick - detected UnsignedFile.Multi.Generic ( 1 )
23:25:28.0829 0x04c4  Detect skipped due to KSN trusted
23:25:28.0829 0x04c4  PPortJoystick - ok
23:25:28.0845 0x04c4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:25:28.0891 0x04c4  PptpMiniport - ok
23:25:28.0907 0x04c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
23:25:28.0907 0x04c4  Processor - ok
23:25:28.0938 0x04c4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:25:28.0954 0x04c4  ProfSvc - ok
23:25:28.0985 0x04c4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\Windows\system32\lsass.exe
23:25:29.0001 0x04c4  ProtectedStorage - ok
23:25:29.0016 0x04c4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:25:29.0047 0x04c4  Psched - ok
23:25:29.0047 0x04c4  PSI_SVC_2 - ok
23:25:29.0094 0x04c4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:25:29.0141 0x04c4  ql2300 - ok
23:25:29.0157 0x04c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:25:29.0157 0x04c4  ql40xx - ok
23:25:29.0188 0x04c4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:25:29.0203 0x04c4  QWAVE - ok
23:25:29.0203 0x04c4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:25:29.0219 0x04c4  QWAVEdrv - ok
23:25:29.0266 0x04c4  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
23:25:29.0297 0x04c4  RapiMgr - ok
23:25:29.0297 0x04c4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:25:29.0328 0x04c4  RasAcd - ok
23:25:29.0344 0x04c4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:25:29.0359 0x04c4  RasAgileVpn - ok
23:25:29.0375 0x04c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:25:29.0406 0x04c4  RasAuto - ok
23:25:29.0406 0x04c4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:25:29.0437 0x04c4  Rasl2tp - ok
23:25:29.0453 0x04c4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:25:29.0484 0x04c4  RasMan - ok
23:25:29.0484 0x04c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:25:29.0515 0x04c4  RasPppoe - ok
23:25:29.0515 0x04c4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:25:29.0547 0x04c4  RasSstp - ok
23:25:29.0562 0x04c4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:25:29.0593 0x04c4  rdbss - ok
23:25:29.0609 0x04c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
23:25:29.0609 0x04c4  rdpbus - ok
23:25:29.0625 0x04c4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:25:29.0656 0x04c4  RDPCDD - ok
23:25:29.0656 0x04c4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:25:29.0671 0x04c4  RDPENCDD - ok
23:25:29.0687 0x04c4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:25:29.0703 0x04c4  RDPREFMP - ok
23:25:29.0781 0x04c4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:25:29.0796 0x04c4  RdpVideoMiniport - ok
23:25:29.0859 0x04c4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:25:29.0874 0x04c4  RDPWD - ok
23:25:29.0890 0x04c4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:25:29.0890 0x04c4  rdyboost - ok
23:25:29.0937 0x04c4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:25:29.0968 0x04c4  RemoteAccess - ok
23:25:29.0983 0x04c4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:25:30.0015 0x04c4  RemoteRegistry - ok
23:25:30.0030 0x04c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:25:30.0046 0x04c4  RpcEptMapper - ok
23:25:30.0061 0x04c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:25:30.0077 0x04c4  RpcLocator - ok
23:25:30.0108 0x04c4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
23:25:30.0124 0x04c4  RpcSs - ok
23:25:30.0139 0x04c4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:25:30.0155 0x04c4  rspndr - ok
23:25:30.0186 0x04c4  [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:25:30.0202 0x04c4  RTL8167 - ok
23:25:30.0233 0x04c4  [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
23:25:30.0249 0x04c4  RTL8192su - ok
23:25:30.0264 0x04c4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs           C:\Windows\system32\lsass.exe
23:25:30.0264 0x04c4  SamSs - ok
23:25:30.0295 0x04c4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:25:30.0295 0x04c4  sbp2port - ok
23:25:30.0311 0x04c4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:25:30.0342 0x04c4  SCardSvr - ok
23:25:30.0342 0x04c4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:25:30.0373 0x04c4  scfilter - ok
23:25:30.0436 0x04c4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
23:25:30.0467 0x04c4  Schedule - ok
23:25:30.0498 0x04c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:25:30.0514 0x04c4  SCPolicySvc - ok
23:25:30.0529 0x04c4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:25:30.0545 0x04c4  SDRSVC - ok
23:25:30.0545 0x04c4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:25:30.0561 0x04c4  secdrv - ok
23:25:30.0576 0x04c4  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
23:25:30.0592 0x04c4  seclogon - ok
23:25:30.0592 0x04c4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
23:25:30.0623 0x04c4  SENS - ok
23:25:30.0639 0x04c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:25:30.0639 0x04c4  SensrSvc - ok
23:25:30.0654 0x04c4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:25:30.0654 0x04c4  Serenum - ok
23:25:30.0685 0x04c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:25:30.0685 0x04c4  Serial - ok
23:25:30.0701 0x04c4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:25:30.0717 0x04c4  sermouse - ok
23:25:30.0717 0x04c4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:25:30.0748 0x04c4  SessionEnv - ok
23:25:30.0763 0x04c4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:25:30.0779 0x04c4  sffdisk - ok
23:25:30.0795 0x04c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:25:30.0810 0x04c4  sffp_mmc - ok
23:25:30.0826 0x04c4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:25:30.0841 0x04c4  sffp_sd - ok
