Hallo Gemeinde,

leider ist es passiert - da meint´s jemand gut und dann geht´s schief. Der Anhang einer Spam-Mail war verseucht und wurde am 27.12.2016 geöffnet. Lt. Bediener ging die Datei aber nicht auf, es war nur ein kurzes flackern des Bildschirms zu erkennen, auch beim Zweiten Versuch ging die Datei nicht auf, wieder nur der kurze Flackerer auf dem Bildschrim. Arghhhh .http://www.trojaner-board.de/images/...s/headbang.gif Als ich das mitbekommen habe wurde der Rechner "außer Betrieb" genommen, aber leider erst ca. 24 h nach dem Malheur. In den 24 h lief der Rechner noch ca. 13h am Netz, davon ca. 5 h suche mit Avira. Der hat aber leider nix gefunden......

Ich hab den Rechner jetzt mit Knoppix am Laufen, um auch mal nachzuschauen was so passiert ist. direkte Auswirkungen habe ich noch nicht bemerkt. Der Scan des Anhangs mit Virustotal hat mich nicht gerade beruhigt:
https://www.virustotal.com/de/file/6dfc42655caa15ae563f4f405c872f6f1e22f866593ff31cec8bbca8c2ffc5dc/analysis/.
Ich hab dann nach dem erfolglosen Scan mit Avira in Panik das System auf den letzten Systemwiederherstellungspunkt von vor ca. zwei Wochen) zurückgesetzt. Anschließend hab ich mich auf die Suche gemacht und bin auf Virustotal und auf euer Forum gestoßen.
Die infizierte Datei hab ich noch (Namen geändert, ). Ich hab sie mit der originalen.zip Erweiterung hier mit angehängt.

Es laufen zwei gleiche Platten in einem RAID1-Verbund. Leider kein separates Backup......Meine Frage ist nun, wie kriege ich "das Ding" sicher los, ohne das System komplett neu aufsetzen zu müssen?

Danke schon mal im Voraus für eure Unterstützung!

Den Scan des Systems mit FRST hab ich gemacht:
___________________________________________


Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von SYSTEM auf MININT-5SSO772 (30-12-2016 02:19:02)
Gestartet von L:\
Platform: Windows 7 Professional (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11
Start-Modus: Recovery
Standard: ControlSet001
ACHTUNG!:=====> Wenn das System startfähig ist sollte FRST im normalen oder abgesicherten Modus ausgeführt werden, um ein vollständiges Ergebnis zu erhalten.

Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-11-12] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Ai Nap] => C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe [1968640 2009-06-02] ()
HKLM-x32\...\Run: [QFan Help] => C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe [601088 2009-07-01] ()
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [881152 2007-11-30] ()
HKLM-x32\...\Run: [TurboV] => C:\Program Files (x86)\ASUS\TurboV\TurboV.exe [5391872 2009-05-25] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Hawking UDS Control Center] => C:\Program Files (x86)\Longshine\LCS USB Device Server\Control Center.exe [5542400 2012-09-25] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKU\Alle\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\Alle\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [19959616 2015-08-24] (NGWIN)
HKU\Alle\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\Alle\...\Run: [Vidalia] => "C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe"
HKU\Alle\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\Alle\...\Run: [SpiderOak] => C:\Program Files\SpiderOak\SpiderOak.exe [59904 2015-02-24] (SpiderOak)
HKU\Alle\...\Policies\system: [LogonHoursAction] 2
HKU\Alle\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Alle\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\Alle\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\Fast Alle\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [19959616 2015-08-24] (NGWIN)
HKU\Fast Alle\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\Fast Alle\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\Fast Alle\...\Run: [SpiderOak] => C:\Program Files\SpiderOak\SpiderOak.exe [59904 2015-02-24] (SpiderOak)
HKU\Fast Alle\...\Policies\system: [LogonHoursAction] 2
HKU\Fast Alle\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Fast Alle\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Alle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!fax.lnk [2015-11-24]
ShortcutTarget: FRITZ!fax.lnk -> C:\Program Files (x86)\FRITZ!\FriFax32.exe (AVM Berlin)
Startup: C:\Users\Alle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!fon.lnk [2015-11-24]
ShortcutTarget: FRITZ!fon.lnk -> C:\Program Files (x86)\FRITZ!\FriFon32.exe (AVM Berlin)
GroupPolicyUsers\S-1-5-21-2390081207-1673913599-2541008035-1004\User: Beschränkung <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-2390081207-1673913599-2541008035-1000\User: Beschränkung <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136544 2009-10-22] ()
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] ()
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [299440 2016-12-20] (Avira Operations GmbH & Co. KG)
S2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-08-24] (Digital Wave Ltd.)
S2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [583288 2014-11-04] (Hauppauge Computer Works)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S2 myPWTNTService.exe; c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\myPWTNTService.exe [77824 2013-05-28] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-09-14] (Advanced Micro Devices Inc.)
S3 AODDriver; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [21048 2009-10-22] (Advanced Micro Devices)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-08-30] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-15] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-15] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2014-12-02] (AVM Berlin)
S3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-18] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [88752 2016-10-04] ()
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [60928 2015-09-14] (GenesysLogic)
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658944 2014-09-11] (Hauppauge Computer Works, Inc.)
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19840 2014-09-11] (Hauppauge Computer Works, Inc.)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-14] (REALiX(tm))
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-08-30] ()
S3 LongshineUDSMBus; C:\Windows\SysWow64\Drivers\LongshineUDSMBus.sys [102688 2012-09-21] (Windows (R) Codename Longhorn DDK provider)
S3 LongshineUDSTcpBus; C:\Windows\SysWow64\Drivers\LongshineUDSTcpBus.sys [181024 2012-09-21] (Windows (R) Codename Longhorn DDK provider)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-01-11] (IObit.com)
S5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-30 00:40 - 2016-12-30 00:40 - 00000286 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Fast_Alle.job
2016-12-26 00:03 - 2016-12-26 00:03 - 00001279 _____ C:\Users\Alle\Desktop\WebMToMp3_64.exe - Verknüpfung.lnk
2016-12-26 00:00 - 2016-12-26 00:00 - 00000000 ____D C:\Program Files (x86)\tools
2016-12-26 00:00 - 2016-12-26 00:00 - 00000000 ____D C:\Program Files (x86)\styles
2016-12-26 00:00 - 2016-12-26 00:00 - 00000000 ____D C:\Program Files (x86)\lang
2016-12-26 00:00 - 2016-12-26 00:00 - 00000000 ____D C:\Program Files (x86)\data
2016-12-25 23:58 - 2016-12-25 23:59 - 20587104 _____ C:\Users\Alle\Downloads\Free_WebM_to_MP3_Converter_64bit_PORTABLE.zip
2016-12-25 23:04 - 2016-12-25 23:04 - 00001518 _____ C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
2016-12-25 23:04 - 2016-12-25 23:04 - 00001341 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-12-25 23:04 - 2016-12-25 23:04 - 00000000 ____D C:\Users\Alle\AppData\Roaming\DVDVideoSoft
2016-12-25 23:04 - 2016-12-25 23:04 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-12-25 23:03 - 2016-12-25 23:04 - 00000000 ____D C:\Users\Fast Alle\AppData\Roaming\DVDVideoSoft
2016-12-25 23:02 - 2016-12-25 23:03 - 31291944 _____ (Digital Wave Ltd ) C:\Users\Alle\Downloads\FreeVideoToMP3Converter-5.0.99.823.exe
2016-12-25 22:57 - 2016-12-26 00:54 - 00000000 ____D C:\Users\Alle\Conversion
2016-12-25 22:54 - 2016-12-25 23:00 - 00000000 ____D C:\Users\Fast Alle\AppData\Roaming\Audacity
2016-12-25 22:54 - 2016-12-25 22:54 - 00000000 ____D C:\Users\Fast Alle\AppData\Local\Audacity
2016-12-25 22:46 - 2016-12-25 22:46 - 00001017 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-12-25 11:14 - 2016-12-25 11:14 - 00000000 _____ C:\Users\Alle\Desktop\Neues Textdokument.txt
2016-12-14 19:48 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2016-12-14 19:48 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2016-12-14 19:48 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\System32\bcrypt.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\System32\hlink.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 19:48 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2016-12-14 19:48 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2016-12-14 19:48 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2016-12-14 19:48 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2016-12-14 19:48 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 19:48 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2016-12-14 19:48 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 19:48 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2016-12-14 19:48 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\System32\clfs.sys
2016-12-14 19:48 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2016-12-14 19:48 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 19:48 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2016-12-14 19:48 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2016-12-14 19:48 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2016-12-14 19:48 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2016-12-14 19:48 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2016-12-14 19:48 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2016-12-14 19:48 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2016-12-14 19:48 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2016-12-14 19:48 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2016-12-14 19:48 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2016-12-14 19:48 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2016-12-14 19:48 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2016-12-14 19:48 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2016-12-14 19:48 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2016-12-14 19:48 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2016-12-14 19:48 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2016-12-14 19:48 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2016-12-14 19:48 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2016-12-14 19:48 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2016-12-14 19:48 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 19:48 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-12-14 19:48 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2016-12-14 19:48 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2016-12-14 19:48 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2016-12-14 19:48 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2016-12-14 19:48 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 19:48 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 19:48 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 19:48 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 19:48 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2016-12-14 19:48 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 19:48 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 19:48 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 19:48 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 19:48 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 19:48 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 19:48 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 19:48 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 19:48 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2016-12-14 19:48 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 19:48 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2016-12-14 19:48 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2016-12-14 19:48 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2016-12-14 19:48 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2016-12-14 19:48 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 19:48 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 19:48 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 19:48 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 19:48 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 19:48 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 19:48 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 19:48 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2016-12-14 19:48 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 19:48 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 19:48 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 19:48 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 19:48 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 19:48 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2016-12-14 19:48 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 19:48 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2016-12-14 19:48 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2016-12-14 19:48 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 19:48 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 19:48 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 19:48 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\System32\user32.dll
2016-12-14 19:48 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 19:48 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2016-12-14 19:48 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\System32\msimsg.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 19:48 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2016-12-14 19:48 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 19:48 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2016-12-14 19:48 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 19:48 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2016-12-14 19:48 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll
2016-12-14 19:48 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-13 22:35 - 2016-12-13 22:36 - 29637705 _____ C:\Users\Alle\Downloads\products.zip
2016-12-13 18:27 - 2016-12-13 18:27 - 03932160 _____ C:\Users\Alle\Downloads\VidyoWeb-win32-1.3.10.0004.msi
2016-12-11 20:37 - 2016-12-11 20:37 - 00007274 _____ C:\Users\Alle\Downloads\raumdesigner-20161211203847-8569.dat
2016-12-11 20:28 - 2016-12-11 20:29 - 00007057 _____ C:\Users\Alle\Downloads\raumdesigner-20161211202954-7361.dat
2016-12-11 20:04 - 2016-12-11 20:04 - 00004843 _____ C:\Users\Alle\Downloads\raumdesigner-20161211200510-2732.dat
2016-12-11 19:19 - 2016-12-11 19:19 - 00004213 _____ C:\Users\Alle\Downloads\raumdesigner-20161211192005-2104.dat
2016-12-10 00:28 - 2016-12-10 00:28 - 00017065 _____ C:\Users\Alle\Documents\Brotrezept1.odt
2016-12-09 18:33 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2016-12-09 18:33 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2016-12-09 18:33 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2016-12-09 18:33 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-09 18:33 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-09 18:33 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe
2016-12-09 18:33 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2016-12-09 18:33 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe
2016-12-09 18:33 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2016-12-09 18:33 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2016-12-09 18:33 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\System32\bcdedit.exe
2016-12-09 18:33 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2016-12-09 18:33 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-09 18:33 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-09 18:33 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-09 18:33 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-09 18:33 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-09 18:33 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\System32\locale.nls
2016-12-09 18:33 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2016-12-09 18:33 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2016-12-09 18:33 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2016-12-09 18:33 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2016-12-09 18:33 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2016-12-09 18:33 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-09 18:33 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-09 18:33 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-09 18:33 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-09 18:32 - 2016-09-12 22:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2016-12-09 18:32 - 2016-09-12 22:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\System32\centel.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2016-12-09 18:32 - 2016-08-16 21:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2016-12-09 18:28 - 2016-08-29 16:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2016-12-09 18:28 - 2016-08-29 16:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2016-12-09 18:28 - 2016-08-29 16:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-09 18:28 - 2016-08-29 16:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-12-09 18:28 - 2016-08-29 16:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-12-09 18:28 - 2016-08-29 15:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-12-04 20:51 - 2016-12-04 20:51 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2016-12-04 20:38 - 2016-12-04 20:38 - 00000000 ____D C:\Users\Fast Alle\Desktop\OpenOffice 4.1.3 (de) Installation Files
2016-12-04 20:15 - 2016-12-04 20:17 - 171330228 _____ C:\Users\Alle\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe
2016-12-02 18:22 - 2016-12-03 17:27 - 00013881 _____ C:\Users\Alle\Documents\bew. laufenm..odt
2016-12-02 18:21 - 2016-12-03 17:28 - 00014926 _____ C:\Users\Alle\Documents\bew.weckelw..odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-30 02:19 - 2014-02-18 23:55 - 00000000 ____D C:\FRST
2016-12-30 00:35 - 2015-03-10 21:14 - 00000000 ____D C:\Program Files\SpiderOak
2016-12-29 20:21 - 2012-11-01 23:48 - 00000000 ____D C:\ProgramData\Hauppauge
2016-12-29 20:20 - 2016-09-22 14:45 - 00017020 _____ C:\Windows\setupact.log
2016-12-29 20:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-29 20:15 - 2015-10-28 21:57 - 00000000 ____D C:\Users\Alle\AppData\Roaming\ProductData
2016-12-29 20:15 - 2014-08-03 21:11 - 00000000 ____D C:\users\Fast Alle
2016-12-29 20:15 - 2013-01-10 20:01 - 00000000 ____D C:\Users\Alle\AppData\Roaming\picpick
2016-12-29 20:15 - 2012-11-01 13:35 - 00000000 ____D C:\users\Alle
2016-12-29 20:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-12-29 20:14 - 2012-11-08 20:58 - 00000000 ____D C:\Users\Alle\AppData\Roaming\Skype
2016-12-28 15:46 - 2016-11-18 23:21 - 00000000 ____D C:\Users\Alle\AppData\LocalLow\Mozilla
2016-12-28 15:03 - 2009-07-14 19:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-12-28 09:43 - 2015-03-10 21:14 - 00000000 ____D C:\Users\Alle\AppData\Roaming\SpiderOak
2016-12-28 09:42 - 2014-08-03 21:30 - 00000000 ____D C:\Users\Alle\Tracing
2016-12-28 09:42 - 2013-02-14 22:39 - 00000000 ____D C:\Users\Alle\AppData\Local\FRITZ!
2016-12-27 12:42 - 2013-01-09 22:44 - 02035364 _____ C:\Windows\WindowsUpdate.log
2016-12-27 12:37 - 2009-07-14 05:45 - 00028080 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-27 12:37 - 2009-07-14 05:45 - 00028080 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-26 20:22 - 2013-11-30 20:23 - 00000464 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2016-12-26 01:00 - 2012-11-27 23:23 - 00000000 ____D C:\Users\Alle\AppData\Roaming\vlc
2016-12-26 00:34 - 2013-04-03 19:04 - 00000000 ____D C:\Users\Alle\dwhelper
2016-12-26 00:27 - 2014-12-04 23:43 - 00000000 ____D C:\ProgramData\EnergyProfessional
2016-12-26 00:00 - 2016-09-28 02:17 - 02460080 _____ (Jacek Pazera) C:\Program Files (x86)\WebMToMp3_64.exe
2016-12-26 00:00 - 2016-09-27 19:25 - 00000631 _____ C:\Program Files (x86)\README.txt
2016-12-26 00:00 - 2016-06-22 01:01 - 00000998 _____ C:\Program Files (x86)\License.txt
2016-12-25 23:12 - 2009-07-14 18:58 - 00699432 _____ C:\Windows\System32\perfh007.dat
2016-12-25 23:12 - 2009-07-14 18:58 - 00149572 _____ C:\Windows\System32\perfc007.dat
2016-12-25 23:12 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\System32\PerfStringBackup.INI
2016-12-25 22:59 - 2013-03-23 20:08 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-12-25 22:44 - 2014-08-03 21:11 - 00101144 _____ C:\Users\Fast Alle\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-25 12:05 - 2013-10-24 18:22 - 00150528 ___SH C:\Users\Alle\Documents\Thumbs.db
2016-12-24 23:28 - 2012-11-28 00:08 - 00000000 ____D C:\Users\Alle\AppData\Local\FreePDF_XP
2016-12-24 23:06 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-24 04:11 - 2015-09-14 19:27 - 00000000 ____D C:\ProgramData\ProductData
2016-12-22 21:06 - 2016-06-27 17:54 - 00001046 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-12-16 12:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-16 11:20 - 2016-11-03 21:36 - 00012069 _____ C:\Users\Alle\Documents\baukosten.ods
2016-12-15 19:24 - 2016-10-11 16:32 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avusbflt.sys
2016-12-15 19:24 - 2013-11-30 23:08 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2016-12-15 19:24 - 2013-11-30 23:08 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2016-12-15 19:13 - 2016-11-18 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-15 19:13 - 2016-09-22 14:45 - 00005660 _____ C:\Windows\PFRO.log
2016-12-15 19:13 - 2012-11-01 17:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 12:09 - 2014-03-02 12:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-15 12:09 - 2012-11-08 20:58 - 00000000 ____D C:\ProgramData\Skype
2016-12-14 23:16 - 2009-07-14 05:45 - 00422384 _____ C:\Windows\System32\FNTCACHE.DAT
2016-12-14 23:13 - 2013-08-14 02:01 - 00000000 ____D C:\Windows\System32\MRT
2016-12-14 23:10 - 2012-11-01 15:08 - 135632432 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2016-12-14 23:08 - 2013-12-20 22:43 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 22:52 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2016-12-14 22:48 - 2012-12-18 21:24 - 00000000 ____D C:\Users\Alle\Documents\Eigene Scans
2016-12-10 17:12 - 2012-12-26 18:43 - 00000000 ___RD C:\Users\Alle\Podcasts
2016-12-10 00:29 - 2014-12-11 20:19 - 00000000 ____D C:\Windows\System32\appraiser
2016-12-10 00:29 - 2014-05-06 15:44 - 00000000 ___SD C:\Windows\System32\CompatTel
2016-12-08 15:48 - 2014-07-24 21:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-05 15:20 - 2012-11-01 23:26 - 00101144 _____ C:\Users\Alle\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-05 15:18 - 2016-11-22 22:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-12-04 20:51 - 2013-09-28 14:14 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-12-02 17:59 - 2016-11-25 17:55 - 00014158 _____ C:\Users\Alle\Documents\lebenslauf daniel.odt

Einige Dateien in TEMP:
====================
C:\Users\Alle\AppData\Local\Temp\avgnt.exe
C:\Users\Alle\AppData\Local\Temp\SIntf16.dll
C:\Users\Alle\AppData\Local\Temp\SIntf32.dll
C:\Users\Alle\AppData\Local\Temp\SIntfNT.dll
C:\Users\Fast Alle\AppData\Local\Temp\avgnt.exe
C:\Users\Fast Alle\AppData\Local\Temp\comver.dll
C:\Users\Fast Alle\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Fast Alle\AppData\Local\Temp\eauninstall.exe


==================== Known DLLs (Nicht auf der Ausnahmeliste) =========================


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => MD5 ist legitim
C:\Windows\System32\wininit.exe => MD5 ist legitim
C:\Windows\SysWOW64\wininit.exe => MD5 ist legitim
C:\Windows\explorer.exe
[2016-12-09 18:28] - [2016-08-29 16:04] - 3229696 ____A (Microsoft Corporation) 38AE1B3C38FAEF56FE4907922F0385BA

C:\Windows\SysWOW64\explorer.exe
[2016-12-09 18:28] - [2016-08-29 15:55] - 2972672 ____A (Microsoft Corporation) 6DDCA324434FFA506CF7DC4E51DB7935

C:\Windows\System32\svchost.exe => MD5 ist legitim
C:\Windows\SysWOW64\svchost.exe => MD5 ist legitim
C:\Windows\System32\services.exe => MD5 ist legitim
C:\Windows\System32\User32.dll
[2016-12-14 19:48] - [2016-11-10 17:32] - 1009152 ____A (Microsoft Corporation) 34BA256FBF83457F9D5E51A56DB54542

C:\Windows\SysWOW64\User32.dll
[2016-12-14 19:48] - [2016-11-10 17:19] - 0833024 ____A (Microsoft Corporation) 3CB074875AC88A7C1010A2A7F9881A8C

C:\Windows\System32\userinit.exe => MD5 ist legitim
C:\Windows\SysWOW64\userinit.exe => MD5 ist legitim
C:\Windows\System32\rpcss.dll
[2016-04-01 21:35] - [2016-02-02 19:57] - 0511488 ____A (Microsoft Corporation) 622C96AFB07BB82C8650B47172137AC4

C:\Windows\System32\dnsapi.dll => MD5 ist legitim
C:\Windows\SysWOW64\dnsapi.dll => MD5 ist legitim
C:\Windows\System32\Drivers\volsnap.sys => MD5 ist legitim

==================== Wiederherstellungspunkte =========================

Wiederherstellungspunkt Datum: 2016-12-20 20:37:59
Wiederherstellungspunkt Datum: 2016-12-24 04:22:08
Wiederherstellungspunkt Datum: 2016-12-27 22:25:11
Wiederherstellungspunkt Datum: 2016-12-28 09:52:44
Wiederherstellungspunkt Datum: 2016-12-28 10:17:18
Wiederherstellungspunkt Datum: 2016-12-28 14:55:23

==================== Speicherinformationen =========================== 

Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 5111.68 MB
Verfügbarer physikalischer RAM: 4384.08 MB
Summe virtueller Speicher: 5109.83 MB
Verfügbarer virtueller Speicher: 4376.18 MB

==================== Laufwerke ================================

Drive c: (RAID 1) (Fixed) (Total:279.3 GB) (Free:11.37 GB) NTFS
Drive d: (RAID 2) (Fixed) (Total:651.92 GB) (Free:271.49 GB) NTFS
Drive l: (PHONE CARD) (Removable) (Total:0.12 GB) (Free:0.12 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 279.4 GB) (Disk ID: 11329E46)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=279.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 651.9 GB) (Disk ID: DA02BDE4)
Partition 1: (Not Active) - (Size=651.9 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 122 MB) (Disk ID: 00000000)

Partition: GPT.


LastRegBack: 2016-12-24 18:23

==================== Ende von FRST.txt ============================
         

Zitat:

Start-Modus: Recovery

Warum dieser Modus? Warum erstellt ihr die Logs nicht im normalen Modus?


Und Logs werden grundsätzlich in CODE-Tags gepostet

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Hallo Cosinuns, erst mal Danke dafür dass dieses Thema bei euch ankommt. Den Recovery - Modus hab ich gewählt, weil ich das System so wenig wie möglich laufen lassen möchte, die möglichen Schäden lt. Virustotal schrecken ganz schön.
Der Code -Button war nicht aktiv, weil in Firefox bei Knoppix erst mal alle Skripte ausgeschaltet sind. Die Seite hier hab ich nun generell für Skripte freigegeben - und schon geht´s. Auf die Idee. dass man die "Code-Klammern" auch manuell eingeben könnte bin ich bei so vorgerückter Stunde nicht gekommen....... Sorrry for that.
Ich hab jetzt noch mal den Scan gestartet (Admin-Account) mit untenstehndem Ergebnis. Warum auch immer hat FRST auch noch die Additional.txt erzeugt, ist die auch von Interesse? Wenn ja klemm ich sie noch hier rein.

Schönen Nachmittag noch Allen....

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Fast Alle (Administrator) auf AMD-GARDEROBE (30-12-2016 14:47:50)
Gestartet von F:\
Geladene Profile: Fast Alle (Verfügbare Profile: Alle & Fast Alle)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\myPWTNTService.exe
( ) C:\Program Files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\PWT2000ComServ.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenUSB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NGWIN) C:\Program Files (x86)\PicPick\picpick.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(SpiderOak) C:\Program Files\SpiderOak\SpiderOak.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
() C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Longshine\LCS USB Device Server\Control Center.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SpiderOak) C:\Program Files\SpiderOak\SpiderOak.exe
() C:\Program Files\SpiderOak\windows_dir_watcher.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-11-12] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Ai Nap] => C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe [1968640 2009-06-02] ()
HKLM-x32\...\Run: [QFan Help] => C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe [601088 2009-07-01] ()
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [881152 2007-11-30] ()
HKLM-x32\...\Run: [TurboV] => C:\Program Files (x86)\ASUS\TurboV\TurboV.exe [5391872 2009-05-25] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60408 2016-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Hawking UDS Control Center] => C:\Program Files (x86)\Longshine\LCS USB Device Server\Control Center.exe [5542400 2012-09-25] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [19959616 2015-08-24] (NGWIN)
HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\...\Run: [SpiderOak] => C:\Program Files\SpiderOak\SpiderOak.exe [59904 2015-02-24] (SpiderOak)
HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SpiderOakOverlay] -> {6E1010DC-3571-45DE-9CA2-C5890119BBBE} => C:\Program Files\SpiderOak\shell_extension.dll [2015-02-24] (SpiderOak)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-12-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISDNWatch.lnk [2015-12-03]
ShortcutTarget: ISDNWatch.lnk -> C:\Program Files (x86)\FRITZ!\IWatch.exe (AVM Berlin)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Winsol_Autostart.lnk [2015-11-05]
ShortcutTarget: Winsol_Autostart.lnk -> C:\Program Files (x86)\Technische Alternative\Winsol\Winsol.exe (Technische Alternative GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2015-01-14]
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\Alle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!fax.lnk [2015-11-24]
ShortcutTarget: FRITZ!fax.lnk -> C:\Program Files (x86)\FRITZ!\FriFax32.exe (AVM Berlin)
Startup: C:\Users\Alle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!fon.lnk [2015-11-24]
ShortcutTarget: FRITZ!fon.lnk -> C:\Program Files (x86)\FRITZ!\FriFon32.exe (AVM Berlin)
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicy\User: Beschränkung <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-2390081207-1673913599-2541008035-1004\User: Beschränkung <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-2390081207-1673913599-2541008035-1000\User: Beschränkung <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4AB1FBF3-EFDC-4721-96EE-7127CBA25ECA}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4B2E6FDC-98B9-4286-B7C8-33D2A7BCF6BB}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-10-28] (IObit)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-25] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default [2016-12-30]
FF user.js: detected! => C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\user.js [2015-10-28]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\tg6cq8a0.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\tg6cq8a0.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\tg6cq8a0.default -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\tg6cq8a0.default -> hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: (Avira Browser Safety) - C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\Extensions\abs@avira.com [2016-09-23]
FF Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\Extensions\ascsurfingprotection@iobit.com [2015-10-28] [ist nicht signiert]
FF Extension: (Bing Search) - C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\Extensions\bingsearch.full@microsoft.com [2015-07-12] [ist nicht signiert]
FF Extension: (Avira SafeSearch) - C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\Extensions\safesearch@avira.com.xpi [2016-09-23]
FF SearchPlugin: C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\searchplugins\google-images.xml [2014-09-13]
FF SearchPlugin: C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\searchplugins\google-maps.xml [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-18] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-25] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-10-20] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [81920 2013-03-19] (AMD) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136544 2009-10-22] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-16] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [299440 2016-12-20] (Avira Operations GmbH & Co. KG)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-08-24] (Digital Wave Ltd.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [583288 2014-11-04] (Hauppauge Computer Works) [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
R2 myPWTNTService.exe; c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\myPWTNTService.exe [77824 2013-05-28] () [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-09-14] (Advanced Micro Devices Inc.)
R3 AODDriver; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [21048 2009-10-22] (Advanced Micro Devices)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-08-30] () [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2014-12-02] (AVM Berlin)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-18] (Avira Operations GmbH & Co. KG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [118160 2016-10-04] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [88752 2016-10-04] ()
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [60928 2015-09-14] (GenesysLogic)
R3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658944 2014-09-11] (Hauppauge Computer Works, Inc.)
R3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19840 2014-09-11] (Hauppauge Computer Works, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-14] (REALiX(tm))
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-08-30] () [Datei ist nicht signiert]
R3 LongshineUDSMBus; C:\Windows\SysWow64\Drivers\LongshineUDSMBus.sys [102688 2012-09-21] (Windows (R) Codename Longhorn DDK provider)
S3 LongshineUDSTcpBus; C:\Windows\SysWow64\Drivers\LongshineUDSTcpBus.sys [181024 2012-09-21] (Windows (R) Codename Longhorn DDK provider)
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-01-11] (IObit.com)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-30 13:26 - 2016-12-30 13:26 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2016-12-30 13:14 - 2016-12-30 13:14 - 04608592 _____ (Avira Operations GmbH & Co. KG) C:\Users\Alle\Downloads\avira_de_av_58664f6e7f563__ws.exe
2016-12-30 00:40 - 2016-12-30 00:40 - 00000286 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Fast_Alle.job
2016-12-26 00:03 - 2016-12-26 00:03 - 00001279 _____ C:\Users\Alle\Desktop\WebMToMp3_64.exe - Verknüpfung.lnk
2016-12-26 00:00 - 2016-12-26 00:00 - 00000000 ____D C:\Program Files (x86)\tools
2016-12-26 00:00 - 2016-12-26 00:00 - 00000000 ____D C:\Program Files (x86)\styles
2016-12-26 00:00 - 2016-12-26 00:00 - 00000000 ____D C:\Program Files (x86)\lang
2016-12-26 00:00 - 2016-12-26 00:00 - 00000000 ____D C:\Program Files (x86)\data
2016-12-25 23:58 - 2016-12-25 23:59 - 20587104 _____ C:\Users\Alle\Downloads\Free_WebM_to_MP3_Converter_64bit_PORTABLE.zip
2016-12-25 23:04 - 2016-12-25 23:04 - 00001518 _____ C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
2016-12-25 23:04 - 2016-12-25 23:04 - 00001341 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-12-25 23:04 - 2016-12-25 23:04 - 00000000 ____D C:\Users\Alle\AppData\Roaming\DVDVideoSoft
2016-12-25 23:04 - 2016-12-25 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-12-25 23:04 - 2016-12-25 23:04 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-12-25 23:03 - 2016-12-25 23:04 - 00000000 ____D C:\Users\Fast Alle\AppData\Roaming\DVDVideoSoft
2016-12-25 23:02 - 2016-12-25 23:03 - 31291944 _____ (Digital Wave Ltd ) C:\Users\Alle\Downloads\FreeVideoToMP3Converter-5.0.99.823.exe
2016-12-25 22:57 - 2016-12-26 00:54 - 00000000 ____D C:\Users\Alle\Conversion
2016-12-25 22:54 - 2016-12-25 23:00 - 00000000 ____D C:\Users\Fast Alle\AppData\Roaming\Audacity
2016-12-25 22:54 - 2016-12-25 22:54 - 00000000 ____D C:\Users\Fast Alle\AppData\Local\Audacity
2016-12-25 22:46 - 2016-12-25 22:46 - 00001017 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-12-25 11:14 - 2016-12-25 11:14 - 00000000 _____ C:\Users\Alle\Desktop\Neues Textdokument.txt
2016-12-18 22:04 - 2016-12-18 22:04 - 09678618 _____ C:\Users\Alle\Downloads\NNK - Gesamtkatalog.pdf
2016-12-18 21:32 - 2016-12-18 21:32 - 10698959 _____ C:\Users\Alle\Downloads\NNS - Gesamtkatalog.pdf
2016-12-14 19:48 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 19:48 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 19:48 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 19:48 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 19:48 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 19:48 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 19:48 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 19:48 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 19:48 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 19:48 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 19:48 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 19:48 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 19:48 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 19:48 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 19:48 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 19:48 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 19:48 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 19:48 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 19:48 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 19:48 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 19:48 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 19:48 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 19:48 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 19:48 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 19:48 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 19:48 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 19:48 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 19:48 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 19:48 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 19:48 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 19:48 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 19:48 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 19:48 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 19:48 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 19:48 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 19:48 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 19:48 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 19:48 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 19:48 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 19:48 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 19:48 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 19:48 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 19:48 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 19:48 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 19:48 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 19:48 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 19:48 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 19:48 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 19:48 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 19:48 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 19:48 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 19:48 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 19:48 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 19:48 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 19:48 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 19:48 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 19:48 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 19:48 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 19:48 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 19:48 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 19:48 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 19:48 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 19:48 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 19:48 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 19:48 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 19:48 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 19:48 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 19:48 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 19:48 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 19:48 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 19:48 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 19:48 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 19:48 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 19:48 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 19:48 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 19:48 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 19:48 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 19:48 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 19:48 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 19:48 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 19:48 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 19:48 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 19:48 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 19:48 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 19:48 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 19:48 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 19:48 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 19:48 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 19:48 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 19:48 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 19:48 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 19:48 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 19:48 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 19:48 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-13 22:35 - 2016-12-13 22:36 - 29637705 _____ C:\Users\Alle\Downloads\products.zip
2016-12-13 19:52 - 2016-12-13 19:52 - 00221013 _____ C:\Users\Alle\Downloads\ISO-2081-yr-08.pdf
2016-12-13 19:49 - 2016-12-13 19:49 - 00059366 _____ C:\Users\Alle\Downloads\infoblatt_neue_normung_din_50979.pdf
2016-12-13 19:43 - 2016-12-13 19:43 - 00410124 _____ C:\Users\Alle\Downloads\2014091211045089.pdf
2016-12-13 18:27 - 2016-12-13 18:27 - 03932160 _____ C:\Users\Alle\Downloads\VidyoWeb-win32-1.3.10.0004.msi
2016-12-11 20:37 - 2016-12-11 20:37 - 00007274 _____ C:\Users\Alle\Downloads\raumdesigner-20161211203847-8569.dat
2016-12-11 20:28 - 2016-12-11 20:29 - 00007057 _____ C:\Users\Alle\Downloads\raumdesigner-20161211202954-7361.dat
2016-12-11 20:04 - 2016-12-11 20:04 - 00004843 _____ C:\Users\Alle\Downloads\raumdesigner-20161211200510-2732.dat
2016-12-11 19:19 - 2016-12-11 19:19 - 00004213 _____ C:\Users\Alle\Downloads\raumdesigner-20161211192005-2104.dat
2016-12-10 00:28 - 2016-12-10 00:28 - 00017065 _____ C:\Users\Alle\Documents\Brotrezept1.odt
2016-12-09 18:33 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-09 18:33 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-09 18:33 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-09 18:33 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-09 18:33 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-09 18:33 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-09 18:33 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-09 18:33 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-09 18:33 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-09 18:33 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-09 18:33 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-09 18:33 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-09 18:33 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-09 18:33 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-09 18:33 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-09 18:33 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-09 18:33 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-09 18:33 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-09 18:33 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-09 18:33 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-09 18:33 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-09 18:33 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-09 18:33 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-09 18:33 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-09 18:33 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-09 18:33 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-09 18:33 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-09 18:33 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-09 18:33 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-09 18:32 - 2016-09-12 22:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-12-09 18:32 - 2016-09-12 22:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-12-09 18:32 - 2016-09-09 16:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-12-09 18:32 - 2016-08-16 21:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-12-09 18:32 - 2016-08-16 21:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-12-09 18:28 - 2016-08-29 16:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-09 18:28 - 2016-08-29 16:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-12-09 18:28 - 2016-08-29 16:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-09 18:28 - 2016-08-29 16:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-12-09 18:28 - 2016-08-29 16:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-12-09 18:28 - 2016-08-29 15:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-12-04 20:51 - 2016-12-04 20:51 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2016-12-04 20:51 - 2016-12-04 20:51 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2016-12-04 20:38 - 2016-12-04 20:38 - 00000000 ____D C:\Users\Fast Alle\Desktop\OpenOffice 4.1.3 (de) Installation Files
2016-12-04 20:15 - 2016-12-04 20:17 - 171330228 _____ C:\Users\Alle\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe
2016-12-02 18:22 - 2016-12-03 17:27 - 00013881 _____ C:\Users\Alle\Documents\bew. laufenm..odt
2016-12-02 18:21 - 2016-12-03 17:28 - 00014926 _____ C:\Users\Alle\Documents\bew.weckelw..odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-30 14:47 - 2014-02-18 23:55 - 00000000 ____D C:\FRST
2016-12-30 14:42 - 2009-07-14 18:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2016-12-30 14:42 - 2009-07-14 18:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2016-12-30 14:42 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-30 14:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-30 14:41 - 2015-11-26 19:47 - 00000000 ____D C:\Users\Fast Alle\AppData\Roaming\SpiderOak
2016-12-30 14:41 - 2015-04-06 10:34 - 00000000 __SHD C:\Users\Fast Alle\AppData\LocalLow\EmieUserList
2016-12-30 14:41 - 2015-04-06 10:34 - 00000000 __SHD C:\Users\Fast Alle\AppData\LocalLow\EmieSiteList
2016-12-30 14:41 - 2015-04-04 17:33 - 00000000 ____D C:\Users\Fast Alle\AppData\Roaming\Skype
2016-12-30 14:40 - 2016-07-20 20:42 - 00003260 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-12-30 14:40 - 2015-09-14 19:26 - 00002892 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Fast Alle)
2016-12-30 14:39 - 2014-08-03 21:11 - 00000000 ___RD C:\Users\Fast Alle\Podcasts
2016-12-30 14:36 - 2012-11-01 23:48 - 00000000 ____D C:\ProgramData\Hauppauge
2016-12-30 14:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-30 14:11 - 2009-07-14 05:45 - 00028080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-30 14:11 - 2009-07-14 05:45 - 00028080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-30 14:05 - 2012-11-08 20:58 - 00000000 ____D C:\Users\Alle\AppData\Roaming\Skype
2016-12-30 14:03 - 2015-03-10 21:14 - 00000000 ____D C:\Users\Alle\AppData\Roaming\SpiderOak
2016-12-30 14:02 - 2014-08-03 21:30 - 00000000 ____D C:\Users\Alle\Tracing
2016-12-30 14:02 - 2013-02-14 22:39 - 00000000 ____D C:\Users\Alle\AppData\Local\FRITZ!
2016-12-30 13:29 - 2012-11-27 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2016-12-30 13:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2016-12-30 13:19 - 2016-11-18 23:21 - 00000000 ____D C:\Users\Alle\AppData\LocalLow\Mozilla
2016-12-30 13:14 - 2014-07-24 21:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-30 13:14 - 2013-11-30 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-30 00:35 - 2015-03-10 21:14 - 00000000 ____D C:\Program Files\SpiderOak
2016-12-29 20:15 - 2015-10-28 21:57 - 00000000 ____D C:\Users\Alle\AppData\Roaming\ProductData
2016-12-29 20:15 - 2014-08-03 21:11 - 00000000 ____D C:\Users\Fast Alle
2016-12-29 20:15 - 2013-01-10 20:01 - 00000000 ____D C:\Users\Alle\AppData\Roaming\picpick
2016-12-29 20:15 - 2012-11-01 13:35 - 00000000 ____D C:\Users\Alle
2016-12-29 20:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-12-28 15:03 - 2009-07-14 19:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-12-26 20:22 - 2013-11-30 20:23 - 00000464 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2016-12-26 01:00 - 2012-11-27 23:23 - 00000000 ____D C:\Users\Alle\AppData\Roaming\vlc
2016-12-26 00:34 - 2013-04-03 19:04 - 00000000 ____D C:\Users\Alle\dwhelper
2016-12-26 00:27 - 2014-12-04 23:43 - 00000000 ____D C:\ProgramData\EnergyProfessional
2016-12-26 00:00 - 2016-09-28 02:17 - 02460080 _____ (Jacek Pazera) C:\Program Files (x86)\WebMToMp3_64.exe
2016-12-26 00:00 - 2016-09-27 19:25 - 00000631 _____ C:\Program Files (x86)\README.txt
2016-12-26 00:00 - 2016-06-22 01:01 - 00000998 _____ C:\Program Files (x86)\License.txt
2016-12-25 22:59 - 2013-03-23 20:08 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-12-25 22:46 - 2013-03-23 20:09 - 00001029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-12-25 22:44 - 2014-08-03 21:11 - 00101144 _____ C:\Users\Fast Alle\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-25 12:05 - 2013-10-24 18:22 - 00150528 ___SH C:\Users\Alle\Documents\Thumbs.db
2016-12-24 23:28 - 2012-11-28 00:08 - 00000000 ____D C:\Users\Alle\AppData\Local\FreePDF_XP
2016-12-24 23:06 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-24 04:11 - 2015-09-14 19:27 - 00000000 ____D C:\ProgramData\ProductData
2016-12-22 21:06 - 2016-06-27 17:54 - 00001046 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-12-16 12:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-16 11:20 - 2016-11-03 21:36 - 00012069 _____ C:\Users\Alle\Documents\baukosten.ods
2016-12-15 19:24 - 2016-10-11 16:32 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2016-12-15 19:24 - 2013-11-30 23:08 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-12-15 19:24 - 2013-11-30 23:08 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-12-15 19:13 - 2016-11-18 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-15 19:13 - 2012-11-01 17:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 12:09 - 2014-03-02 12:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-15 12:09 - 2012-11-08 20:58 - 00000000 ____D C:\ProgramData\Skype
2016-12-14 23:16 - 2009-07-14 05:45 - 00422384 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 23:13 - 2013-08-14 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 23:10 - 2012-11-01 15:08 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 23:08 - 2013-12-20 22:43 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 22:52 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-14 22:48 - 2012-12-18 21:24 - 00000000 ____D C:\Users\Alle\Documents\Eigene Scans
2016-12-10 17:12 - 2012-12-26 18:43 - 00000000 ___RD C:\Users\Alle\Podcasts
2016-12-10 00:29 - 2014-12-11 20:19 - 00000000 ____D C:\Windows\system32\appraiser
2016-12-10 00:29 - 2014-05-06 15:44 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-12-05 15:20 - 2012-11-01 23:26 - 00101144 _____ C:\Users\Alle\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-05 15:18 - 2016-11-22 22:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-12-04 20:51 - 2013-09-28 14:14 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-12-02 17:59 - 2016-11-25 17:55 - 00014158 _____ C:\Users\Alle\Documents\lebenslauf daniel.odt