23:25:30.0857 0x04c4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:25:30.0873 0x04c4  sfloppy - ok
23:25:30.0904 0x04c4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:25:30.0951 0x04c4  SharedAccess - ok
23:25:30.0982 0x04c4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:25:31.0029 0x04c4  ShellHWDetection - ok
23:25:31.0044 0x04c4  [ 7799106FEE728B907A86D9C9751E02D5, EE85E8D3CF3819DB28221BFC103DE8DF0E14E1878CECF54E8CD8C161B0E0AF3C ] silabenm        C:\Windows\system32\DRIVERS\silabenm.sys
23:25:31.0060 0x04c4  silabenm - ok
23:25:31.0075 0x04c4  [ 300ACF1ABD7A8E6D5FA553CA462226EE, 2C35943FE55E43C05D490D87AE00981206167BAAFE1CB628011E9400F1A0F1D6 ] silabser        C:\Windows\system32\DRIVERS\silabser.sys
23:25:31.0091 0x04c4  silabser - ok
23:25:31.0091 0x04c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:25:31.0107 0x04c4  SiSRaid2 - ok
23:25:31.0122 0x04c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:25:31.0122 0x04c4  SiSRaid4 - ok
23:25:31.0138 0x04c4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:25:31.0169 0x04c4  Smb - ok
23:25:31.0185 0x04c4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:25:31.0185 0x04c4  SNMPTRAP - ok
23:25:31.0200 0x04c4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:25:31.0200 0x04c4  spldr - ok
23:25:31.0247 0x04c4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
23:25:31.0263 0x04c4  Spooler - ok
23:25:31.0356 0x04c4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:25:31.0434 0x04c4  sppsvc - ok
23:25:31.0465 0x04c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:25:31.0497 0x04c4  sppuinotify - ok
23:25:31.0528 0x04c4  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:25:31.0543 0x04c4  srv - ok
23:25:31.0575 0x04c4  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:25:31.0590 0x04c4  srv2 - ok
23:25:31.0606 0x04c4  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:25:31.0621 0x04c4  srvnet - ok
23:25:31.0621 0x04c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:25:31.0653 0x04c4  SSDPSRV - ok
23:25:31.0668 0x04c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:25:31.0699 0x04c4  SstpSvc - ok
23:25:31.0777 0x04c4  [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:25:31.0793 0x04c4  Stereo Service - ok
23:25:31.0809 0x04c4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:25:31.0824 0x04c4  stexstor - ok
23:25:31.0855 0x04c4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:25:31.0887 0x04c4  stisvc - ok
23:25:31.0902 0x04c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:25:31.0902 0x04c4  swenum - ok
23:25:31.0933 0x04c4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:25:31.0965 0x04c4  swprv - ok
23:25:32.0074 0x04c4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
23:25:32.0105 0x04c4  SysMain - ok
23:25:32.0121 0x04c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:25:32.0136 0x04c4  TabletInputService - ok
23:25:32.0152 0x04c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:25:32.0183 0x04c4  TapiSrv - ok
23:25:32.0245 0x04c4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:25:32.0292 0x04c4  Tcpip - ok
23:25:32.0370 0x04c4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:25:32.0417 0x04c4  TCPIP6 - ok
23:25:32.0433 0x04c4  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:25:32.0433 0x04c4  tcpipreg - ok
23:25:32.0464 0x04c4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:25:32.0464 0x04c4  TDPIPE - ok
23:25:32.0479 0x04c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:25:32.0495 0x04c4  TDTCP - ok
23:25:32.0511 0x04c4  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:25:32.0526 0x04c4  tdx - ok
23:25:32.0745 0x04c4  [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
23:25:32.0885 0x04c4  TeamViewer - ok
23:25:32.0916 0x04c4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:25:32.0932 0x04c4  TermDD - ok
23:25:32.0979 0x04c4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:25:33.0010 0x04c4  TermService - ok
23:25:33.0010 0x04c4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:25:33.0025 0x04c4  Themes - ok
23:25:33.0057 0x04c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:25:33.0072 0x04c4  THREADORDER - ok
23:25:33.0088 0x04c4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:25:33.0103 0x04c4  TrkWks - ok
23:25:33.0150 0x04c4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:25:33.0197 0x04c4  TrustedInstaller - ok
23:25:33.0213 0x04c4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:25:33.0228 0x04c4  tssecsrv - ok
23:25:33.0259 0x04c4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:25:33.0275 0x04c4  TsUsbFlt - ok
23:25:33.0306 0x04c4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:25:33.0306 0x04c4  TsUsbGD - ok
23:25:33.0322 0x04c4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:25:33.0353 0x04c4  tunnel - ok
23:25:33.0369 0x04c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:25:33.0369 0x04c4  uagp35 - ok
23:25:33.0384 0x04c4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:25:33.0415 0x04c4  udfs - ok
23:25:33.0431 0x04c4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:25:33.0447 0x04c4  UI0Detect - ok
23:25:33.0462 0x04c4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:25:33.0462 0x04c4  uliagpkx - ok
23:25:33.0478 0x04c4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:25:33.0493 0x04c4  umbus - ok
23:25:33.0509 0x04c4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:25:33.0509 0x04c4  UmPass - ok
23:25:33.0509 0x04c4  UNS - ok
23:25:33.0540 0x04c4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:25:33.0571 0x04c4  upnphost - ok
23:25:33.0587 0x04c4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:25:33.0603 0x04c4  USBAAPL64 - ok
23:25:33.0634 0x04c4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:25:33.0634 0x04c4  usbaudio - ok
23:25:33.0649 0x04c4  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
23:25:33.0665 0x04c4  usbccgp - ok
23:25:33.0696 0x04c4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:25:33.0696 0x04c4  usbcir - ok
23:25:33.0727 0x04c4  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:25:33.0743 0x04c4  usbehci - ok
23:25:33.0805 0x04c4  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
23:25:33.0821 0x04c4  usbhub - ok
23:25:33.0837 0x04c4  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:25:33.0852 0x04c4  usbohci - ok
23:25:33.0868 0x04c4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:25:33.0868 0x04c4  usbprint - ok
23:25:33.0915 0x04c4  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
23:25:33.0915 0x04c4  usbser - ok
23:25:33.0946 0x04c4  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:25:33.0946 0x04c4  USBSTOR - ok
23:25:33.0977 0x04c4  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:25:33.0993 0x04c4  usbuhci - ok
23:25:34.0024 0x04c4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:25:34.0039 0x04c4  usbvideo - ok
23:25:34.0071 0x04c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:25:34.0102 0x04c4  UxSms - ok
23:25:34.0102 0x04c4  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc        C:\Windows\system32\lsass.exe
23:25:34.0117 0x04c4  VaultSvc - ok
23:25:34.0133 0x04c4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:25:34.0133 0x04c4  vdrvroot - ok
23:25:34.0164 0x04c4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:25:34.0195 0x04c4  vds - ok
23:25:34.0211 0x04c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:25:34.0211 0x04c4  vga - ok
23:25:34.0227 0x04c4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:25:34.0258 0x04c4  VgaSave - ok
23:25:34.0273 0x04c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:25:34.0289 0x04c4  vhdmp - ok
23:25:34.0305 0x04c4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:25:34.0320 0x04c4  viaide - ok
23:25:34.0336 0x04c4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:25:34.0336 0x04c4  volmgr - ok
23:25:34.0351 0x04c4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:25:34.0367 0x04c4  volmgrx - ok
23:25:34.0383 0x04c4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:25:34.0398 0x04c4  volsnap - ok
23:25:34.0429 0x04c4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:25:34.0445 0x04c4  vsmraid - ok
23:25:34.0476 0x04c4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:25:34.0539 0x04c4  VSS - ok
23:25:34.0539 0x04c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:25:34.0554 0x04c4  vwifibus - ok
23:25:34.0570 0x04c4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:25:34.0585 0x04c4  vwififlt - ok
23:25:34.0601 0x04c4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:25:34.0617 0x04c4  vwifimp - ok
23:25:34.0632 0x04c4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:25:34.0663 0x04c4  W32Time - ok
23:25:34.0679 0x04c4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:25:34.0695 0x04c4  WacomPen - ok
23:25:34.0710 0x04c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:25:34.0741 0x04c4  WANARP - ok
23:25:34.0741 0x04c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:25:34.0773 0x04c4  Wanarpv6 - ok
23:25:34.0835 0x04c4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:25:34.0866 0x04c4  WatAdminSvc - ok
23:25:34.0897 0x04c4  [ 261A725F8ACEDDA695C7FFF6D6EDE6B5, 7DE18FDD707F073909FC990F6755CBF562020B6F3D5C698D90C7907EE0F3B420 ] watchmi         C:\Program Files (x86)\watchmi\TvdService.exe
23:25:34.0897 0x04c4  watchmi - detected UnsignedFile.Multi.Generic ( 1 )
23:25:35.0038 0x04c4  Detect skipped due to KSN trusted
23:25:35.0038 0x04c4  watchmi - ok
23:25:35.0100 0x04c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:25:35.0131 0x04c4  wbengine - ok
23:25:35.0147 0x04c4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:25:35.0163 0x04c4  WbioSrvc - ok
23:25:35.0194 0x04c4  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
23:25:35.0209 0x04c4  WcesComm - ok
23:25:35.0225 0x04c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:25:35.0241 0x04c4  wcncsvc - ok
23:25:35.0256 0x04c4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:25:35.0256 0x04c4  WcsPlugInService - ok
23:25:35.0287 0x04c4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
23:25:35.0287 0x04c4  Wd - ok
23:25:35.0350 0x04c4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:25:35.0381 0x04c4  Wdf01000 - ok
23:25:35.0412 0x04c4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:25:35.0428 0x04c4  WdiServiceHost - ok
23:25:35.0428 0x04c4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:25:35.0443 0x04c4  WdiSystemHost - ok
23:25:35.0475 0x04c4  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
23:25:35.0490 0x04c4  WebClient - ok
23:25:35.0506 0x04c4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:25:35.0537 0x04c4  Wecsvc - ok
23:25:35.0553 0x04c4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:25:35.0568 0x04c4  wercplsupport - ok
23:25:35.0584 0x04c4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:25:35.0599 0x04c4  WerSvc - ok
23:25:35.0631 0x04c4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:25:35.0662 0x04c4  WfpLwf - ok
23:25:35.0677 0x04c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:25:35.0677 0x04c4  WIMMount - ok
23:25:35.0709 0x04c4  WinDefend - ok
23:25:35.0709 0x04c4  WinHttpAutoProxySvc - ok
23:25:35.0755 0x04c4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:25:35.0787 0x04c4  Winmgmt - ok