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-22 01:01 - 2016-12-26 00:00 - 0000998 _____ () C:\Program Files (x86)\License.txt
2016-11-10 20:15 - 2016-11-10 20:15 - 39389109 _____ () C:\Program Files (x86)\MediathekView_12.zip
2016-09-27 19:25 - 2016-12-26 00:00 - 0000631 _____ () C:\Program Files (x86)\README.txt
2016-09-28 02:17 - 2016-12-26 00:00 - 2460080 _____ (Jacek Pazera) C:\Program Files (x86)\WebMToMp3_64.exe
2015-09-14 19:43 - 2015-09-14 19:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-12-18 21:11 - 2016-01-31 12:37 - 0001827 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Alle\AppData\Local\Temp\avgnt.exe
C:\Users\Fast Alle\AppData\Local\Temp\avgnt.exe
C:\Users\Fast Alle\AppData\Local\Temp\comver.dll
C:\Users\Fast Alle\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Fast Alle\AppData\Local\Temp\eauninstall.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-24 18:23

==================== Ende von FRST.txt ============================
         

ja die addition.txt muss auch gepostet werden

Guten Abend / Guten Morgen
Danke für die Info. Hier die Additional.txt, die mit der FRST.txt erzeugt wurde.

Danke, einen guten Rutsch und ein gutes neues Jahr 2017!