23:25:35.0865 0x04c4  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:25:35.0896 0x04c4  WinRM - ok
23:25:35.0958 0x04c4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUsb.sys
23:25:35.0974 0x04c4  WinUSB - ok
23:25:36.0021 0x04c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:25:36.0036 0x04c4  Wlansvc - ok
23:25:36.0052 0x04c4  wlcrasvc - ok
23:25:36.0052 0x04c4  wlidsvc - ok
23:25:36.0067 0x04c4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:25:36.0067 0x04c4  WmiAcpi - ok
23:25:36.0099 0x04c4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:25:36.0114 0x04c4  wmiApSrv - ok
23:25:36.0130 0x04c4  WMPNetworkSvc - ok
23:25:36.0130 0x04c4  WMZuneComm - ok
23:25:36.0130 0x04c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:25:36.0145 0x04c4  WPCSvc - ok
23:25:36.0145 0x04c4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:25:36.0161 0x04c4  WPDBusEnum - ok
23:25:36.0177 0x04c4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:25:36.0192 0x04c4  ws2ifsl - ok
23:25:36.0208 0x04c4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
23:25:36.0223 0x04c4  wscsvc - ok
23:25:36.0223 0x04c4  WSearch - ok
23:25:36.0255 0x04c4  [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
23:25:36.0255 0x04c4  wsvd - ok
23:25:36.0348 0x04c4  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:25:36.0411 0x04c4  wuauserv - ok
23:25:36.0473 0x04c4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:25:36.0489 0x04c4  WudfPf - ok
23:25:36.0504 0x04c4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:25:36.0520 0x04c4  WUDFRd - ok
23:25:36.0551 0x04c4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:25:36.0582 0x04c4  wudfsvc - ok
23:25:36.0629 0x04c4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:25:36.0645 0x04c4  WwanSvc - ok
23:25:36.0660 0x04c4  ZuneNetworkSvc - ok
23:25:36.0660 0x04c4  ZuneWlanCfgSvc - ok
23:25:36.0660 0x04c4  ================ Scan global ===============================
23:25:36.0723 0x04c4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:25:36.0769 0x04c4  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
23:25:36.0785 0x04c4  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
23:25:36.0785 0x04c4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:25:36.0832 0x04c4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:25:36.0847 0x04c4  [ Global ] - ok
23:25:36.0847 0x04c4  ================ Scan MBR ==================================
23:25:36.0847 0x04c4  [ 753CA1D394F3C0855134963D7361060F ] \Device\Harddisk0\DR0
23:25:38.0610 0x04c4  \Device\Harddisk0\DR0 - ok
23:25:38.0626 0x04c4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:25:38.0891 0x04c4  \Device\Harddisk1\DR1 - ok
23:25:38.0907 0x04c4  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk5\DR12
23:25:39.0047 0x04c4  \Device\Harddisk5\DR12 - ok
23:25:39.0047 0x04c4  ================ Scan VBR ==================================
23:25:39.0047 0x04c4  [ EBF48FF7D3EF6FFED6E8C9EDE3A0ECBE ] \Device\Harddisk0\DR0\Partition1
23:25:39.0047 0x04c4  \Device\Harddisk0\DR0\Partition1 - ok
23:25:39.0047 0x04c4  [ 723B1384481DF8BCF39370C73915C3B3 ] \Device\Harddisk0\DR0\Partition2
23:25:39.0047 0x04c4  \Device\Harddisk0\DR0\Partition2 - ok
23:25:39.0063 0x04c4  [ 321024554349D673DA11DF6C854568BF ] \Device\Harddisk0\DR0\Partition3
23:25:39.0063 0x04c4  \Device\Harddisk0\DR0\Partition3 - ok
23:25:39.0063 0x04c4  [ 66312B2F56616FEA51833A772C227B05 ] \Device\Harddisk1\DR1\Partition1
23:25:39.0063 0x04c4  \Device\Harddisk1\DR1\Partition1 - ok
23:25:39.0063 0x04c4  [ 822F0FB99005C9350BDAADDA1853A3EB ] \Device\Harddisk5\DR12\Partition1
23:25:39.0063 0x04c4  \Device\Harddisk5\DR12\Partition1 - ok
23:25:39.0063 0x04c4  ================ Scan generic autorun ======================
23:25:39.0187 0x04c4  [ EE73B56ED71EB6383F25FA5468923BB2, 0A13F25C55D97A3F86766BED449265514147D41ABB392C9451B9FB070EC7E8E4 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:25:39.0234 0x04c4  NvBackend - ok
23:25:39.0250 0x04c4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
23:25:39.0250 0x04c4  ShadowPlay - ok
23:25:39.0250 0x04c4  Malwarebytes Anti-Exploit - ok
23:25:39.0343 0x04c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:25:39.0375 0x04c4  Sidebar - ok
23:25:39.0406 0x04c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:25:39.0437 0x04c4  mctadmin - ok
23:25:39.0499 0x04c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:25:39.0531 0x04c4  Sidebar - ok
23:25:39.0531 0x04c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:25:39.0546 0x04c4  mctadmin - ok
23:25:39.0827 0x04c4  [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
23:25:39.0936 0x04c4  Amazon Music - ok
23:25:40.0045 0x04c4  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
23:25:40.0061 0x04c4  Dropbox Update - ok
23:25:40.0061 0x04c4  GarminExpressTrayApp - ok
23:25:40.0123 0x04c4  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Helli\AppData\Local\Microsoft\OneDrive\OneDrive.exe
23:25:40.0139 0x04c4  OneDrive - ok
23:25:40.0233 0x04c4  [ D871A58A7DB7B8D4E78D844BADF6931B, 41C34B1322D54F11DD99BF9B64B2BD9FCFB2916017A0EE4BD1025EC6FF7F969E ] C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe
23:25:40.0264 0x04c4  Spotify Web Helper - ok
23:25:40.0279 0x04c4  Sidebar - ok
23:25:40.0279 0x04c4  swg - ok
23:25:40.0279 0x04c4  Waiting for KSN requests completion. In queue: 97
23:25:41.0309 0x04c4  Win FW state via NFP2: enabled ( trusted )
23:25:41.0434 0x04c4  ============================================================
23:25:41.0434 0x04c4  Scan finished
23:25:41.0434 0x04c4  ============================================================
23:25:41.0434 0x08f4  Detected object count: 0
23:25:41.0434 0x08f4  Actual detected object count: 0

cosinus · 19.11.2016, 23:55

jup

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Helli1965 · 20.11.2016, 09:01

Code:

ATTFilter

# AdwCleaner v6.030 - Bericht erstellt am 20/11/2016 um 08:49:09
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-19.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Helli - HELLI-PC
# Gestartet von : C:\Users\Helli\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901\invalidprefs.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{855F23A3-17CE-4EA3-A24D-5D2863A21EE4}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6F0DFDD-AEC3-4BBD-BF1-F2BE416B6656}


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock2 - Gelöscht C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
:: Winsock2 - Gelöscht C:\Program Files (x86)\Bonjour\mdnsNSP.dll
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1512 Bytes] - [20/11/2016 08:49:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [1631 Bytes] - [20/11/2016 08:48:05]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1658 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Helli (Administrator) on 20.11.2016 at  8:56:43,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 11 

Successfully deleted: C:\Users\Helli\AppData\Local\{5637D19E-57DD-44AB-9000-7AF1F0AA9FEC} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Local\{813CD780-1B5D-4959-B2B3-0E0B40C21D2F} (Empty Folder)
Successfully deleted: C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901\user.js (File) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24RU0ONQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YZOV935 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BBLXW4E7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Helli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU6HY4CR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24RU0ONQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YZOV935 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BBLXW4E7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU6HY4CR (Temporary Internet Files Folder) 



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.11.2016 at  9:00:57,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus · 20.11.2016, 17:55

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

Helli1965 · 20.11.2016, 20:28

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016
durchgeführt von Helli (Administrator) auf HELLI-PC (20-11-2016 20:05:05)
Gestartet von C:\Users\Helli\Desktop
Geladene Profile: Helli (Verfügbare Profile: Helli & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dropbox, Inc.) C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Spotify Ltd) C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Amazon Music] => C:\Users\Helli\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Dropbox Update] => C:\Users\Helli\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\Run: [Spotify Web Helper] => C:\Users\Helli\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-10-27] (Spotify Ltd)
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {a7d6756a-2742-11e1-ab8c-8c89a56d6ec7} - F:\Startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {ae8179f2-85a7-11e3-8bbf-8c89a56d6ec7} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {b8c3669f-1ccf-11e6-bc6b-8c89a56d6ec7} - F:\startme.exe
HKU\S-1-5-21-2067386785-177352631-409754499-1002\...\MountPoints2: {f5a8b434-910a-11e1-a003-8c89a56d6ec7} - I:\Startme.exe
HKU\S-1-5-18\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helli\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
Startup: C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Helli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Keine Datei 
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => Keine Datei
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL => Keine Datei
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => Keine Datei
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll => Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL => Keine Datei
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll => Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll Keine Datei
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll Keine Datei
Toolbar: HKU\S-1-5-21-2067386785-177352631-409754499-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll Keine Datei
DPF: HKLM-x32 {DF2F1634-A3AA-4E1B-9945-13F2BC455C0C} hxxp://at.sc12.greentube.com/xsl_gamebase/_magic/game_loader/ActiveXInstaller1.2.cab
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\myMugle\Skype4COM.dll [2009-10-29] (Skype Technologies)
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Keine Datei