LG

Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Fast Alle (30-12-2016 14:48:46)
Gestartet von F:\
Windows 7 Professional Service Pack 1 (X64) (2012-11-01 12:35:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2390081207-1673913599-2541008035-500 - Administrator - Disabled)
Alle (S-1-5-21-2390081207-1673913599-2541008035-1000 - Limited - Enabled) => C:\Users\Alle
Fast Alle (S-1-5-21-2390081207-1673913599-2541008035-1004 - Administrator - Enabled) => C:\Users\Fast Alle
Gast (S-1-5-21-2390081207-1673913599-2541008035-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2390081207-1673913599-2541008035-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Age of Chivalry Dedicated Server (HKLM-x32\...\Steam App 17515) (Version:  - Team Chivalry)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.05.33 - )
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Album Art Downloader XUI 1.00 (HKLM-x32\...\Album Art Downloader XUI) (Version: 1.00 - hxxp://sourceforge.net/projects/album-art)
AMD Catalyst Install Manager (HKLM\...\{3F48F53E-BC0F-A72E-AC89-EA9C3F8F4701}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}) (Version: 3.1.0.0342 - Advanced Micro Devices, Inc.)
Apache Havoc (HKLM-x32\...\Apache Havoc) (Version:  - )
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version:  - )
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{e4e126a8-f29e-4b56-947d-fe8bbdce8b1b}) (Version: 1.2.77.32054 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.32054 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.1.20599 - Avira Operations GmbH & Co. KG)
AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Berlin Taxi (HKLM-x32\...\Berlin Taxi) (Version:  - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.78.0.2015 - Georgy Berdyshev)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Cossacks II (HKLM-x32\...\Cossacks II) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version:  - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
EasyLog USB (HKLM-x32\...\{073136C3-4A9F-4300-BDEA-8BB3FFD66962}) (Version: 7.2.0 - Lascar Electronics Ltd.)
EasyLog USB Device (Driver Removal) (HKLM-x32\...\EL-USB&10C4&0002) (Version:  - Lascar Electronics Ltd.)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video to MP3 Converter (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
GSview 5.0 (HKLM-x32\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.32311 (CD 3.9c) - Hauppauge Computer Works)
HDClone 6 Free Edition (HKLM\...\Miray.HDClone.fe.6.0.5.1031-{36B94CAA-10F8-415B-98D8-82C80F223456}) (Version: 6 - Miray Software AG)
Hegemony Gold: Wars of Ancient Greece (HKLM-x32\...\Hegemony Gold) (Version:  - )
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Imperium Romanum 1.04 Gold Edition (HKLM-x32\...\Imperium Romanum) (Version: 1.04 - Kalypso Media)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
LCS USB Device Server (HKLM-x32\...\{F5424C2E-C5F6-4A2C-A692-C62F2966BAC7}) (Version: 1.77 - Ihr Firmenname)
LCS USB Device Server (HKLM-x32\...\{FC9F1D8E-D3C0-47D4-A2E0-9634E3D48BDA}) (Version: 2.41 - Ihr Firmenname)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Magic Partition Recovery 1.0 (HKLM-x32\...\Magic Partition Recovery) (Version:  - )
MAGIX Audio Cleaning Lab 2013 (HKLM-x32\...\MAGIX_{B6D411CA-163A-472F-8FFE-33A686672EFC}) (Version: 19.0.0.10 - MAGIX AG)
MAGIX Audio Cleaning Lab 2013 (Version: 19.0.0.10 - MAGIX AG) Hidden
Magix Audio Cleaning Lab 2013 Update (Version: 19.0.1.12 - MAGIX AG) Hidden
Magix Audio Cleaning Lab 2013 Update (Version: 19.0.2.18 - MAGIX AG) Hidden
MAGIX MP3 deluxe MX (HKLM-x32\...\MAGIX_{2F3C17B2-8899-4384-9E5B-92AD05190D26}) (Version: 18.0.1.112 - MAGIX AG)
MAGIX MP3 deluxe MX (Version: 18.0.1.112 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{5F1E85BB-A59D-4A37-918E-EA8E3BE0FFBF}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
March of War (HKLM-x32\...\Steam App 234310) (Version:  - ISOTX)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version:  - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
MP3 deluxe MX Update (Version: 18.0.3.115 - MAGIX AG) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA PhysX v8.04.25 (HKLM-x32\...\{74224F8D-4A17-4816-9EDB-7BB854DE532C}) (Version: 8.04.25 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.4 (HKLM\...\{5FB568DF-207C-4B21-AC57-FC0CC2A0B113}) (Version: 4.3.4 - Oracle Corporation)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.75 - ASUSTek)
PicPick (HKLM-x32\...\PicPick) (Version: 4.0.7 - NGWIN)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Praetorians (HKLM-x32\...\{AAC8AF92-DAEC-45D2-B77D-36699E3751A9}) (Version:  - Pyro Studios)
RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.38 - AMD)
RAIDXpert (x32 Version: 3.3.1540.38 - AMD) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Reflex Pro Win 1.0.38  (HKLM-x32\...\Reflex Pro Win) (Version: 1.0.38 - ConSoft GmbH)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - )
Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version:  - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.12.201508241237 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
SpiderOak x64 (HKLM\...\{BBC7807A-0753-4787-9DD0-47A253861CA3}) (Version: 5.1.10.10114 - SpiderOak)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
STCC - Swedish Touring Car Championship (HKLM-x32\...\{1E721B60-9607-402D-82D7-0579886A814F}) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.30 - Firefly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
T-Concept XI721 (HKLM-x32\...\InstallShield_{0BF70590-6536-4317-9CCD-048A1CABD954}) (Version: 5.10.0000 - Deutsche Telekom AG)
T-Concept XI721 (x32 Version: 5.10.0000 - Deutsche Telekom AG) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Tor 0.2.4.22 (HKLM-x32\...\Tor) (Version:  - )
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TurboV (HKLM-x32\...\{A31951C5-DCD8-4DFE-A525-CFC701F54792}) (Version: 1.00.41 - )
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports  (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
WISO Vermieter (HKLM-x32\...\WISO Vermieter) (Version:  - Buhl Data Service GmbH)
WISO Vermieter (x32 Version: 4.00.0000 - Buhl Data Service GmbH) Hidden
WOL2 (HKLM-x32\...\{1F951BBA-C582-4D59-9E07-8630E6245854}) (Version: 2.0 - Marko Oette (www.oette.info))
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {005F2BA5-A15D-4EB2-8BA0-294DDC0A19B4} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com)
Task: {0F7927F6-A3D8-4A4D-8E60-D808B6DB313A} - System32\Tasks\{822B97CC-B167-4CB1-BC59-29316121E249} => C:\Users\Alle\Downloads\tapi721.exe [2012-11-02] ()
Task: {219CF1DE-D76F-40AD-8422-E6D5E7922368} - System32\Tasks\{5F75E6A0-5978-48B7-9D0D-374579FEFCDB} => D:\setup.exe
Task: {27A4B68F-C0F3-4D09-8A4F-0D141B836A94} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-10-16] ()
Task: {2A2EF883-3B40-44E1-B055-7ACED88BB044} - System32\Tasks\{66ACD2B8-7BEB-46B7-8DBA-442318DB3EF2} => pcalua.exe -a C:\Users\Alle\AppData\Local\Temp\Temp3_ASUSUpdt_V71702_XPVistaWin7.zip\ASUSUpdt_V71702_XPVistaWin7\Setup.exe <==== ACHTUNG
Task: {2E707129-6FA1-4DBA-A154-469C6EE2F72B} - System32\Tasks\{B9576EFB-BC8D-4544-85A7-4D72BFCC0788} => C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe
Task: {306B81DE-82D7-4472-8802-E51C41F9CE8C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {318894D1-E5A0-4F36-B5CE-95C865C396BA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {327E8A1D-4E12-4E42-BA73-0C99BA33D794} - System32\Tasks\{69F22224-C800-46D9-9109-BF1D1D4AD3C5} => pcalua.exe -a C:\Users\Alle\Downloads\irfanview_plugins_435_setup.exe -d C:\Users\Alle\Downloads
Task: {342840CA-0B41-4BBE-8004-17CA7CB27731} - System32\Tasks\{0273030D-FB9C-405F-9294-CF8093FAA567} => C:\Users\Alle\Downloads\tapi721.exe [2012-11-02] ()
Task: {3A899A1E-3629-434C-8395-B50125B5C6F6} - System32\Tasks\ASC8_SkipUac_Fast Alle => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-08-17] (IObit)
Task: {472F26CB-DB43-4015-BF94-E5BC0B0461F2} - System32\Tasks\{27A14992-371A-4B6E-A1F7-D9B26F0628F0} => D:\setup.exe
Task: {473985D2-4561-4B8F-96CA-8D9EF4087184} - System32\Tasks\{B39390A1-0764-435A-B1BE-BEBC36A95FB7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/abandoninstall?page=tsProgressBar
Task: {4903BB62-85DE-4C0D-A78D-ADAA202FBA27} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {4B29DE3D-D18F-479E-B227-E136F4DE0062} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2016-05-23] (IObit)
Task: {4FB677EB-A203-4FE0-9ADF-06C0312B4B3B} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.00.95\AsLoader.exe [2008-07-02] ()
Task: {50110D21-0312-4A86-BDC9-554AA2188685} - System32\Tasks\{C53150ED-2B56-4431-BAB1-015E85579174} => C:\Users\Alle\Downloads\tapi721.exe [2012-11-02] ()
Task: {52F030C7-2C41-435C-A3FB-6C0727D946C0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {55F74F0C-80F2-4A39-9968-C95582203458} - System32\Tasks\Uninstaller_SkipUac_Alle => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {576C0A51-64C4-4B7D-B1F3-508A676838CE} - System32\Tasks\{77665639-4B0E-44F2-8C69-BC1C18C17C5C} => C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe
Task: {5AAD7B8F-A0E3-4EE2-9C59-D6CD5B439894} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {5F312275-50AA-4B37-9202-5BAB99A1BE83} - System32\Tasks\{478114EB-CD89-44A3-B65C-059E4A9A8505} => pcalua.exe -a C:\Users\Alle\Downloads\avm_bluefritz!usb_v20v10_vista_xp_2000_070703.exe -d C:\Users\Alle\Downloads
Task: {615FAF9A-92CB-42FE-A462-1273B099D573} - System32\Tasks\Uninstaller_SkipUac_Fast_Alle => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {6A143DBB-5EFD-4128-977E-02F65E74042D} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-08-12] (IObit)
Task: {6B2C5DB9-EC82-4AD1-94C5-4415DC90A4BA} - \BackgroundContainer Startup Task -> Keine Datei <==== ACHTUNG
Task: {7694147B-24DA-4E01-BBE5-71F696ADE2F9} - System32\Tasks\{B434D7D4-A802-43D4-8717-85B156194DC2} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {7EFFB4D3-9E96-43AF-BE20-7834D7D98AE7} - System32\Tasks\{EBDD08B5-CA95-4879-AE3E-997F9478406A} => D:\setup.exe
Task: {7FE37B19-5E76-496B-BF2C-93AA3A72DCBD} - System32\Tasks\{7CBAB04B-F27B-42EA-977B-77A1CB54984A} => D:\setup.exe
Task: {88825158-A9F8-434A-8690-63432098E52F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {8E7F40B0-6A37-45A8-8226-8C253289C53D} - System32\Tasks\{504FD921-36C5-4EEA-BE70-AF152AA691EF} => D:\setup.exe
Task: {A6DCEBAD-A1A6-49D4-9C49-C2E0AE36D29E} - System32\Tasks\{D043FF1C-1C87-4A61-8B3D-0ED0D94FC7CD} => C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe
Task: {AFA34DB9-B1C8-4440-81F1-5B946D7E3554} - System32\Tasks\{2EDEC3F3-6A7A-4483-B0A2-8EB0F4802F74} => C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe
Task: {AFF8C46F-0F92-4435-B357-02DDEE1376F0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {B144C7D3-4F0C-4AA2-84AF-C03522AF109E} - System32\Tasks\{5643EDFD-ECCB-47CB-A5AD-5A4238A54DF3} => D:\setup.exe
Task: {BC3E9022-CC6B-4613-8186-26B3F8689BA0} - System32\Tasks\Driver Booster SkipUAC (Fast Alle) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {C9BC5D11-2D2C-448A-8C71-63E217914C17} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2007-10-11] ()
Task: {D20DBBAE-BAC9-4857-9E37-EB6FAAED66E4} - System32\Tasks\{35DF4155-E494-4601-9D0C-C1D5636F2289} => pcalua.exe -a C:\Users\Alle\Downloads\bfusb_winx64_061216.exe -d C:\Users\Alle\Downloads
Task: {D4D4A0FD-FFCF-464C-8310-283D1E1F94FD} - System32\Tasks\{F246DD81-AECD-46EE-8543-46D809E2793E} => C:\Users\Alle\Downloads\tapi721.exe [2012-11-02] ()
Task: {D54610B8-5E2F-47A4-9D81-53C59A5C1595} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-25] (Adobe Systems Incorporated)
Task: {DA3DF068-616E-421B-97F2-613DE25BF3D9} - System32\Tasks\{4F745C7B-F9B1-4911-83DD-4515C387C68F} => C:\Users\Alle\Downloads\tapi721.exe [2012-11-02] ()
Task: {E02BE1D1-1C89-4615-A44F-5DF65269B1A2} - System32\Tasks\{849A55BE-6D71-4763-8CB4-351A25E714BE} => C:\Users\Alle\Downloads\tapi721.exe [2012-11-02] ()
Task: {E70D482E-943B-4272-91E5-8AB7BC4BF9E1} - System32\Tasks\{C7196864-5020-4FC7-AF9B-80D65423C1D8} => C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe
Task: {EF0E7326-EAA4-47E4-B977-58A1072917EF} - System32\Tasks\{EF2FBB39-15B6-421B-A27C-F2AAF4EC3DEE} => C:\Program Files (x86)\Magic Partition Recovery 1.0\Magic Partition Recovery.exe [2012-07-03] (East Imperial Soft)
Task: {EF99DDB2-5A4E-4E43-A60A-206AD1725253} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
Task: {F5D9EE42-38D1-4E17-AD3A-42EFF4C58E93} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {FA408D22-1D81-43B5-9A96-65EFA9FA34C5} - System32\Tasks\{F4D83DA0-28EE-44FE-B106-4780D56B301D} => C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Fast_Alle.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-12-03 22:08 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2015-12-03 22:08 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2012-11-01 21:57 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2013-04-29 23:25 - 2013-04-29 23:25 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2009-10-22 03:49 - 2009-10-22 03:49 - 00136544 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2012-12-27 13:13 - 2009-04-02 12:27 - 00090112 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
2014-04-03 09:29 - 2013-05-28 15:16 - 00077824 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\myPWTNTService.exe
2014-03-11 06:51 - 2014-03-11 06:51 - 00130048 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32api.pyd
2014-03-11 06:48 - 2014-03-11 06:48 - 00138240 _____ () C:\Program Files\SpiderOak\shell_extension_lib\pywintypes27.dll
2014-03-11 06:55 - 2014-03-11 06:55 - 00548864 _____ () C:\Program Files\SpiderOak\shell_extension_lib\pythoncom27.dll
2014-03-11 06:50 - 2014-03-11 06:50 - 00017920 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32trace.pyd
2014-03-11 06:50 - 2014-03-11 06:50 - 00136192 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32security.pyd
2014-03-11 07:01 - 2014-03-11 07:01 - 00522752 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32com.shell.shell.pyd
2014-03-11 06:51 - 2014-03-11 06:51 - 00064000 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32evtlog.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 00112128 _____ () C:\Program Files\SpiderOak\shell_extension_lib\_ctypes.pyd
2014-03-11 06:49 - 2014-03-11 06:49 - 00149504 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32file.pyd
2014-03-11 06:50 - 2014-03-11 06:50 - 00027648 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32pipe.pyd
2014-03-11 06:49 - 2014-03-11 06:49 - 00023040 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32event.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 01067520 _____ () C:\Program Files\SpiderOak\shell_extension_lib\_hashlib.pyd
2014-03-11 06:50 - 2014-03-11 06:50 - 00045056 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32process.pyd
2014-03-11 06:51 - 2014-03-11 06:51 - 00223744 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32gui.pyd
2014-03-11 07:02 - 2014-03-11 07:02 - 00125952 _____ () C:\Program Files\SpiderOak\shell_extension_lib\win32com.propsys.propsys.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 01695232 _____ () C:\Program Files\SpiderOak\lib\_ssl.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 00047616 _____ () C:\Program Files\SpiderOak\lib\_socket.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 00059392 _____ () C:\Program Files\SpiderOak\lib\_sqlite3.pyd
2014-06-01 13:21 - 2014-06-01 13:21 - 00535040 _____ () C:\Program Files\SpiderOak\lib\sqlite3.dll
2012-09-28 21:43 - 2012-09-28 21:43 - 00025088 _____ () C:\Program Files\SpiderOak\lib\zope.interface._zope_interface_coptimizations.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00067584 _____ () C:\Program Files\SpiderOak\lib\BTrees._OOBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00022528 _____ () C:\Program Files\SpiderOak\lib\persistent.cPersistence.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00012800 _____ () C:\Program Files\SpiderOak\lib\persistent.TimeStamp.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00018944 _____ () C:\Program Files\SpiderOak\lib\persistent.cPickleCache.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 01067520 _____ () C:\Program Files\SpiderOak\lib\_hashlib.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00072192 _____ () C:\Program Files\SpiderOak\lib\BTrees._OIBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00075264 _____ () C:\Program Files\SpiderOak\lib\BTrees._IIBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00072704 _____ () C:\Program Files\SpiderOak\lib\BTrees._IOBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00075776 _____ () C:\Program Files\SpiderOak\lib\BTrees._IFBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00073728 _____ () C:\Program Files\SpiderOak\lib\BTrees._OLBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00076288 _____ () C:\Program Files\SpiderOak\lib\BTrees._LLBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00073728 _____ () C:\Program Files\SpiderOak\lib\BTrees._LOBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00076288 _____ () C:\Program Files\SpiderOak\lib\BTrees._LFBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00073216 _____ () C:\Program Files\SpiderOak\lib\BTrees._fsBTree.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00006656 _____ () C:\Program Files\SpiderOak\lib\twisted.python._initgroups.pyd
2014-03-11 06:51 - 2014-03-11 06:51 - 00130048 _____ () C:\Program Files\SpiderOak\lib\win32api.pyd
2014-03-11 06:48 - 2014-03-11 06:48 - 00138240 _____ () C:\Program Files\SpiderOak\lib\pywintypes27.dll
2012-09-28 21:42 - 2012-09-28 21:42 - 00011264 _____ () C:\Program Files\SpiderOak\lib\Crypto.Hash.SHA256.pyd
2014-03-11 06:49 - 2014-03-11 06:49 - 00149504 _____ () C:\Program Files\SpiderOak\lib\win32file.pyd
2014-10-22 07:02 - 2014-10-22 07:02 - 00024064 _____ () C:\Program Files\SpiderOak\lib\bcrypt._bcrypt.pyd
2012-09-28 21:42 - 2012-09-28 21:42 - 00010752 _____ () C:\Program Files\SpiderOak\lib\Crypto.Random.OSRNG.winrandom.pyd
2012-09-28 21:42 - 2012-09-28 21:42 - 00010752 _____ () C:\Program Files\SpiderOak\lib\Crypto.Util._counter.pyd
2012-09-28 21:42 - 2012-09-28 21:42 - 00033280 _____ () C:\Program Files\SpiderOak\lib\Crypto.Cipher.AES.pyd
2012-06-26 08:57 - 2012-06-26 08:57 - 02145792 _____ () C:\Program Files\SpiderOak\lib\PyQt4.QtCore.pyd
2012-06-26 08:48 - 2012-06-26 08:48 - 00089088 _____ () C:\Program Files\SpiderOak\lib\sip.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 00112128 _____ () C:\Program Files\SpiderOak\lib\_ctypes.pyd
2014-03-11 06:55 - 2014-03-11 06:55 - 00548864 _____ () C:\Program Files\SpiderOak\lib\pythoncom27.dll
2014-03-11 07:01 - 2014-03-11 07:01 - 00522752 _____ () C:\Program Files\SpiderOak\lib\win32com.shell.shell.pyd
2012-06-26 09:13 - 2012-06-26 09:13 - 07643648 _____ () C:\Program Files\SpiderOak\lib\PyQt4.QtGui.pyd
2012-06-26 09:16 - 2012-06-26 09:16 - 00641536 _____ () C:\Program Files\SpiderOak\lib\PyQt4.QtNetwork.pyd
2012-06-26 09:23 - 2012-06-26 09:23 - 00009216 _____ () C:\Program Files\SpiderOak\lib\PyQt4.Qt.pyd
2014-03-11 06:50 - 2014-03-11 06:50 - 00048128 _____ () C:\Program Files\SpiderOak\lib\win32inet.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 00010752 _____ () C:\Program Files\SpiderOak\lib\select.pyd
2014-06-07 21:08 - 2014-06-07 21:08 - 00069120 _____ () C:\Program Files\SpiderOak\lib\OpenSSL.crypto.pyd
2014-06-07 21:08 - 2014-06-07 21:08 - 00010240 _____ () C:\Program Files\SpiderOak\lib\OpenSSL.rand.pyd
2014-06-07 21:08 - 2014-06-07 21:08 - 00053248 _____ () C:\Program Files\SpiderOak\lib\OpenSSL.SSL.pyd
2014-03-11 06:50 - 2014-03-11 06:50 - 00045056 _____ () C:\Program Files\SpiderOak\lib\win32process.pyd
2012-09-28 21:42 - 2012-09-28 21:42 - 00059392 _____ () C:\Program Files\SpiderOak\lib\Crypto.Cipher.DES3.pyd
2012-09-28 21:42 - 2012-09-28 21:42 - 00009728 _____ () C:\Program Files\SpiderOak\lib\Crypto.Cipher.XOR.pyd
2012-09-28 21:42 - 2012-09-28 21:42 - 00008192 _____ () C:\Program Files\SpiderOak\lib\Crypto.Util.strxor.pyd
2012-09-28 21:43 - 2012-09-28 21:43 - 00007680 _____ () C:\Program Files\SpiderOak\lib\twisted.protocols._c_urlarg.pyd
2014-06-01 13:22 - 2014-06-01 13:22 - 00689664 _____ () C:\Program Files\SpiderOak\lib\unicodedata.pyd
2014-03-11 06:50 - 2014-03-11 06:50 - 00027648 _____ () C:\Program Files\SpiderOak\lib\win32pipe.pyd
2014-03-11 06:49 - 2014-03-11 06:49 - 00023040 _____ () C:\Program Files\SpiderOak\lib\win32event.pyd
2014-03-11 06:51 - 2014-03-11 06:51 - 00064000 _____ () C:\Program Files\SpiderOak\lib\win32evtlog.pyd
2014-03-11 06:50 - 2014-03-11 06:50 - 00136192 _____ () C:\Program Files\SpiderOak\lib\win32security.pyd
2014-03-11 06:51 - 2014-03-11 06:51 - 00223744 _____ () C:\Program Files\SpiderOak\lib\win32gui.pyd
2012-12-27 13:15 - 2009-06-02 17:10 - 01968640 _____ () C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe
2012-12-27 14:59 - 2009-05-25 14:56 - 05391872 _____ () C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-09-25 10:03 - 2012-09-25 10:03 - 05542400 _____ () C:\Program Files (x86)\Longshine\LCS USB Device Server\Control Center.exe
2013-04-29 23:25 - 2013-04-29 23:25 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-11 06:50 - 2014-03-11 06:50 - 00055296 _____ () C:\Program Files\SpiderOak\lib\win32console.pyd
2012-09-28 21:42 - 2012-09-28 21:42 - 00035840 _____ () C:\Program Files\SpiderOak\lib\simplejson._speedups.pyd
2012-01-14 09:31 - 2012-01-14 09:31 - 01228800 _____ () C:\Program Files\SpiderOak\lib\pycurl.pyd
2015-02-24 05:36 - 2015-02-24 05:36 - 00013824 _____ () C:\Program Files\SpiderOak\windows_dir_watcher.exe
2013-03-19 15:05 - 2013-03-19 15:05 - 00532480 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2009-10-22 03:49 - 2009-10-22 03:49 - 00423256 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2009-10-22 03:49 - 2009-10-22 03:49 - 04101472 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2009-10-22 03:49 - 2009-10-22 03:49 - 01586528 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2009-10-22 03:49 - 2009-10-22 03:49 - 00361816 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2016-12-25 23:04 - 2016-08-24 16:53 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-12-25 23:04 - 2016-08-24 16:53 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-12-25 23:04 - 2016-08-24 16:53 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-12-25 23:04 - 2016-08-24 16:53 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-07-24 21:44 - 2011-08-23 10:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2014-07-24 21:44 - 2014-02-14 09:59 - 00025600 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00479232 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\BaseFunc.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00663552 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppGlobDataAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00249856 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppUnitAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00139264 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppViewAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00339968 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppLegendAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00950272 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppPrintAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00393216 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppComModuleAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00139264 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppCurrencyAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00245760 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppTextModuleAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00221184 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\AppMessageModuleAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00548864 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\UsingProfileAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00479232 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\MediaPropertyAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00249856 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\PwtSAPComClientAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 09469952 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\PwtCalcAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 07983104 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\UnitPartAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00413696 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\PheUnitCalculationAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 02809856 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\PheUnitCalcLocalAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 01282048 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\PheUnitPartsListAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 11481088 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\PwtSalesAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00540672 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\ProdSerialNoAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00368640 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\PwtSalesReferenceAdm.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00131072 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\myPWTNetComIntProxy.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00040960 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\ADAKOM_Mfc42Res.dll
2014-04-03 09:29 - 2013-05-28 15:16 - 00019968 _____ () c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\UsingProfileAdmRes.dll
2015-10-28 21:55 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-10-28 21:55 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-10-28 21:55 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-10-28 21:55 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-12-27 13:15 - 2008-12-10 20:04 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite\Q-Button\pngio.dll
2012-12-27 13:15 - 2008-12-10 20:04 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite\Q-Button\AiNap.dll
2012-12-27 13:15 - 2008-12-10 20:04 - 00008704 _____ () C:\Program Files (x86)\ASUS\AI Suite\Q-Button\vvc.dll
2012-12-27 14:59 - 2008-12-10 20:27 - 00565248 _____ () C:\Program Files (x86)\ASUS\TurboV\pngio.dll
2012-12-27 14:59 - 2009-04-29 12:47 - 01296896 _____ () C:\Program Files (x86)\ASUS\TurboV\OcProfile.dll
2012-12-27 14:59 - 2008-12-15 20:01 - 00131072 _____ () C:\Program Files (x86)\ASUS\TurboV\TVOCLIB.DLL
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2390081207-1673913599-2541008035-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alle\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Fast Alle\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!fax.lnk => C:\Windows\pss\FRITZ!fax.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!fon.lnk => C:\Windows\pss\FRITZ!fon.lnk.CommonStartup
MSCONFIG\startupreg: BingSvc => C:\Users\Fast Alle\AppData\Local\Microsoft\BingSvc\BingSvc.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E3EF5DE3-965F-427B-857B-BCF3A457569D}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3D475D79-9761-4002-AEF4-8DD5CE6A06FE}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A8E6D116-6CD3-4701-B9C9-D24F907E3F90}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{31236F12-A0AF-4688-8069-53C86FEA01EA}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{BC80594B-6243-4234-8C50-62063B006CD9}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{BFA50A1F-620E-4D49-97D9-72A669A0FA43}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{EFD02939-D92F-45C3-86F6-6B4270E36298}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{9988932E-9E4B-4CDA-9637-6240538F1AA9}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{C76D4510-D596-4C94-8407-7F9359C38399}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{9C759675-7FB4-46F0-B648-33E1382109D9}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3EA5ABAD-B8A6-4905-B247-7C1CF9DEE09B}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{B28F2357-DD0B-40D9-A928-28FE749FF636}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{F8F82F51-C07B-4103-A9CF-60FFCDB7565C}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{21CB913F-52B6-411E-AB7C-5724ECCE4A94}] => C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{55E72C94-315F-4ED8-AA0A-4C16780C280A}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{7B6567F2-A751-412C-ACEF-13ADCECDA7C1}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{50CB08DF-350E-4F34-8EED-D3FB7B8C7C05}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{AEA4C8CB-1AAE-4E9C-990F-D0AAB2C6C5BE}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{6D213306-83DD-43D1-BD1C-88BF464750A1}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{4E7CE430-8296-4D37-9878-77C2B0675339}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{CF0FD466-F1EF-4081-BB89-0B2F1F12C8AF}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{0A38FB43-8A69-4838-825C-A2C7E98336C0}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8914105E-2825-46EA-8417-2B074FDDF773}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{9D139E86-B3BF-41A0-85DC-2093CCDECE92}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B5FC7F44-A259-4158-A6AF-12413974A77B}] => C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{2B70DD45-A4DC-425C-89ED-1BFA5BB4FB7F}] => %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{2057F0DE-30F3-4256-80A9-BDE85C94392C}] => %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{D523E606-D510-411D-A721-9E3992CCAD2F}] => %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{7314910D-CDBC-4C75-B574-84AF53D9204F}] => %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{6EEE2CCE-4776-442E-AE81-FCBEEBD0ABA5}] => %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{98EDFC19-6939-47A6-BE63-80ADDDF30375}] => %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{5FFB8E40-65ED-4CDF-94EC-9F00446E279F}] => %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C47C9045-3D58-4547-82FC-C087D3936EDA}] => %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [TCP Query User{0BF18082-1084-4190-A556-9F206C4CACF7}C:\program files (x86)\xbmc\xbmc.exe] => C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [UDP Query User{5457491C-6A46-4669-B1CE-4234898E59F7}C:\program files (x86)\xbmc\xbmc.exe] => C:\program files (x86)\xbmc\xbmc.exe
FirewallRules: [TCP Query User{3D5CAE18-2274-4DCA-885A-A640A358386A}C:\program files (x86)\streamtransport\streamtransport.exe] => C:\program files (x86)\streamtransport\streamtransport.exe
FirewallRules: [UDP Query User{DDCDD022-36C8-41FA-9FC8-2BBC468B0DB6}C:\program files (x86)\streamtransport\streamtransport.exe] => C:\program files (x86)\streamtransport\streamtransport.exe
FirewallRules: [TCP Query User{88D7FFD0-7709-49BC-B904-A8DD65F846A5}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CD59CD88-89F6-41CD-9DA9-6C4127129A62}C:\program files (x86)\java\jre7\bin\javaw.exe] => C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{CB441291-F4AD-4D58-96FD-2B57A8408983}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{D582CE14-B6D2-4C39-BEE5-ABFF54684016}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{0AF61533-EAAA-4A3D-A292-BD89486FCFAD}C:\razorworks\aphavoc\aphavoc.exe] => C:\razorworks\aphavoc\aphavoc.exe
FirewallRules: [UDP Query User{D1D6020B-DEE5-4DE5-99CB-50726E50E928}C:\razorworks\aphavoc\aphavoc.exe] => C:\razorworks\aphavoc\aphavoc.exe
FirewallRules: [TCP Query User{F7FF3C07-9693-4092-929C-9E175D78ADA5}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{04C01F92-DE5A-4AC2-888E-D27A8FE35914}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{A99E74F4-E600-47F2-A8AB-D9D5EB582FD9}] => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{3B559854-6147-4290-9043-61D211B999D5}] => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{E34661F1-B237-4096-B6AF-7F207E14A6DF}] => C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{AC377813-AD07-4D0F-82E6-10BB199F9102}] => C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{92D44886-BFF1-417F-8769-80DCB0AC2087}] => C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{3A70B47D-B87C-4473-9326-EE41FE92A659}] => C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [TCP Query User{A9718F8D-064B-4A8D-A5DB-CB89126F7AE9}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CDC1B05F-490D-4F4D-936B-327851E3F2BC}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{C432453D-118F-4009-A001-CEC07D55D6AB}C:\program files (x86)\eidos interactive\pyro studios\praetorians\praetorians.exe] => C:\program files (x86)\eidos interactive\pyro studios\praetorians\praetorians.exe
FirewallRules: [UDP Query User{7CB64D14-F141-4AD5-9C0F-C808CA745752}C:\program files (x86)\eidos interactive\pyro studios\praetorians\praetorians.exe] => C:\program files (x86)\eidos interactive\pyro studios\praetorians\praetorians.exe
FirewallRules: [{8B511B8D-65D0-44F1-8E70-98FC3C1AD6EE}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{112351AA-5A28-4E20-BA03-2B9CE8088DDA}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{77F68CBC-B0F9-49D1-8FFE-FF2E6DC14B49}] => C:\Program Files (x86)\Steam\SteamApps\common\MarchOfWar\game.exe
FirewallRules: [{0C6E7F0C-51D9-4B0B-973E-C04DD979DD9B}] => C:\Program Files (x86)\Steam\SteamApps\common\MarchOfWar\game.exe
FirewallRules: [TCP Query User{FEC95BB4-D908-4196-8823-E7B5A5AF1781}C:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => C:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
FirewallRules: [UDP Query User{B7ABE6EE-E564-497C-AAE4-EAD048C67F9E}C:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => C:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
FirewallRules: [{9D1053C7-9553-47E5-8CD3-ACC570D6CE06}] => C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E1B3BAF1-2C8F-4D17-A69E-7F29E3F1E596}] => C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{C7C3AAAD-1768-448E-AF99-D01F9126678D}C:\program files (x86)\vidalia relay bundle\tor\tor.exe] => C:\program files (x86)\vidalia relay bundle\tor\tor.exe
FirewallRules: [UDP Query User{0756A568-447C-4CA9-B637-46BCFD6EEAAE}C:\program files (x86)\vidalia relay bundle\tor\tor.exe] => C:\program files (x86)\vidalia relay bundle\tor\tor.exe
FirewallRules: [{9ACD4AA0-0F62-4971-9AA3-89B664E0E65D}] => C:\program files (x86)\vidalia relay bundle\tor\tor.exe
FirewallRules: [{2634428F-39F3-4FED-B2CA-2EC2F3728327}] => C:\program files (x86)\vidalia relay bundle\tor\tor.exe
FirewallRules: [{9A0CBA00-DBB1-4C3F-BFB1-7A8B222DE0E8}] => C:\Users\Alle\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{F522E76A-ECB3-4FB0-82C2-716E28313123}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{957A77FB-1EA1-48B0-895B-3852252F7AF3}] => LPort=2869
FirewallRules: [{A8B56080-2053-40E5-BC0D-20835256E36D}] => LPort=1900
FirewallRules: [{8A1408F3-939B-4F28-819C-E43A2A81B415}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F1AB3BBE-D9A5-4E2E-8A95-E4E8894B8095}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A13CFD7C-91B9-4C80-8477-2A2B39609472}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{56F28FDF-AB30-4A29-A451-C1C8F36DB577}] => %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{68867E54-796B-4236-8367-B6E1D0EAB378}] => C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{FDE56D74-212F-406E-8C15-43B32197AEFE}] => C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{2A1DAC61-3025-497F-B528-A941ED7ABC69}] => C:\Program Files (x86)\Steam\SteamApps\common\Age of Chivalry Dedicated Server\srcds.exe
FirewallRules: [{D9A7D254-B539-4369-9B96-AEE816E15E58}] => C:\Program Files (x86)\Steam\SteamApps\common\Age of Chivalry Dedicated Server\srcds.exe
FirewallRules: [{477CD278-47C3-493B-8FA4-A085AD8CAC2C}] => C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{D55BD178-C658-45A5-AF17-BAD9D8BE0089}] => C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{CD660634-C5B3-4BAD-8674-5D4C6991BE0B}] => C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{2706883A-FDBB-4053-9B06-2B43D0EBAA7E}] => C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{E45A0A4A-8E61-48C6-BFA7-8A63505CAF07}] => C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{EF197963-94FB-4721-ADA0-C3EA7686E8CB}] => C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{FAC72CCD-586F-4C3F-BC08-1BAF43FCB8A3}] => C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{EE0D9B82-A19A-4D9A-AE27-A86DB929B5A3}] => C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{FEAF88BC-3F1B-4763-8277-36B6B6BA0C93}] => C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{9E6189F2-F840-4214-8EAA-9B40E971E2AF}] => C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{B4B2B08A-37E6-4AC7-917D-470BD8E57961}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6A575BA-0B4E-4B0D-AD25-62B0DF9D1777}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6DACF264-2346-4DB0-BBAA-D15F21113668}C:\program files\spideroak\spideroak.exe] => C:\program files\spideroak\spideroak.exe
FirewallRules: [UDP Query User{10A72119-DF2B-49B4-A3A3-AB53201FDA66}C:\program files\spideroak\spideroak.exe] => C:\program files\spideroak\spideroak.exe
FirewallRules: [{408C580B-D015-435D-A066-905176210914}] => C:\program files\spideroak\spideroak.exe
FirewallRules: [{F932395B-A46B-4B42-B57A-8EA7EBAE4F79}] => C:\program files\spideroak\spideroak.exe
FirewallRules: [TCP Query User{A03374E3-BE78-475F-835E-0F61F5E8BD20}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F9110F98-A634-4B0C-8D83-0692BEA62848}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{989152FA-B469-4D4B-82AC-DB739FD2E53F}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2CB0BE92-F13D-47CF-9931-88025B4A46AF}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{3ECA6AE2-65BF-4D92-BCD7-301B2CDD2D80}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{0531C03D-97B3-4BEF-9994-1531A91B87B9}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{EB67E050-1118-446F-8EC5-897AC8508E28}C:\program files (x86)\wintv\wintv7\wintv7.exe] => C:\program files (x86)\wintv\wintv7\wintv7.exe
FirewallRules: [UDP Query User{1F5A2B63-82D0-4BC3-AA3F-493C2630E543}C:\program files (x86)\wintv\wintv7\wintv7.exe] => C:\program files (x86)\wintv\wintv7\wintv7.exe
FirewallRules: [{C179130D-CECE-4A2B-A946-96FE75543559}] => C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{FF2ADA44-0D28-4BC7-B3BB-E0E77A352DDD}] => C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{563BD1EA-020C-40DF-98C0-9C505370C676}] => C:\Users\Alle\AppData\Local\Apps\2.0\GVTCKWZJ.3AD\WN0XLANJ.VQC\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{17EB9FD4-FEC5-4C9B-9BBA-E1DF0B120DE5}] => C:\Users\Alle\AppData\Local\Apps\2.0\GVTCKWZJ.3AD\WN0XLANJ.VQC\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{96EB1CED-FB96-42CC-BDE6-4B6363480BD2}] => C:\Program Files (x86)\Longshine\LCS USB Device Server\Control Center.exe
FirewallRules: [{EEE11FDF-6B08-435C-803B-7030ACF2BA4C}] => C:\Program Files (x86)\Longshine\LCS USB Device Server\Control Center.exe
FirewallRules: [{20E9A403-864E-407F-9B0C-17BD0C742110}] => LPort=7425
FirewallRules: [{DE8C5DAB-B15E-439B-BEDB-7481BF7448F1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6EF7268F-85D0-4554-9FB7-AFB6274A2CA3}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{503AC960-2C98-48FE-BD0D-FEE0F973AC24}C:\windows\system32\wfs.exe] => C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{9774C413-799E-4F23-A024-E3D9FEBA005D}C:\windows\system32\wfs.exe] => C:\windows\system32\wfs.exe
FirewallRules: [TCP Query User{E84550AA-CA6B-4110-9245-BA3A2C123FD0}C:\program files (x86)\longshine\lcs usb device server\control center.exe] => C:\program files (x86)\longshine\lcs usb device server\control center.exe
FirewallRules: [UDP Query User{165505AD-B52E-4D4E-8E4E-D2E5BE5816C3}C:\program files (x86)\longshine\lcs usb device server\control center.exe] => C:\program files (x86)\longshine\lcs usb device server\control center.exe
FirewallRules: [{ECAAE4F7-109A-4D7F-9285-4380079B7A27}] => LPort=7425
FirewallRules: [{8D9B908A-A522-4C35-B03C-DD1D668EB471}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{8F855033-98E2-4A74-BE2B-3B13823F2B2E}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{9E6DBDB0-A692-402E-BEC3-E316DB06897D}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{419AE64E-0A53-4544-AC6C-9DC9FCA61644}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{30C0D738-EA54-4F20-A138-2676AE32C155}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{3FD06647-B4D8-4697-8AA4-F26A7088EF8D}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{845179E1-95CD-4F03-8AC0-D23864200CE4}] => C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{C343C314-6D42-4C74-B933-6AF8B9EE4C1E}] => C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{AD3D780B-050D-4764-A7F6-52C87298AFC5}] => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{31978542-4D03-415D-9D96-DB55888467E9}] => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{8E3DFA7E-9B60-49FB-886D-BB4ECA3FAD5E}] => C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{AFE61155-3EA0-4472-9049-ABD211E9ABE6}] => C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{38952261-3110-4751-A8F9-8FF7DB51DCBF}] => C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{F83BFB00-2B47-4E44-9330-F2E0E81AC7CA}] => C:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe

==================== Wiederherstellungspunkte =========================

20-12-2016 20:37:43 Windows Update
24-12-2016 04:21:52 Windows Update
27-12-2016 22:24:58 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft Wireless Transceiver for Bluetooth 2.0
Description: Microsoft Wireless Transceiver for Bluetooth 2.0
Class Guid: {9b21fd3a-b1ab-4eb9-956f-e56acfe78bce}
Manufacturer: IVT Corporation
Service: BTHUSB
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/30/2016 02:42:50 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (12/30/2016 02:42:50 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (12/30/2016 02:42:50 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (12/30/2016 02:42:50 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (12/30/2016 02:42:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" in Zeile 0.
Ungültige XML-Syntax.

Error: (12/30/2016 02:41:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" in Zeile 0.
Ungültige XML-Syntax.

Error: (12/30/2016 02:40:31 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (12/30/2016 02:40:31 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (12/30/2016 02:40:31 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (12/30/2016 02:40:31 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)


Systemfehler:
=============
Error: (12/30/2016 02:42:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.

Error: (12/30/2016 02:42:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/30/2016 02:40:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/30/2016 02:40:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (12/30/2016 02:40:34 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Bei DCOM ist der Fehler "1053" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/30/2016 02:40:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 5 Mal passiert.

Error: (12/30/2016 02:40:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/30/2016 02:39:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.

Error: (12/30/2016 02:39:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/30/2016 02:39:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-12-30 14:36:40.770
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 14:36:40.425
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 14:36:27.799
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 14:36:27.612
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 14:04:13.139
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 14:04:12.747
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 14:04:00.775
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 14:04:00.585
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 13:54:56.513
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-30 13:54:56.344
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X4 965 Processor
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 5111.68 MB
Verfügbarer physikalischer RAM: 2790.89 MB
Summe virtueller Speicher: 10221.55 MB
Verfügbarer virtueller Speicher: 7233.68 MB

==================== Laufwerke ================================

Drive b: (RAID 2) (Fixed) (Total:651.92 GB) (Free:271.49 GB) NTFS
Drive c: (RAID 1) (Fixed) (Total:279.3 GB) (Free:13.36 GB) NTFS
Drive f: (PHONE CARD) (Removable) (Total:0.12 GB) (Free:0.11 GB) FAT

==================== MBR & Partitionstabelle ==================

==================== Ende von Addition.txt ============================
         

+++ WICHTIGER HINWEIS +++

Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?



Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

Hallo und Guten Abend,

erst mal Allen ein gutes neues Jahr 2017!

@Cosinus:
- Regeln verstanden, Das System soll keinerlei nicht abgeprochene Änderungen während der Anayse & Reinigung erfahren.
- Avira ist komplett entfernt incl. Neustart.

Danke und Gruß!

1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
• Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Guten Abend,
Ergebnis 1. Schritt: mbar hat keine Malware gefunden, kein Logfile erstellt. Zumindest hab ich nichts gefunden im Desktop.

Schritt 2: Objekte gefunden, Reportfile s. unten.

Gruß,

Code: Alles auswählenAufklappen

ATTFilter

21:02:30.0664 0x0974  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
21:02:33.0854 0x0974  ============================================================
21:02:33.0854 0x0974  Current date / time: 2017/01/02 21:02:33.0854
21:02:33.0854 0x0974  SystemInfo:
21:02:33.0854 0x0974  
21:02:33.0854 0x0974  OS Version: 6.1.7601 ServicePack: 1.0
21:02:33.0854 0x0974  Product type: Workstation
21:02:33.0854 0x0974  ComputerName: AMD-GARDEROBE
21:02:33.0854 0x0974  UserName: Fast Alle
21:02:33.0854 0x0974  Windows directory: C:\Windows
21:02:33.0854 0x0974  System windows directory: C:\Windows
21:02:33.0854 0x0974  Running under WOW64
21:02:33.0854 0x0974  Processor architecture: Intel x64
21:02:33.0854 0x0974  Number of processors: 4
21:02:33.0854 0x0974  Page size: 0x1000
21:02:33.0854 0x0974  Boot type: Normal boot
21:02:33.0854 0x0974  CodeIntegrityOptions = 0x00000001
21:02:33.0854 0x0974  ============================================================
21:02:33.0922 0x0974  KLMD registered as C:\Windows\system32\drivers\79382181.sys
21:02:33.0922 0x0974  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
21:02:34.0196 0x0974  System UUID: {50C657FD-3894-A2E9-E0C9-ABF23D346ABF}
21:02:34.0472 0x0974  Drive \Device\Harddisk0\DR0 - Size: 0x45D9640000 ( 279.40 Gb ), SectorSize: 0x200, Cylinders: 0x8E78, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:02:34.0473 0x0974  Drive \Device\Harddisk1\DR1 - Size: 0xA2FB400000 ( 651.93 Gb ), SectorSize: 0x200, Cylinders: 0x14C6F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:02:34.0510 0x0974  ============================================================
21:02:34.0510 0x0974  \Device\Harddisk0\DR0:
21:02:34.0526 0x0974  MBR partitions:
21:02:34.0526 0x0974  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:02:34.0526 0x0974  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x22E98000
21:02:34.0526 0x0974  \Device\Harddisk1\DR1:
21:02:34.0526 0x0974  MBR partitions:
21:02:34.0526 0x0974  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x517D8800
21:02:34.0526 0x0974  ============================================================
21:02:34.0593 0x0974  C: <-> \Device\Harddisk0\DR0\Partition2
21:02:34.0682 0x0974  B: <-> \Device\Harddisk1\DR1\Partition1
21:02:34.0683 0x0974  ============================================================
21:02:34.0683 0x0974  Initialize success
21:02:34.0683 0x0974  ============================================================
21:02:56.0829 0x19d4  ============================================================
21:02:56.0829 0x19d4  Scan started
21:02:56.0829 0x19d4  Mode: Manual; SigCheck; TDLFS; 
21:02:56.0829 0x19d4  ============================================================
21:02:56.0830 0x19d4  KSN ping started
21:03:07.0921 0x19d4  KSN ping finished: true
21:03:08.0528 0x19d4  ================ Scan system memory ========================
21:03:08.0528 0x19d4  System memory - ok
21:03:08.0529 0x19d4  ================ Scan services =============================
21:03:08.0697 0x19d4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:03:08.0745 0x19d4  1394ohci - ok
21:03:08.0769 0x19d4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:03:08.0781 0x19d4  ACPI - ok
21:03:08.0789 0x19d4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:03:08.0799 0x19d4  AcpiPmi - ok
21:03:08.0882 0x19d4  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:03:08.0913 0x19d4  AdobeARMservice - ok
21:03:09.0043 0x19d4  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:03:09.0075 0x19d4  AdobeFlashPlayerUpdateSvc - ok
21:03:09.0111 0x19d4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:03:09.0135 0x19d4  adp94xx - ok
21:03:09.0158 0x19d4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:03:09.0176 0x19d4  adpahci - ok
21:03:09.0190 0x19d4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:03:09.0200 0x19d4  adpu320 - ok
21:03:09.0340 0x19d4  [ 33D7E76F7DE0A73504742765105F178F, E7AFE2D6C3001CA8DC5AAC1A058032CED4D8EA640FC7322D74FF9AE4133A6261 ] AdvancedSystemCareService8 C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
21:03:09.0370 0x19d4  AdvancedSystemCareService8 - ok
21:03:09.0390 0x19d4  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:03:09.0399 0x19d4  AeLookupSvc - ok
21:03:09.0432 0x19d4  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
21:03:09.0447 0x19d4  AFD - ok
21:03:09.0469 0x19d4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:03:09.0477 0x19d4  agp440 - ok
21:03:09.0513 0x19d4  [ 1655CA3A16D62E3C153942D2145C75E8, 237DA4280626226057BAD0BAAEAE149344D6729B6B9780AEE10FFBDCBED11108 ] ahcix64         C:\Windows\system32\DRIVERS\ahcix64.sys
21:03:09.0533 0x19d4  ahcix64 - ok
21:03:09.0558 0x19d4  [ 59530EC8EA069CE693CA32D914F61FA2, 4A3BCAEC0C4F9653FEC713E5C64198142ACDB62CD6605512DE1AA61BBBB578BC ] ahcix64s        C:\Windows\system32\DRIVERS\ahcix64s.sys
21:03:09.0569 0x19d4  ahcix64s - ok
21:03:09.0592 0x19d4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:03:09.0601 0x19d4  ALG - ok
21:03:09.0631 0x19d4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:03:09.0638 0x19d4  aliide - ok
21:03:09.0690 0x19d4  [ DDEA39A56B801A675E118429AF6A30D2, D61A702E8777514A6926D1D5EB180F33C6317871013B355E7C17FE37C14C5D7F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:03:09.0714 0x19d4  AMD External Events Utility - ok
21:03:09.0749 0x19d4  AMD FUEL Service - ok
21:03:09.0767 0x19d4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:03:09.0777 0x19d4  amdide - ok
21:03:09.0809 0x19d4  [ 35D34AD337A1AC46F74C3377B4CCA88E, 046695BDF540EDCA87C36EDC725615ACA99DA57558A54CAC1B49F245D702B406 ] amdide64        C:\Windows\system32\DRIVERS\amdide64.sys
21:03:09.0817 0x19d4  amdide64 - ok
21:03:09.0844 0x19d4  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
21:03:09.0853 0x19d4  amdiox64 - ok
21:03:09.0875 0x19d4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:03:09.0886 0x19d4  AmdK8 - ok
21:03:10.0228 0x19d4  [ 7F2BDD27F3611041D6B0D6C565A748A7, F74A3589253AAEDAFB15D5C439771339FC3B78B1CE51409A630822B653D4885D ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:03:10.0464 0x19d4  amdkmdag - ok
21:03:10.0512 0x19d4  [ 8E2A3479CF4E871F37D0F023692E6694, BE995D5679ABEF800E24208A068C44A10607305A8C328FF29A11DCAAB4D18FBB ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:03:10.0526 0x19d4  amdkmdap - ok
21:03:10.0549 0x19d4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:03:10.0556 0x19d4  AmdPPM - ok
21:03:10.0589 0x19d4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:03:10.0598 0x19d4  amdsata - ok
21:03:10.0622 0x19d4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:03:10.0632 0x19d4  amdsbs - ok
21:03:10.0646 0x19d4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:03:10.0652 0x19d4  amdxata - ok
21:03:10.0715 0x19d4  [ 98A727EEDECAA3869B0BE6131647B648, 922D21C9F8876B68A4E984FB748F11E61CF91AF052B99B93B8CCC538B62E2736 ] AMD_RAIDXpert   C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
21:03:10.0727 0x19d4  AMD_RAIDXpert - detected UnsignedFile.Multi.Generic ( 1 )
21:03:10.0835 0x19d4  Detect skipped due to KSN trusted
21:03:10.0835 0x19d4  AMD_RAIDXpert - ok
21:03:10.0882 0x19d4  [ 43ED1D08C19626688DB34F63E55114FB, 3C11DEC1571253594D64619D8EFC8C0212897BE84A75A8646C578E665F58BF5D ] AODDriver       C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys
21:03:10.0900 0x19d4  AODDriver - ok
21:03:10.0928 0x19d4  [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:03:10.0948 0x19d4  AODDriver4.1 - ok
21:03:10.0970 0x19d4  [ 89122A637C5C90B0F9F05FF3ABEA843A, 6F06D53BFDD28F92F9F0CFD9C50A4E72DFC772D6A62C670CD7B38BC0BA4B04F4 ] AODService      C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
21:03:10.0980 0x19d4  AODService - ok
21:03:11.0010 0x19d4  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
21:03:11.0022 0x19d4  AppID - ok
21:03:11.0036 0x19d4  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:03:11.0046 0x19d4  AppIDSvc - ok
21:03:11.0065 0x19d4  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
21:03:11.0077 0x19d4  Appinfo - ok
21:03:11.0102 0x19d4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:03:11.0113 0x19d4  AppMgmt - ok
21:03:11.0125 0x19d4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:03:11.0133 0x19d4  arc - ok
21:03:11.0143 0x19d4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:03:11.0151 0x19d4  arcsas - ok
21:03:11.0203 0x19d4  [ A82C01606DC27D05D9D3BFB6BB807E32, CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
21:03:11.0209 0x19d4  AsIO - ok
21:03:11.0296 0x19d4  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:03:11.0325 0x19d4  aspnet_state - ok
21:03:11.0389 0x19d4  [ E781164C7D47950E3D218C84B2901CB2, D9A62D28DFE41E34C3D9F3F53722F7DE419D709E9D1FC4B8CDFC970ADC1A8FC9 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
21:03:11.0403 0x19d4  AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
21:03:11.0467 0x19d4  Detect skipped due to KSN trusted
21:03:11.0467 0x19d4  AsSysCtrlService - ok
21:03:11.0484 0x19d4  [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
21:03:11.0505 0x19d4  AsUpIO - ok
21:03:11.0519 0x19d4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:03:11.0558 0x19d4  AsyncMac - ok
21:03:11.0580 0x19d4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:03:11.0586 0x19d4  atapi - ok
21:03:11.0614 0x19d4  [ EE672EACF3CBEDAB390E0655BF5A11AB, DFAFB55584CED9ECF499067D113F81BE51D492627FD36784C4BED06AE0BECC52 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:03:11.0628 0x19d4  AtiHDAudioService - ok
21:03:11.0645 0x19d4  [ 38467FF83C2B4265D51F418812A91E3C, 93F3C16E3B97EDBE7315CC9B9008D2B77D658EBFF14ECB184D521373E0B193D0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
21:03:11.0652 0x19d4  AtiHdmiService - ok
21:03:11.0970 0x19d4  [ 7F2BDD27F3611041D6B0D6C565A748A7, F74A3589253AAEDAFB15D5C439771339FC3B78B1CE51409A630822B653D4885D ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:03:12.0205 0x19d4  atikmdag - ok
21:03:12.0244 0x19d4  [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
21:03:12.0249 0x19d4  AtiPcie - ok
21:03:12.0322 0x19d4  [ 4AEF9EC86818375495FB78CA58DF4E18, 0565888F798FAB86091E7A7D8E1D583DF3CC5756A12ACF04987C67C14E360DFB ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
21:03:12.0344 0x19d4  atksgt - detected UnsignedFile.Multi.Generic ( 1 )
21:03:12.0443 0x19d4  Detect skipped due to KSN trusted
21:03:12.0443 0x19d4  atksgt - ok
21:03:12.0517 0x19d4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:03:12.0547 0x19d4  AudioEndpointBuilder - ok
21:03:12.0564 0x19d4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:03:12.0583 0x19d4  AudioSrv - ok
21:03:12.0615 0x19d4  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura         C:\Windows\system32\DRIVERS\avmaura.sys
21:03:12.0623 0x19d4  avmaura - ok
21:03:12.0645 0x19d4  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys
21:03:12.0655 0x19d4  AVMCOWAN - ok
21:03:12.0713 0x19d4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:03:12.0740 0x19d4  AxInstSV - ok
21:03:12.0777 0x19d4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:03:12.0796 0x19d4  b06bdrv - ok
21:03:12.0822 0x19d4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:03:12.0834 0x19d4  b57nd60a - ok
21:03:12.0878 0x19d4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:03:12.0907 0x19d4  BDESVC - ok
21:03:12.0918 0x19d4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:03:12.0946 0x19d4  Beep - ok
21:03:12.0998 0x19d4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:03:13.0018 0x19d4  BFE - ok
21:03:13.0047 0x19d4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:03:13.0085 0x19d4  BITS - ok
21:03:13.0102 0x19d4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:03:13.0109 0x19d4  blbdrive - ok
21:03:13.0130 0x19d4  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:03:13.0139 0x19d4  bowser - ok
21:03:13.0147 0x19d4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:03:13.0155 0x19d4  BrFiltLo - ok
21:03:13.0162 0x19d4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:03:13.0170 0x19d4  BrFiltUp - ok
21:03:13.0202 0x19d4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:03:13.0211 0x19d4  Browser - ok
21:03:13.0229 0x19d4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:03:13.0241 0x19d4  Brserid - ok
21:03:13.0255 0x19d4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:03:13.0264 0x19d4  BrSerWdm - ok
21:03:13.0273 0x19d4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:03:13.0282 0x19d4  BrUsbMdm - ok
21:03:13.0290 0x19d4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:03:13.0297 0x19d4  BrUsbSer - ok
21:03:13.0326 0x19d4  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
21:03:13.0350 0x19d4  BthEnum - ok
21:03:13.0368 0x19d4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:03:13.0382 0x19d4  BTHMODEM - ok
21:03:13.0410 0x19d4  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:03:13.0426 0x19d4  BthPan - ok
21:03:13.0470 0x19d4  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:03:13.0489 0x19d4  BTHPORT - ok
21:03:13.0500 0x19d4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:03:13.0525 0x19d4  bthserv - ok
21:03:13.0545 0x19d4  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:03:13.0552 0x19d4  BTHUSB - ok
21:03:13.0572 0x19d4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:03:13.0596 0x19d4  cdfs - ok
21:03:13.0626 0x19d4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:03:13.0635 0x19d4  cdrom - ok
21:03:13.0663 0x19d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:03:13.0686 0x19d4  CertPropSvc - ok
21:03:13.0755 0x19d4  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:03:13.0768 0x19d4  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
21:03:13.0927 0x19d4  chip1click ( UnsignedFile.Multi.Generic ) - warning
21:03:13.0927 0x19d4  Force sending object to P2P due to detect: chip1click
21:03:14.0094 0x19d4  Object send P2P result: true
21:03:14.0225 0x19d4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:03:14.0259 0x19d4  circlass - ok
21:03:14.0285 0x19d4  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
21:03:14.0305 0x19d4  CLFS - ok
21:03:14.0353 0x19d4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:03:14.0381 0x19d4  clr_optimization_v2.0.50727_32 - ok
21:03:14.0410 0x19d4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:03:14.0422 0x19d4  clr_optimization_v2.0.50727_64 - ok
21:03:14.0463 0x19d4  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:03:14.0479 0x19d4  clr_optimization_v4.0.30319_32 - ok
21:03:14.0509 0x19d4  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:03:14.0525 0x19d4  clr_optimization_v4.0.30319_64 - ok
21:03:14.0530 0x19d4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:03:14.0537 0x19d4  CmBatt - ok
21:03:14.0560 0x19d4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:03:14.0567 0x19d4  cmdide - ok
21:03:14.0593 0x19d4  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:03:14.0612 0x19d4  CNG - ok
21:03:14.0626 0x19d4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:03:14.0633 0x19d4  Compbatt - ok
21:03:14.0660 0x19d4  [ 0C5B0DF7EF9F719EBAE9F8FE70E083A9, 3C21F5688D7EF748B7D48625E85FB9D5A6A4ABCE1939AF4D6993D3AD5CE71FD2 ] CompFilter64    C:\Windows\system32\DRIVERS\lvbflt64.sys
21:03:14.0666 0x19d4  CompFilter64 - ok
21:03:14.0686 0x19d4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:03:14.0695 0x19d4  CompositeBus - ok
21:03:14.0699 0x19d4  COMSysApp - ok
21:03:14.0707 0x19d4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:03:14.0713 0x19d4  crcdisk - ok
21:03:14.0731 0x19d4  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:03:14.0742 0x19d4  CryptSvc - ok
21:03:14.0762 0x19d4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:03:14.0778 0x19d4  CSC - ok
21:03:14.0802 0x19d4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:03:14.0821 0x19d4  CscService - ok
21:03:14.0858 0x19d4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:03:14.0875 0x19d4  DcomLaunch - ok
21:03:14.0900 0x19d4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:03:14.0928 0x19d4  defragsvc - ok
21:03:14.0938 0x19d4  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:03:14.0947 0x19d4  DfsC - ok
21:03:14.0965 0x19d4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:03:14.0977 0x19d4  Dhcp - ok
21:03:15.0091 0x19d4  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:03:15.0128 0x19d4  DiagTrack - ok
21:03:15.0239 0x19d4  [ BB5B80616BD01A9C59BF1D52BA238EDA, 8168F38127EC955B25AD4EF61081D86473E4959F797F68055E6210080EFEFF9F ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
21:03:15.0271 0x19d4  DigitalWave.Update.Service - ok
21:03:15.0317 0x19d4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:03:15.0363 0x19d4  discache - ok
21:03:15.0421 0x19d4  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
21:03:15.0453 0x19d4  Disk - ok
21:03:15.0498 0x19d4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:03:15.0525 0x19d4  Dnscache - ok
21:03:15.0559 0x19d4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:03:15.0597 0x19d4  dot3svc - ok
21:03:15.0639 0x19d4  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:03:15.0650 0x19d4  Dot4 - ok
21:03:15.0680 0x19d4  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:03:15.0688 0x19d4  Dot4Print - ok
21:03:15.0715 0x19d4  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:03:15.0724 0x19d4  dot4usb - ok
21:03:15.0756 0x19d4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:03:15.0780 0x19d4  DPS - ok
21:03:15.0814 0x19d4  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:03:15.0827 0x19d4  drmkaud - ok
21:03:15.0880 0x19d4  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:03:15.0905 0x19d4  DXGKrnl - ok
21:03:15.0929 0x19d4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:03:15.0953 0x19d4  EapHost - ok
21:03:16.0041 0x19d4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:03:16.0109 0x19d4  ebdrv - ok
21:03:16.0136 0x19d4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS             C:\Windows\System32\lsass.exe
21:03:16.0143 0x19d4  EFS - ok
21:03:16.0215 0x19d4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:03:16.0243 0x19d4  ehRecvr - ok
21:03:16.0268 0x19d4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:03:16.0277 0x19d4  ehSched - ok
21:03:16.0330 0x19d4  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
21:03:16.0356 0x19d4  ElbyCDIO - ok
21:03:16.0383 0x19d4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:03:16.0401 0x19d4  elxstor - ok
21:03:16.0421 0x19d4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:03:16.0428 0x19d4  ErrDev - ok
21:03:16.0466 0x19d4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:03:16.0496 0x19d4  EventSystem - ok
21:03:16.0533 0x19d4  [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
21:03:16.0543 0x19d4  ewusbnet - ok
21:03:16.0554 0x19d4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:03:16.0580 0x19d4  exfat - ok
21:03:16.0630 0x19d4  Fabs - ok
21:03:16.0658 0x19d4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:03:16.0694 0x19d4  fastfat - ok
21:03:16.0738 0x19d4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:03:16.0758 0x19d4  Fax - ok
21:03:16.0773 0x19d4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:03:16.0780 0x19d4  fdc - ok
21:03:16.0790 0x19d4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:03:16.0813 0x19d4  fdPHost - ok
21:03:16.0824 0x19d4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:03:16.0848 0x19d4  FDResPub - ok
21:03:16.0858 0x19d4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:03:16.0866 0x19d4  FileInfo - ok
21:03:16.0877 0x19d4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:03:16.0900 0x19d4  Filetrace - ok
21:03:17.0027 0x19d4  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
21:03:17.0084 0x19d4  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
21:03:17.0173 0x19d4  Detect skipped due to KSN trusted
21:03:17.0174 0x19d4  FirebirdServerMAGIXInstance - ok
21:03:17.0204 0x19d4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:03:17.0229 0x19d4  flpydisk - ok
21:03:17.0246 0x19d4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:03:17.0262 0x19d4  FltMgr - ok
21:03:17.0312 0x19d4  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
21:03:17.0342 0x19d4  FontCache - ok
21:03:17.0390 0x19d4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:03:17.0411 0x19d4  FontCache3.0.0.0 - ok