FireFox:
========
FF DefaultProfile: lhzyh3cl.default-1471875564901
FF ProfilePath: C:\Users\Helli\AppData\Roaming\Mozilla\Sunbird\Profiles\m4o8ug72.default [2016-05-18]
FF Extension: (FoxyDeal) - C:\Users\Helli\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-01-25] [ist nicht signiert]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Mozilla Sunbird\extensions\calendar-timezones@mozilla.org [2012-05-18] [ist nicht signiert]
FF Extension: (Lightning stub extension for Sunbird) - C:\Program Files (x86)\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [2012-05-18] [ist nicht signiert]
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2067386785-177352631-409754499-1002\FireFox [2016-11-19]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-2067386785-177352631-409754499-1002\FireFox\user.js [2016-10-24]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [nicht gefunden]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [nicht gefunden]
FF ProfilePath: C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901 [2016-11-20]
FF Extension: (eBay für Firefox) - C:\Users\Helli\AppData\Roaming\Mozilla\Firefox\Profiles\lhzyh3cl.default-1471875564901\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2016-10-22]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei]
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [Keine Datei]
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [Keine Datei]
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Helli\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2067386785-177352631-409754499-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.kappes-helmut.de/"
CHR Profile: C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default [2016-11-06]
CHR Extension: (Google Cast) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-04-29]
CHR Extension: (Musik Songs Spieler) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdenlcnfdjepagejpfajlkicggieknab [2016-01-17]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2016-01-17]
CHR Extension: (Kaspersky Protection) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-12-11]
CHR Extension: (Streaming Media Player) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggnklnmaecfofafepejcjcjkcohgcfb [2016-01-17]
CHR Extension: (Media Player for YouTube™) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\moebmmkeehmohghiialcoemcmebekbap [2016-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Helli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-06]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2012-02-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert]
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S2 Apple Mobile Device Service; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]
S2 AVP15.0.1; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe" -r [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S2 Garmin Device Interaction Service; "C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
S2 HTCMonitorService; "C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe" [X]
S2 IAStorDataMgrSvc; "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [X]
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [X]
S2 MbaeSvc; "C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe" [X]
S2 MBAMScheduler; "C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe" [X]
S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" [X]
S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [X]
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [X]
S2 PSI_SVC_2; "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [X]
S2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [X]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
S2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
S2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X]
S3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X]
S3 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-05] (www.winchiphead.com)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-29] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-29] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PPJoyBus; C:\Windows\System32\DRIVERS\PPJoyBus64.sys [20024 2010-02-20] (Deon van der Westhuysen)
S3 PPortJoystick; C:\Windows\System32\DRIVERS\PPortJoy64.sys [39992 2010-02-20] (Deon van der Westhuysen)
S1 ESProtectionDriver; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [X]
S0 nvpciflt; system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-20 20:05 - 2016-11-20 20:06 - 00027211 _____ C:\Users\Helli\Desktop\FRST.txt
2016-11-20 20:03 - 2016-11-20 20:03 - 02413056 _____ (Farbar) C:\Users\Helli\Desktop\FRST64.exe
2016-11-20 20:03 - 2016-11-20 20:03 - 00000000 ____D C:\Users\Helli\Desktop\FRST-OlderVersion
2016-11-20 20:02 - 2016-11-20 20:02 - 00000000 ___HD C:\OneDriveTemp
2016-11-20 09:00 - 2016-11-20 09:00 - 00002481 _____ C:\Users\Helli\Desktop\JRT.txt
2016-11-20 08:56 - 2016-11-19 23:59 - 01631928 _____ (Malwarebytes) C:\Users\Helli\Desktop\JRT.exe
2016-11-20 08:44 - 2016-11-20 08:49 - 00000000 ____D C:\AdwCleaner
2016-11-20 08:44 - 2016-11-19 23:58 - 03910208 _____ C:\Users\Helli\Desktop\AdwCleaner_6.030.exe
2016-11-19 23:24 - 2016-11-19 23:26 - 00207482 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_23.24.51_log.txt
2016-11-19 21:25 - 2016-11-19 21:25 - 00103277 _____ C:\Users\Helli\Documents\tdsskiller.txt
2016-11-19 21:01 - 2016-11-19 23:24 - 00607268 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_21.01.11_log.txt
2016-11-19 21:01 - 2016-11-19 19:56 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Helli\Desktop\tdsskiller.exe
2016-11-19 20:02 - 2016-11-19 21:00 - 00000000 ____D C:\Users\Helli\Desktop\mbar
2016-11-19 20:02 - 2016-11-19 19:56 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Helli\Desktop\mbar-1.09.3.1001.exe
2016-11-19 18:16 - 2016-11-19 18:16 - 00000000 ____D C:\Program Files\CCleaner
2016-11-19 17:00 - 2016-11-20 20:05 - 00000000 ____D C:\FRST
2016-11-14 19:18 - 2016-11-19 18:42 - 01188562 _____ C:\Windows\ntbtlog.txt
2016-11-14 08:28 - 2016-11-14 08:28 - 00003536 ____N C:\bootsqm.dat
2016-11-14 08:25 - 2016-11-14 08:25 - 00000000 __SHD C:\found.000
2016-11-10 21:55 - 2016-11-10 21:55 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 21:06 - 2016-11-10 22:01 - 1918497831 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e03.108-pret.mkv
2016-11-10 08:53 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-10 08:53 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-10 08:53 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-10 08:53 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-10 08:53 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-10 08:53 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-10 08:53 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-10 08:53 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-10 08:53 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-10 08:53 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-10 08:53 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-10 08:53 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-10 08:53 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-10 08:53 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-10 08:53 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-10 08:53 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-10 08:53 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-10 08:53 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-10 08:53 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-10 08:53 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-10 08:53 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-10 08:53 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-10 08:53 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-10 08:53 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-10 08:53 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-10 08:53 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-10 08:53 