21:03:17.0470 0x19d4  [ CE7593C10A04D08F9B043890216F5728, 21E4AD5643BCDCB811E49C74F682672032A603078EDD80DE6E37249C9A005407 ] FPCIBASE        C:\Windows\system32\DRIVERS\fpcibase.sys
21:03:17.0495 0x19d4  FPCIBASE - ok
21:03:17.0507 0x19d4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:03:17.0515 0x19d4  FsDepends - ok
21:03:17.0549 0x19d4  [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:03:17.0559 0x19d4  fssfltr - ok
21:03:17.0671 0x19d4  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:03:17.0710 0x19d4  fsssvc - ok
21:03:17.0730 0x19d4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:03:17.0737 0x19d4  Fs_Rec - ok
21:03:17.0780 0x19d4  [ 62EC4CD5F2D14A2ECF21B163D7B70778, D8352D3929F9B620C97D5EFE07DA95386E5F0EFD2E84E5C552B50A6DB2A7DD32 ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
21:03:17.0807 0x19d4  FTDIBUS - ok
21:03:17.0828 0x19d4  [ AFD2AF07AEC7177A73B736C5203E61CC, 6E6A0AE367A008756871A5D070B9C7820CFC7A01A1517A5FB794D2DB90B429C0 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
21:03:17.0842 0x19d4  FTSER2K - ok
21:03:17.0870 0x19d4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:03:17.0889 0x19d4  fvevol - ok
21:03:17.0909 0x19d4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:03:17.0916 0x19d4  gagp30kx - ok
21:03:17.0938 0x19d4  [ 2D15E93C8836D8F834695419E33EAB38, 86CC7FC465512BE3B957DAA9C95F1063A22FABF59F130D0F18360B92A077D105 ] GeneStor        C:\Windows\system32\DRIVERS\GeneStor.sys
21:03:17.0946 0x19d4  GeneStor - ok
21:03:17.0969 0x19d4  [ 16C2A6BCDDA8952C2035DEC861492A19, 9023CD3A2C1009786A48EF7FBCC97ED1724C836279424A4D465CCE1AFA2DBDDA ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
21:03:17.0975 0x19d4  ggflt - ok
21:03:17.0987 0x19d4  [ 6B503DF845EABF3457E49FBBDA26C10E, A1553E3822EDEA26D8E67FCC7F9EA40DFBED49EC92FD5674AAF938F2D58CF964 ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
21:03:17.0993 0x19d4  ggsemc - ok
21:03:18.0025 0x19d4  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
21:03:18.0047 0x19d4  gpsvc - ok
21:03:18.0149 0x19d4  [ 237197AA5D1E807F2F2AE44284536378, B295599AFA99B2C72EA50D85D64BBA6EE893F8B347C964AF9A10D1D3773BF7D2 ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
21:03:18.0180 0x19d4  HauppaugeTVServer - detected UnsignedFile.Multi.Generic ( 1 )
21:03:18.0248 0x19d4  Detect skipped due to KSN trusted
21:03:18.0248 0x19d4  HauppaugeTVServer - ok
21:03:18.0297 0x19d4  [ 751B5EBE3FDC5AC1B5426AB77A931C5F, 5BD251F1BEA795D9F2D3D8CF71DD93AC6B5F79EB0894E6F712B4FE62F17E5A47 ] hcw95bda        C:\Windows\system32\Drivers\hcw95bda.sys
21:03:18.0319 0x19d4  hcw95bda - ok
21:03:18.0355 0x19d4  [ 6E43254492B7BC233DBB13317FD0F43B, 330C4FDE0F6684DC6E2B8ADEF85D255FBFA24B573C562A4640A08D7A65B673AC ] hcw95rc         C:\Windows\system32\DRIVERS\hcw95rc.sys
21:03:18.0361 0x19d4  hcw95rc - ok
21:03:18.0398 0x19d4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:03:18.0413 0x19d4  HdAudAddService - ok
21:03:18.0454 0x19d4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:03:18.0465 0x19d4  HDAudBus - ok
21:03:18.0474 0x19d4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:03:18.0481 0x19d4  HidBatt - ok
21:03:18.0504 0x19d4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:03:18.0514 0x19d4  HidBth - ok
21:03:18.0519 0x19d4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:03:18.0528 0x19d4  HidIr - ok
21:03:18.0545 0x19d4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:03:18.0568 0x19d4  hidserv - ok
21:03:18.0589 0x19d4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:03:18.0596 0x19d4  HidUsb - ok
21:03:18.0622 0x19d4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:03:18.0646 0x19d4  hkmsvc - ok
21:03:18.0669 0x19d4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:03:18.0680 0x19d4  HomeGroupListener - ok
21:03:18.0702 0x19d4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:03:18.0712 0x19d4  HomeGroupProvider - ok
21:03:18.0804 0x19d4  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:03:18.0823 0x19d4  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
21:03:18.0892 0x19d4  Detect skipped due to KSN trusted
21:03:18.0893 0x19d4  hpqcxs08 - ok
21:03:18.0945 0x19d4  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:03:18.0962 0x19d4  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
21:03:19.0032 0x19d4  Detect skipped due to KSN trusted
21:03:19.0032 0x19d4  hpqddsvc - ok
21:03:19.0054 0x19d4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:03:19.0084 0x19d4  HpSAMD - ok
21:03:19.0134 0x19d4  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:03:19.0161 0x19d4  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
21:03:19.0225 0x19d4  Detect skipped due to KSN trusted
21:03:19.0226 0x19d4  HPSLPSVC - ok
21:03:19.0301 0x19d4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:03:19.0333 0x19d4  HTTP - ok
21:03:19.0367 0x19d4  [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:03:19.0379 0x19d4  hwdatacard - ok
21:03:20.0030 0x19d4  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
21:03:20.0050 0x19d4  HWiNFO32 - ok
21:03:20.0058 0x19d4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:03:20.0068 0x19d4  hwpolicy - ok
21:03:20.0095 0x19d4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:03:20.0107 0x19d4  i8042prt - ok
21:03:20.0134 0x19d4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:03:20.0154 0x19d4  iaStorV - ok
21:03:20.0204 0x19d4  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:03:20.0209 0x19d4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:03:20.0291 0x19d4  Detect skipped due to KSN trusted
21:03:20.0291 0x19d4  IDriverT - ok
21:03:20.0357 0x19d4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:03:20.0388 0x19d4  idsvc - ok
21:03:20.0405 0x19d4  IEEtwCollectorService - ok
21:03:20.0430 0x19d4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:03:20.0437 0x19d4  iirsp - ok
21:03:20.0466 0x19d4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:03:20.0489 0x19d4  IKEEXT - ok
21:03:20.0527 0x19d4  [ E9857F4C30CCD4FEECF2B33EF3D6DCDB, 9613CE083EA7AD507ACA8DED5EF5BF20E39BD5C442BC855DFC9FE323F4F516CA ] IMFFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys
21:03:20.0549 0x19d4  IMFFilter - ok
21:03:20.0729 0x19d4  [ 3D2A18B6CC394B1C936DBBFBE6CD2BB1, 7B889F67061B3AA1B03F7008E2FB8F70B5948D4D0F62B74BB56E319B1FABD88A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:03:20.0824 0x19d4  IntcAzAudAddService - ok
21:03:20.0856 0x19d4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:03:20.0879 0x19d4  intelide - ok
21:03:20.0908 0x19d4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:03:20.0920 0x19d4  intelppm - ok
21:03:20.0944 0x19d4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:03:20.0979 0x19d4  IPBusEnum - ok
21:03:21.0010 0x19d4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:03:21.0060 0x19d4  IpFilterDriver - ok
21:03:21.0090 0x19d4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:03:21.0107 0x19d4  iphlpsvc - ok
21:03:21.0121 0x19d4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:03:21.0129 0x19d4  IPMIDRV - ok
21:03:21.0141 0x19d4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:03:21.0165 0x19d4  IPNAT - ok
21:03:21.0181 0x19d4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:03:21.0190 0x19d4  IRENUM - ok
21:03:21.0199 0x19d4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:03:21.0206 0x19d4  isapnp - ok
21:03:21.0229 0x19d4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:03:21.0240 0x19d4  iScsiPrt - ok
21:03:21.0268 0x19d4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:03:21.0275 0x19d4  kbdclass - ok
21:03:21.0282 0x19d4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:03:21.0290 0x19d4  kbdhid - ok
21:03:21.0302 0x19d4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso          C:\Windows\system32\lsass.exe
21:03:21.0310 0x19d4  KeyIso - ok
21:03:21.0334 0x19d4  [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:03:21.0342 0x19d4  KSecDD - ok
21:03:21.0358 0x19d4  [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:03:21.0367 0x19d4  KSecPkg - ok
21:03:21.0378 0x19d4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:03:21.0401 0x19d4  ksthunk - ok
21:03:21.0426 0x19d4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:03:21.0457 0x19d4  KtmRm - ok
21:03:21.0503 0x19d4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:03:21.0550 0x19d4  LanmanServer - ok
21:03:21.0574 0x19d4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:03:21.0599 0x19d4  LanmanWorkstation - ok
21:03:21.0653 0x19d4  [ B658B7076B1ACAA5876524595630F183, 3B800B81D0966C2B988857847F35FCA5BB446B368063B10094FB4483A1508B8E ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
21:03:21.0662 0x19d4  lirsgt - detected UnsignedFile.Multi.Generic ( 1 )
21:03:21.0750 0x19d4  Detect skipped due to KSN trusted
21:03:21.0750 0x19d4  lirsgt - ok
21:03:21.0893 0x19d4  [ F17BEE9DE55D99BD4F5CA7C6667A425F, 740D946F12297B3711801BA0121D3137E5A1AC60BA693AB2172C5BA57AC66DFC ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
21:03:21.0956 0x19d4  LiveUpdateSvc - ok
21:03:21.0983 0x19d4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:03:22.0007 0x19d4  lltdio - ok
21:03:22.0031 0x19d4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:03:22.0060 0x19d4  lltdsvc - ok
21:03:22.0072 0x19d4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:03:22.0096 0x19d4  lmhosts - ok
21:03:22.0124 0x19d4  [ B3509057024874A853FBB4497E4B5F5A, 038D39E6FE78D71A1D46609E295D2E8A52ED5055D90B9C2888A67D9EE3633E04 ] LongshineUDSMBus C:\Windows\syswow64\Drivers\LongshineUDSMBus.sys
21:03:22.0132 0x19d4  LongshineUDSMBus - ok
21:03:22.0164 0x19d4  [ 85827E785F5BD6BB56953811503F6EE7, F7B563A1BAC9B335E8A6010CC787B47A30F2985B0A089BF0B2AB98BBFA0104E2 ] LongshineUDSTcpBus C:\Windows\syswow64\Drivers\LongshineUDSTcpBus.sys
21:03:22.0173 0x19d4  LongshineUDSTcpBus - ok
21:03:22.0197 0x19d4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:03:22.0206 0x19d4  LSI_FC - ok
21:03:22.0215 0x19d4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:03:22.0224 0x19d4  LSI_SAS - ok
21:03:22.0235 0x19d4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:03:22.0243 0x19d4  LSI_SAS2 - ok
21:03:22.0249 0x19d4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:03:22.0258 0x19d4  LSI_SCSI - ok
21:03:22.0269 0x19d4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:03:22.0294 0x19d4  luafv - ok
21:03:22.0352 0x19d4  [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
21:03:22.0374 0x19d4  LVPr2M64 - ok
21:03:22.0418 0x19d4  [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
21:03:22.0436 0x19d4  LVRS64 - ok
21:03:22.0472 0x19d4  [ 6562FCEE704F14C05F5338B147D67A16, 20DCE7B08C745FFE455327E05CC489858ACB89814DA66618D2B554283908D3D8 ] LVUSBS64        C:\Windows\system32\DRIVERS\LVUSBS64.sys
21:03:22.0478 0x19d4  LVUSBS64 - ok
21:03:22.0604 0x19d4  [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:03:22.0700 0x19d4  LVUVC64 - ok
21:03:22.0731 0x19d4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:03:22.0740 0x19d4  Mcx2Svc - ok
21:03:22.0760 0x19d4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:03:22.0768 0x19d4  megasas - ok
21:03:22.0787 0x19d4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:03:22.0799 0x19d4  MegaSR - ok
21:03:22.0816 0x19d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:03:22.0841 0x19d4  MMCSS - ok
21:03:22.0855 0x19d4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:03:22.0878 0x19d4  Modem - ok
21:03:22.0903 0x19d4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:03:22.0912 0x19d4  monitor - ok
21:03:22.0928 0x19d4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:03:22.0936 0x19d4  mouclass - ok
21:03:22.0953 0x19d4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:03:22.0961 0x19d4  mouhid - ok
21:03:22.0979 0x19d4  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:03:22.0987 0x19d4  mountmgr - ok
21:03:23.0030 0x19d4  [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:03:23.0040 0x19d4  MozillaMaintenance - ok
21:03:23.0050 0x19d4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:03:23.0060 0x19d4  mpio - ok
21:03:23.0072 0x19d4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:03:23.0096 0x19d4  mpsdrv - ok
21:03:23.0178 0x19d4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:03:23.0222 0x19d4  MpsSvc - ok
21:03:23.0238 0x19d4  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:03:23.0247 0x19d4  MRxDAV - ok
21:03:23.0264 0x19d4  [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:03:23.0274 0x19d4  mrxsmb - ok
21:03:23.0287 0x19d4  [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:03:23.0301 0x19d4  mrxsmb10 - ok
21:03:23.0345 0x19d4  [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:03:23.0355 0x19d4  mrxsmb20 - ok
21:03:23.0365 0x19d4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:03:23.0373 0x19d4  msahci - ok
21:03:23.0383 0x19d4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:03:23.0392 0x19d4  msdsm - ok
21:03:23.0416 0x19d4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:03:23.0427 0x19d4  MSDTC - ok
21:03:23.0452 0x19d4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:03:23.0475 0x19d4  Msfs - ok
21:03:23.0483 0x19d4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:03:23.0506 0x19d4  mshidkmdf - ok
21:03:23.0519 0x19d4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:03:23.0526 0x19d4  msisadrv - ok
21:03:23.0550 0x19d4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:03:23.0576 0x19d4  MSiSCSI - ok
21:03:23.0580 0x19d4  msiserver - ok
21:03:23.0591 0x19d4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:03:23.0614 0x19d4  MSKSSRV - ok
21:03:23.0617 0x19d4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:03:23.0640 0x19d4  MSPCLOCK - ok
21:03:23.0651 0x19d4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:03:23.0674 0x19d4  MSPQM - ok
21:03:23.0704 0x19d4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:03:23.0717 0x19d4  MsRPC - ok
21:03:23.0728 0x19d4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:03:23.0735 0x19d4  mssmbios - ok
21:03:23.0742 0x19d4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:03:23.0765 0x19d4  MSTEE - ok
21:03:23.0778 0x19d4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:03:23.0785 0x19d4  MTConfig - ok
21:03:23.0819 0x19d4  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
21:03:23.0825 0x19d4  MTsensor - ok
21:03:23.0834 0x19d4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:03:23.0841 0x19d4  Mup - ok
21:03:23.0926 0x19d4  [ 6048F9CA4EC972FF4AEE9063BF6C83BD, F262F05BBAB793CE7181A48EE64D4F8E5AE283116121D152ED0168409BC2C7F0 ] myPWTNTService.exe c:\program files (x86)\ConSoft\Reflex pro\interfaces\myPWT\myPWTServer\bin\myPWTNTService.exe
21:03:23.0939 0x19d4  myPWTNTService.exe - detected UnsignedFile.Multi.Generic ( 1 )
21:03:24.0008 0x19d4  myPWTNTService.exe ( UnsignedFile.Multi.Generic ) - warning
21:03:24.0159 0x19d4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:03:24.0199 0x19d4  napagent - ok
21:03:24.0224 0x19d4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:03:24.0240 0x19d4  NativeWifiP - ok
21:03:24.0284 0x19d4  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:03:24.0310 0x19d4  NDIS - ok
21:03:24.0321 0x19d4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:03:24.0344 0x19d4  NdisCap - ok
21:03:24.0364 0x19d4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:03:24.0388 0x19d4  NdisTapi - ok
21:03:24.0417 0x19d4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:03:24.0439 0x19d4  Ndisuio - ok
21:03:24.0461 0x19d4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:03:24.0486 0x19d4  NdisWan - ok
21:03:24.0507 0x19d4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:03:24.0530 0x19d4  NDProxy - ok
21:03:24.0605 0x19d4  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:03:24.0611 0x19d4  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:03:24.0692 0x19d4  Detect skipped due to KSN trusted
21:03:24.0693 0x19d4  Net Driver HPZ12 - ok
21:03:24.0713 0x19d4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:03:24.0756 0x19d4  NetBIOS - ok
21:03:24.0782 0x19d4  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:03:24.0794 0x19d4  NetBT - ok
21:03:24.0807 0x19d4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon        C:\Windows\system32\lsass.exe
21:03:24.0814 0x19d4  Netlogon - ok
21:03:24.0847 0x19d4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:03:24.0877 0x19d4  Netman - ok
21:03:24.0983 0x19d4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:03:25.0009 0x19d4  NetMsmqActivator - ok
21:03:25.0026 0x19d4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:03:25.0042 0x19d4  NetPipeActivator - ok
21:03:25.0059 0x19d4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:03:25.0090 0x19d4  netprofm - ok
21:03:25.0097 0x19d4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:03:25.0108 0x19d4  NetTcpActivator - ok
21:03:25.0113 0x19d4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:03:25.0125 0x19d4  NetTcpPortSharing - ok
21:03:25.0138 0x19d4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:03:25.0145 0x19d4  nfrd960 - ok
21:03:25.0164 0x19d4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:03:25.0177 0x19d4  NlaSvc - ok
21:03:25.0200 0x19d4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:03:25.0224 0x19d4  Npfs - ok
21:03:25.0250 0x19d4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:03:25.0274 0x19d4  nsi - ok
21:03:25.0286 0x19d4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:03:25.0309 0x19d4  nsiproxy - ok
21:03:25.0371 0x19d4  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:03:25.0410 0x19d4  Ntfs - ok
21:03:25.0423 0x19d4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:03:25.0446 0x19d4  Null - ok
21:03:25.0470 0x19d4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:03:25.0480 0x19d4  nvraid - ok
21:03:25.0490 0x19d4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:03:25.0499 0x19d4  nvstor - ok
21:03:25.0513 0x19d4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:03:25.0522 0x19d4  nv_agp - ok
21:03:25.0547 0x19d4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:03:25.0556 0x19d4  ohci1394 - ok
21:03:25.0631 0x19d4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:03:25.0659 0x19d4  ose - ok
21:03:25.0687 0x19d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:03:25.0707 0x19d4  p2pimsvc - ok
21:03:25.0734 0x19d4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:03:25.0749 0x19d4  p2psvc - ok
21:03:25.0761 0x19d4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:03:25.0770 0x19d4  Parport - ok
21:03:25.0790 0x19d4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:03:25.0799 0x19d4  partmgr - ok
21:03:25.0853 0x19d4  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:03:25.0878 0x19d4  PcaSvc - ok
21:03:25.0896 0x19d4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:03:25.0907 0x19d4  pci - ok
21:03:25.0924 0x19d4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:03:25.0931 0x19d4  pciide - ok
21:03:25.0957 0x19d4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:03:25.0968 0x19d4  pcmcia - ok
21:03:25.0982 0x19d4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:03:25.0989 0x19d4  pcw - ok
21:03:26.0040 0x19d4  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:03:26.0059 0x19d4  PEAUTH - ok
21:03:26.0105 0x19d4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:03:26.0138 0x19d4  PeerDistSvc - ok
21:03:26.0166 0x19d4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:03:26.0174 0x19d4  PerfHost - ok
21:03:26.0219 0x19d4  [ B47DEE29B5E6E1939567A926C7A3E6A4, E86CB77DE7B6A8025F9A546F6C45D135F471E664963CF70B381BEE2DFD0FDEF4 ] PID_0928        C:\Windows\system32\DRIVERS\LV561V64.SYS
21:03:26.0235 0x19d4  PID_0928 - ok
21:03:26.0288 0x19d4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:03:26.0339 0x19d4  pla - ok
21:03:26.0407 0x19d4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:03:26.0429 0x19d4  PlugPlay - ok
21:03:26.0468 0x19d4  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:03:26.0473 0x19d4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:03:26.0535 0x19d4  Detect skipped due to KSN trusted
21:03:26.0535 0x19d4  Pml Driver HPZ12 - ok
21:03:26.0550 0x19d4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:03:26.0579 0x19d4  PNRPAutoReg - ok