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-10 08:53 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-10 08:53 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-10 08:53 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-10 08:53 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-10 08:53 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-10 08:53 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-10 08:53 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-10 08:53 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-10 08:53 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-10 08:53 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-10 08:53 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-10 08:53 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-10 08:53 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-10 08:53 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-10 08:53 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-10 08:53 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-10 08:53 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-10 08:53 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-10 08:53 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-10 08:53 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-10 08:53 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-10 08:53 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-10 08:53 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-10 08:53 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-10 08:53 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-10 08:53 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-10 08:53 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-10 08:53 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-10 08:53 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-10 08:53 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-10 08:53 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-10 08:53 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-10 08:53 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-10 08:53 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-10 08:53 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-10 08:53 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-10 08:53 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-10 08:53 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-10 08:53 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-10 08:53 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-10 08:53 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-10 08:53 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-10 08:53 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-10 08:53 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-10 08:53 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-10 08:53 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-10 08:53 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-10 08:53 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-10 08:53 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-10 08:53 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-10 08:53 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-10 08:53 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-10 08:53 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-10 08:53 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-10 08:53 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-10 08:53 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-10 08:53 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-10 08:53 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-10 08:53 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-10 08:53 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-10 08:53 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-10 08:53 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-10 08:53 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-10 08:53 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-10 08:53 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-10 08:53 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-10 08:53 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-10 08:53 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-10 08:53 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-10 08:52 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-10 08:52 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-10 08:52 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-10 08:52 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-10 08:52 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-10 08:52 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-10 08:52 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-10 08:52 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-10 08:52 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-10 08:52 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-10 08:52 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-10 08:52 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-10 08:52 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-10 08:52 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-10 08:52 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-10 08:52 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-10 08:52 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-10 08:52 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-10 08:52 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-10 08:52 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-10 08:52 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-10 08:52 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-10 08:52 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-10 08:52 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-10 08:52 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-10 08:52 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-10 08:52 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-10 08:52 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-10 08:52 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-10 08:52 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-10 08:52 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-10 08:52 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-07 19:30 - 2016-11-07 19:30 - 00002148 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-07 19:30 - 2016-11-07 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-05 16:39 - 2016-11-05 17:40 - 2068406120 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e02.108-pret.mkv
2016-11-05 16:07 - 2016-11-20 15:17 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399.job
2016-11-05 16:07 - 2016-11-16 08:17 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a.job
2016-11-05 16:07 - 2016-11-10 08:12 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d2377664e84399
2016-11-05 16:07 - 2016-11-10 08:12 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d237766462f68a
2016-11-05 16:05 - 2016-11-05 16:05 - 00001894 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2016-11-05 16:05 - 2016-11-05 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-02 18:16 - 2016-11-02 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-30 19:02 - 2016-10-30 19:02 - 00363536 _____ C:\Users\Helli\Documents\cc_20161030_190224.reg
2016-10-30 15:51 - 2016-10-30 15:52 - 08270712 _____ (Piriform Ltd) C:\Users\Helli\Downloads\ccsetup523.exe
2016-10-29 23:43 - 2016-11-20 15:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-29 23:43 - 2016-11-08 20:25 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-29 23:43 - 2016-11-08 20:25 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-29 23:43 - 2016-11-08 20:25 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-29 14:57 - 2016-10-29 15:06 - 254404960 _____ C:\Users\Helli\Downloads\ALDI_Bestellsoftware_Installation(2).exe
2016-10-29 14:56 - 2016-10-29 15:04 - 254404960 _____ C:\Users\Helli\Downloads\ALDI_Bestellsoftware_Installation(1).exe
2016-10-27 19:23 - 2016-10-27 20:24 - 2086650489 _____ C:\Users\Helli\Downloads\wakin.dead.s07.e01.108-pret.mkv
2016-10-24 17:18 - 2016-10-29 13:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\5E2D5B40.sys
2016-10-24 16:49 - 2016-11-14 08:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-20 20:02 - 2016-07-29 11:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e983194f2e77.job
2016-11-20 20:02 - 2015-10-26 18:11 - 00000000 ___RD C:\Users\Helli\OneDrive
2016-11-20 20:02 - 2014-10-11 11:31 - 00000000 ___RD C:\Users\Helli\Dropbox
2016-11-20 20:01 - 2011-09-05 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-20 20:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-20 15:28 - 2016-07-29 11:23 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002UA1d1e98342edc9ba.job
2016-11-20 15:27 - 2016-07-29 11:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1e98319e7493f.job
2016-11-20 15:03 - 2009-07-14 05:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-20 15:03 - 2009-07-14 05:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-20 12:28 - 2016-07-29 11:23 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2067386785-177352631-409754499-1002Core1d1e983426cd0ca.job
2016-11-20 08:42 - 2009-07-14 05:45 - 00504112 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-19 21:00 - 2016-08-11 13:46 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-19 20:04 - 2011-05-16 15:04 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-11-19 20:04 - 2011-05-16 15:04 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-11-19 20:04 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-19 20:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-19 20:03 - 2015-01-10 12:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-19 20:02 - 2014-11-23 16:22 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-19 19:53 - 2012-10-05 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
2016-11-19 19:53 - 2012-10-05 16:36 - 00000000 ____D C:\Windows\Downloaded Installations
2016-11-19 18:23 - 2012-10-12 19:11 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-19 18:16 - 2013-08-20 16:21 - 00000786 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-19 18:08 - 2016-01-21 13:43 - 00000000 ____D C:\Users\Helli\AppData\Local\Spotify
2016-11-19 18:08 - 2016-01-21 13:42 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Spotify
2016-11-14 08:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-14 07:57 - 2013-01-11 17:11 - 00000000 ____D C:\CS_2.0_GR_Extras_1
2016-11-13 20:41 - 2011-12-01 20:12 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-11-13 16:25 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-11-13 16:24 - 2014-01-25 15:30 - 00000000 ____D C:\Users\Helli\AppData\Local\HTC MediaHub
2016-11-13 14:42 - 2014-01-06 18:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Audacity
2016-11-13 14:26 - 2012-01-23 09:30 - 00000000 ____D C:\temp
2016-11-10 22:50 - 2013-07-19 15:25 - 00000000 ____D C:\Windows\system32\MRT
2016-11-10 22:25 - 2011-07-18 21:31 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-10 21:56 - 2014-10-11 11:28 - 00000000 ____D C:\Users\Helli\AppData\Roaming\Dropbox
2016-11-08 20:25 - 2012-04-25 19:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 20:25 - 2011-07-18 22:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-07 12:20 - 2014-12-31 15:42 - 00000000 ____D C:\Users\Helli\Documents\ASV 2015
2016-11-07 12:20 - 2014-12-31 15:07 - 00000000 ____D C:\Users\Helli\Documents\ASV 2014
2016-11-07 10:55 - 2014-12-31 15:11 - 00000000 ____D C:\Users\Helli\Documents\ASV 2013
2016-11-07 10:49 - 2014-12-31 15:15 - 00000000 ____D C:\Users\Helli\Documents\ASV 2012
2016-11-07 10:48 - 2015-01-02 10:35 - 00000000 ____D C:\Users\Helli\Documents\ASV 2011
2016-11-07 10:41 - 2015-08-28 20:54 - 00000000 ____D C:\Users\Helli\Wlan_Atheros_Win7_64_VER920514
2016-11-06 14:33 - 2016-01-21 14:25 - 00000000 ____D C:\Users\Helli\Documents\ASV 2016
2016-11-05 16:10 - 2013-03-28 15:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-05 16:05 - 2015-02-24 09:40 - 00003552 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2016-11-03 11:25 - 2012-05-03 19:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-02 21:18 - 2012-10-12 19:11 - 00000000 ____D C:\Users\Helli\AppData\Roaming\TeamViewer
2016-11-02 20:19 - 2016-01-23 17:32 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-11-02 20:19 - 2016-01-23 17:32 - 00000963 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-11-02 18:16 - 2011-12-02 20:58 - 00000000 ____D C:\Users\Gast
2016-10-30 18:08 - 2012-08-24 09:46 - 00000000 ____D C:\Windows\Minidump
2016-10-29 23:42 - 2011-12-01 21:14 - 00000000 ____D C:\Users\Helli\AppData\Local\Adobe
2016-10-29 23:21 - 2011-12-31 12:44 - 00001155 _____ C:\Users\Public\Desktop\ALDI Bestellsoftware.lnk
2016-10-29 13:37 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-10-27 19:37 - 2015-01-10 12:22 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-27 19:37 - 2015-01-10 12:22 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-26 17:29 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-24 17:31 - 2012-01-12 12:50 - 00000000 ____D C:\Users\Helli\Documents\Corel User Files
2016-10-24 17:26 - 2014-02-16 19:07 - 00000000 ____D C:\ProgramData\HeloCut5
2016-10-22 19:56 - 2012-02-10 08:05 - 00000000 ___RD C:\Users\Helli\Podcasts
2016-10-22 19:48 - 2014-12-11 19:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-22 19:48 - 2014-05-06 21:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-22 19:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-22 19:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-10 20:39 - 2015-04-20 18:22 - 0000352 _____ () C:\Users\Helli\AppData\Roaming\dpdhl.versandhelfer_state.xml
2013-06-09 12:20 - 2014-05-03 15:18 - 0000293 _____ () C:\Users\Helli\AppData\Roaming\FotoSketcher.ini
2014-04-13 21:22 - 2016-07-07 16:15 - 0007253 _____ () C:\Users\Helli\AppData\Roaming\HELLI-PC.MTBF.txt
2014-04-13 21:22 - 2016-07-07 16:46 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManager.log
2014-04-13 21:22 - 2016-05-21 15:17 - 0001132 _____ () C:\Users\Helli\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-09-04 17:56 - 2013-09-04 17:56 - 0139076 _____ () C:\Users\Helli\AppData\Local\ars.cache
2013-09-04 17:56 - 2013-09-04 17:56 - 0266054 _____ () C:\Users\Helli\AppData\Local\census.cache
2012-01-13 09:47 - 2016-08-10 06:48 - 0062464 _____ () C:\Users\Helli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-04 17:33 - 2013-09-04 17:33 - 0000036 _____ () C:\Users\Helli\AppData\Local\housecall.guid.cache
2014-05-05 11:27 - 2014-05-05 11:27 - 0000218 _____ () C:\Users\Helli\AppData\Local\recently-used.xbel
2012-08-26 16:33 - 2013-01-04 22:10 - 0007605 _____ () C:\Users\Helli\AppData\Local\resmon.resmoncfg
2015-09-01 20:39 - 2015-09-05 14:15 - 0061736 _____ () C:\Users\Helli\AppData\Local\Silberhochzeit.ssp
2015-12-26 19:53 - 2015-12-26 19:53 - 0000000 _____ () C:\Users\Helli\AppData\Local\{69DDDAC2-65A2-46F4-8809-D2D44F7A8F31}
2012-01-25 16:19 - 2014-12-14 15:51 - 0000166 ___SH () C:\ProgramData\.zreglib
2015-06-23 19:08 - 2015-06-23 19:08 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-02-12 20:25 - 2014-01-19 20:01 - 0004430 _____ () C:\ProgramData\__FileUploader.log

Einige Dateien in TEMP:
====================
C:\Users\Helli\AppData\Local\Temp\libeay32.dll
C:\Users\Helli\AppData\Local\Temp\msvcr120.dll
C:\Users\Helli\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-09 18:08

==================== Ende von FRST.txt ============================

20.11.2016, 17:55	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Win7 lädt fast keine Programme und findet nichts mehr. [gelöst] Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken __________________ Logfiles bitte immer in CODE-Tags posten

Win7 lädt fast keine Programme und findet nichts mehr.

Alles rund um Windows: Win7 lädt fast keine Programme und findet nichts mehr.

Problem: Win7 lädt fast keine Programme und findet nichts mehr.