21:03:26.0597 0x19d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:03:26.0616 0x19d4  PNRPsvc - ok
21:03:26.0647 0x19d4  [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64         C:\Windows\system32\DRIVERS\point64.sys
21:03:26.0655 0x19d4  Point64 - ok
21:03:26.0679 0x19d4  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:03:26.0696 0x19d4  PolicyAgent - ok
21:03:26.0716 0x19d4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:03:26.0743 0x19d4  Power - ok
21:03:26.0782 0x19d4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:03:26.0808 0x19d4  PptpMiniport - ok
21:03:26.0845 0x19d4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:03:26.0854 0x19d4  Processor - ok
21:03:26.0904 0x19d4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:03:26.0930 0x19d4  ProfSvc - ok
21:03:26.0950 0x19d4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:03:26.0961 0x19d4  ProtectedStorage - ok
21:03:26.0991 0x19d4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:03:27.0016 0x19d4  Psched - ok
21:03:27.0088 0x19d4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:03:27.0123 0x19d4  ql2300 - ok
21:03:27.0142 0x19d4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:03:27.0150 0x19d4  ql40xx - ok
21:03:27.0175 0x19d4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:03:27.0190 0x19d4  QWAVE - ok
21:03:27.0199 0x19d4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:03:27.0209 0x19d4  QWAVEdrv - ok
21:03:27.0220 0x19d4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:03:27.0243 0x19d4  RasAcd - ok
21:03:27.0267 0x19d4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:03:27.0291 0x19d4  RasAgileVpn - ok
21:03:27.0299 0x19d4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:03:27.0325 0x19d4  RasAuto - ok
21:03:27.0349 0x19d4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:03:27.0373 0x19d4  Rasl2tp - ok
21:03:27.0406 0x19d4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:03:27.0434 0x19d4  RasMan - ok
21:03:27.0446 0x19d4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:03:27.0471 0x19d4  RasPppoe - ok
21:03:27.0485 0x19d4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:03:27.0509 0x19d4  RasSstp - ok
21:03:27.0536 0x19d4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:03:27.0563 0x19d4  rdbss - ok
21:03:27.0573 0x19d4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:03:27.0581 0x19d4  rdpbus - ok
21:03:27.0592 0x19d4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:03:27.0614 0x19d4  RDPCDD - ok
21:03:27.0644 0x19d4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:03:27.0653 0x19d4  RDPDR - ok
21:03:27.0667 0x19d4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:03:27.0690 0x19d4  RDPENCDD - ok
21:03:27.0696 0x19d4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:03:27.0722 0x19d4  RDPREFMP - ok
21:03:27.0805 0x19d4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:03:27.0813 0x19d4  RdpVideoMiniport - ok
21:03:27.0836 0x19d4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:03:27.0846 0x19d4  RDPWD - ok
21:03:27.0880 0x19d4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:03:27.0891 0x19d4  rdyboost - ok
21:03:27.0937 0x19d4  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
21:03:27.0944 0x19d4  RegFilter - ok
21:03:27.0966 0x19d4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:03:27.0991 0x19d4  RemoteAccess - ok
21:03:28.0009 0x19d4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:03:28.0035 0x19d4  RemoteRegistry - ok
21:03:28.0067 0x19d4  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:03:28.0079 0x19d4  RFCOMM - ok
21:03:28.0101 0x19d4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:03:28.0133 0x19d4  RpcEptMapper - ok
21:03:28.0156 0x19d4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:03:28.0166 0x19d4  RpcLocator - ok
21:03:28.0199 0x19d4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
21:03:28.0216 0x19d4  RpcSs - ok
21:03:28.0228 0x19d4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:03:28.0252 0x19d4  rspndr - ok
21:03:28.0270 0x19d4  [ C435AC77704EB16E85C9D630F4D4B4F7, DA508641AC9DFEDEE7E025B13CE0629C316742C4E95765FEDEF1A24112F45435 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
21:03:28.0280 0x19d4  RTHDMIAzAudService - ok
21:03:28.0330 0x19d4  [ 46C200885F182C04DAFDA6FB5B3CE058, A02F9BE1EBC404623AFF43F367C9D07BC64622BA78B756A749B90B5F28C063F2 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:03:28.0357 0x19d4  RTL8167 - ok
21:03:28.0368 0x19d4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:03:28.0375 0x19d4  s3cap - ok
21:03:28.0379 0x19d4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs           C:\Windows\system32\lsass.exe
21:03:28.0386 0x19d4  SamSs - ok
21:03:28.0399 0x19d4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:03:28.0408 0x19d4  sbp2port - ok
21:03:28.0423 0x19d4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:03:28.0450 0x19d4  SCardSvr - ok
21:03:28.0488 0x19d4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:03:28.0509 0x19d4  scfilter - ok
21:03:28.0551 0x19d4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
21:03:28.0579 0x19d4  Schedule - ok
21:03:28.0609 0x19d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:03:28.0632 0x19d4  SCPolicySvc - ok
21:03:28.0648 0x19d4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:03:28.0659 0x19d4  SDRSVC - ok
21:03:28.0673 0x19d4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:03:28.0680 0x19d4  secdrv - ok
21:03:28.0700 0x19d4  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
21:03:28.0709 0x19d4  seclogon - ok
21:03:28.0727 0x19d4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:03:28.0752 0x19d4  SENS - ok
21:03:28.0762 0x19d4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:03:28.0770 0x19d4  SensrSvc - ok
21:03:28.0779 0x19d4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:03:28.0786 0x19d4  Serenum - ok
21:03:28.0795 0x19d4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:03:28.0804 0x19d4  Serial - ok
21:03:28.0827 0x19d4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:03:28.0834 0x19d4  sermouse - ok
21:03:28.0860 0x19d4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:03:28.0884 0x19d4  SessionEnv - ok
21:03:28.0894 0x19d4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:03:28.0903 0x19d4  sffdisk - ok
21:03:28.0907 0x19d4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:03:28.0916 0x19d4  sffp_mmc - ok
21:03:28.0923 0x19d4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:03:28.0932 0x19d4  sffp_sd - ok
21:03:28.0940 0x19d4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:03:28.0947 0x19d4  sfloppy - ok
21:03:28.0975 0x19d4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:03:29.0004 0x19d4  SharedAccess - ok
21:03:29.0032 0x19d4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:03:29.0061 0x19d4  ShellHWDetection - ok
21:03:29.0079 0x19d4  [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm        C:\Windows\system32\DRIVERS\silabenm.sys
21:03:29.0086 0x19d4  silabenm - ok
21:03:29.0096 0x19d4  [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser        C:\Windows\system32\DRIVERS\silabser.sys
21:03:29.0104 0x19d4  silabser - ok
21:03:29.0120 0x19d4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:03:29.0127 0x19d4  SiSRaid2 - ok
21:03:29.0140 0x19d4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:03:29.0148 0x19d4  SiSRaid4 - ok
21:03:29.0173 0x19d4  [ CEDF7CFFCCD03451FD22DBAAC2E3DE8E, A1F4B952099EBA4BA4E659782F85B45C4BBB411BF5B7C02D5BE0CC3DBF27AFF3 ] SIUSBXP         C:\Windows\system32\drivers\SiUSBXp.sys
21:03:29.0179 0x19d4  SIUSBXP - ok
21:03:29.0259 0x19d4  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:03:29.0281 0x19d4  SkypeUpdate - ok
21:03:29.0293 0x19d4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:03:29.0319 0x19d4  Smb - ok
21:03:29.0361 0x19d4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:03:29.0370 0x19d4  SNMPTRAP - ok
21:03:29.0425 0x19d4  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:03:29.0445 0x19d4  Sony PC Companion - ok
21:03:29.0450 0x19d4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:03:29.0460 0x19d4  spldr - ok
21:03:29.0494 0x19d4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:03:29.0520 0x19d4  Spooler - ok
21:03:29.0643 0x19d4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:03:29.0732 0x19d4  sppsvc - ok
21:03:29.0753 0x19d4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:03:29.0777 0x19d4  sppuinotify - ok
21:03:29.0810 0x19d4  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:03:29.0825 0x19d4  srv - ok
21:03:29.0842 0x19d4  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:03:29.0856 0x19d4  srv2 - ok
21:03:29.0870 0x19d4  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:03:29.0880 0x19d4  srvnet - ok
21:03:29.0898 0x19d4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:03:29.0925 0x19d4  SSDPSRV - ok
21:03:29.0934 0x19d4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:03:29.0958 0x19d4  SstpSvc - ok
21:03:30.0061 0x19d4  [ 296268EE8C9427D49DDA579017014244, 5EF5D88775219869FA8965F37E8E988813D7295A5466A736378BC51A76510C41 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:03:30.0096 0x19d4  Steam Client Service - ok
21:03:30.0114 0x19d4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:03:30.0121 0x19d4  stexstor - ok
21:03:30.0160 0x19d4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:03:30.0182 0x19d4  stisvc - ok
21:03:30.0210 0x19d4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:03:30.0217 0x19d4  storflt - ok
21:03:30.0225 0x19d4  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:03:30.0233 0x19d4  StorSvc - ok
21:03:30.0242 0x19d4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:03:30.0250 0x19d4  storvsc - ok
21:03:30.0257 0x19d4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:03:30.0264 0x19d4  swenum - ok
21:03:30.0286 0x19d4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:03:30.0319 0x19d4  swprv - ok
21:03:30.0379 0x19d4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
21:03:30.0420 0x19d4  SysMain - ok
21:03:30.0440 0x19d4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:03:30.0453 0x19d4  TabletInputService - ok
21:03:30.0468 0x19d4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:03:30.0497 0x19d4  TapiSrv - ok
21:03:30.0557 0x19d4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:03:30.0599 0x19d4  Tcpip - ok
21:03:30.0645 0x19d4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:03:30.0687 0x19d4  TCPIP6 - ok
21:03:30.0709 0x19d4  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:03:30.0716 0x19d4  tcpipreg - ok
21:03:30.0726 0x19d4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:03:30.0732 0x19d4  TDPIPE - ok
21:03:30.0748 0x19d4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:03:30.0755 0x19d4  TDTCP - ok
21:03:30.0778 0x19d4  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:03:30.0786 0x19d4  tdx - ok
21:03:31.0025 0x19d4  [ E99CD4524662A2DA7C73372C626669D8, 694DF29BF6CFF8CA06B8C701BBD148DCF58D6A6ECE3CF6CC900B0D0E5A3DFDF2 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
21:03:31.0131 0x19d4  TeamViewer9 - ok
21:03:31.0154 0x19d4  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
21:03:31.0160 0x19d4  teamviewervpn - ok
21:03:31.0169 0x19d4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:03:31.0177 0x19d4  TermDD - ok
21:03:31.0210 0x19d4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:03:31.0230 0x19d4  TermService - ok
21:03:31.0249 0x19d4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:03:31.0260 0x19d4  Themes - ok
21:03:31.0287 0x19d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:03:31.0315 0x19d4  THREADORDER - ok
21:03:31.0347 0x19d4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:03:31.0373 0x19d4  TrkWks - ok
21:03:31.0433 0x19d4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:03:31.0479 0x19d4  TrustedInstaller - ok
21:03:31.0512 0x19d4  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:03:31.0519 0x19d4  tssecsrv - ok
21:03:31.0542 0x19d4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:03:31.0549 0x19d4  TsUsbFlt - ok
21:03:31.0586 0x19d4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:03:31.0609 0x19d4  tunnel - ok
21:03:31.0637 0x19d4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:03:31.0645 0x19d4  uagp35 - ok
21:03:31.0673 0x19d4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:03:31.0700 0x19d4  udfs - ok
21:03:31.0717 0x19d4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:03:31.0726 0x19d4  UI0Detect - ok
21:03:31.0734 0x19d4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:03:31.0742 0x19d4  uliagpkx - ok
21:03:31.0768 0x19d4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
21:03:31.0776 0x19d4  umbus - ok
21:03:31.0782 0x19d4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:03:31.0789 0x19d4  UmPass - ok
21:03:31.0808 0x19d4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:03:31.0819 0x19d4  UmRdpService - ok
21:03:31.0894 0x19d4  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
21:03:31.0914 0x19d4  UnlockerDriver5 - ok
21:03:31.0951 0x19d4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:03:31.0992 0x19d4  upnphost - ok
21:03:32.0036 0x19d4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:03:32.0044 0x19d4  usbaudio - ok
21:03:32.0058 0x19d4  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
21:03:32.0066 0x19d4  usbccgp - ok
21:03:32.0084 0x19d4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:03:32.0093 0x19d4  usbcir - ok
21:03:32.0108 0x19d4  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:03:32.0116 0x19d4  usbehci - ok
21:03:32.0140 0x19d4  [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:03:32.0148 0x19d4  usbfilter - ok
21:03:32.0171 0x19d4  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
21:03:32.0183 0x19d4  usbhub - ok
21:03:32.0199 0x19d4  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:03:32.0206 0x19d4  usbohci - ok
21:03:32.0214 0x19d4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:03:32.0222 0x19d4  usbprint - ok
21:03:32.0234 0x19d4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:03:32.0241 0x19d4  usbscan - ok
21:03:32.0264 0x19d4  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
21:03:32.0271 0x19d4  usbser - ok
21:03:32.0291 0x19d4  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:03:32.0299 0x19d4  USBSTOR - ok
21:03:32.0308 0x19d4  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:03:32.0315 0x19d4  usbuhci - ok
21:03:32.0334 0x19d4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:03:32.0344 0x19d4  usbvideo - ok
21:03:32.0373 0x19d4  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
21:03:32.0380 0x19d4  usb_rndisx - ok
21:03:32.0386 0x19d4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:03:32.0410 0x19d4  UxSms - ok
21:03:32.0422 0x19d4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc        C:\Windows\system32\lsass.exe
21:03:32.0429 0x19d4  VaultSvc - ok
21:03:32.0467 0x19d4  [ 8CEF51B3AA696A021574A6F4E4C6F5C3, E763DCF53534A40EFF41180567AF68B06CD60BD48E14127AE44DC34744E89770 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
21:03:32.0478 0x19d4  VBoxDrv - ok
21:03:32.0499 0x19d4  [ 7AC3F7C5A97CAFCCC54D9614A640A4CD, C412B27D40D7D326F9B8148A9BE691448734111187071AB30AC8AE15B875FD9F ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:03:32.0508 0x19d4  VBoxNetAdp - ok
21:03:32.0523 0x19d4  [ D1FC65F999E63697CFA67D8FB13E03C2, CDE5438159F7B7BC53DB1375E0BAE39351D9C5FB6534F1E73DF4C716008F9DA9 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
21:03:32.0532 0x19d4  VBoxNetFlt - ok
21:03:32.0570 0x19d4  [ 710772BFEE506DAEE114994ED4DF5035, C7E91F27F4F8AA297CC319B45C5F59F1AF8A0534C8A1BAA204EBADD02084487B ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
21:03:32.0594 0x19d4  VBoxUSBMon - ok
21:03:32.0626 0x19d4  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
21:03:32.0634 0x19d4  VClone - ok
21:03:32.0647 0x19d4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:03:32.0658 0x19d4  vdrvroot - ok
21:03:32.0698 0x19d4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:03:32.0733 0x19d4  vds - ok
21:03:32.0745 0x19d4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:03:32.0754 0x19d4  vga - ok
21:03:32.0767 0x19d4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:03:32.0790 0x19d4  VgaSave - ok
21:03:32.0802 0x19d4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:03:32.0812 0x19d4  vhdmp - ok
21:03:32.0820 0x19d4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:03:32.0827 0x19d4  viaide - ok
21:03:32.0843 0x19d4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:03:32.0853 0x19d4  vmbus - ok
21:03:32.0867 0x19d4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:03:32.0874 0x19d4  VMBusHID - ok
21:03:32.0883 0x19d4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:03:32.0891 0x19d4  volmgr - ok
21:03:32.0921 0x19d4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:03:32.0934 0x19d4  volmgrx - ok
21:03:32.0962 0x19d4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:03:32.0974 0x19d4  volsnap - ok
21:03:32.0994 0x19d4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:03:33.0004 0x19d4  vsmraid - ok
21:03:33.0089 0x19d4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:03:33.0144 0x19d4  VSS - ok
21:03:33.0155 0x19d4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:03:33.0164 0x19d4  vwifibus - ok
21:03:33.0197 0x19d4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:03:33.0227 0x19d4  W32Time - ok
21:03:33.0244 0x19d4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:03:33.0251 0x19d4  WacomPen - ok
21:03:33.0271 0x19d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:03:33.0294 0x19d4  WANARP - ok
21:03:33.0298 0x19d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:03:33.0323 0x19d4  Wanarpv6 - ok
21:03:33.0381 0x19d4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:03:33.0416 0x19d4  wbengine - ok
21:03:33.0432 0x19d4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:03:33.0446 0x19d4  WbioSrvc - ok
21:03:33.0470 0x19d4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:03:33.0488 0x19d4  wcncsvc - ok
21:03:33.0496 0x19d4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:03:33.0505 0x19d4  WcsPlugInService - ok
21:03:33.0511 0x19d4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:03:33.0518 0x19d4  Wd - ok
21:03:33.0553 0x19d4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:03:33.0575 0x19d4  Wdf01000 - ok
21:03:33.0586 0x19d4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:03:33.0595 0x19d4  WdiServiceHost - ok
21:03:33.0599 0x19d4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:03:33.0608 0x19d4  WdiSystemHost - ok
21:03:33.0629 0x19d4  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
21:03:33.0642 0x19d4  WebClient - ok
21:03:33.0661 0x19d4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:03:33.0689 0x19d4  Wecsvc - ok
21:03:33.0700 0x19d4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:03:33.0724 0x19d4  wercplsupport - ok
21:03:33.0747 0x19d4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:03:33.0772 0x19d4  WerSvc - ok
21:03:33.0785 0x19d4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:03:33.0808 0x19d4  WfpLwf - ok
21:03:33.0812 0x19d4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:03:33.0819 0x19d4  WIMMount - ok
21:03:33.0841 0x19d4  WinDefend - ok
21:03:33.0856 0x19d4  WinHttpAutoProxySvc - ok
21:03:33.0899 0x19d4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:03:33.0926 0x19d4  Winmgmt - ok
21:03:33.0986 0x19d4  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:03:34.0032 0x19d4  WinRM - ok
21:03:34.0063 0x19d4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] winusb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:03:34.0073 0x19d4  winusb - ok
21:03:34.0115 0x19d4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:03:34.0142 0x19d4  Wlansvc - ok
21:03:34.0273 0x19d4  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:03:34.0322 0x19d4  wlidsvc - ok
21:03:34.0350 0x19d4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:03:34.0357 0x19d4  WmiAcpi - ok
21:03:34.0375 0x19d4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:03:34.0385 0x19d4  wmiApSrv - ok
21:03:34.0402 0x19d4  WMPNetworkSvc - ok
21:03:34.0470 0x19d4  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
21:03:34.0513 0x19d4  WMZuneComm - ok
21:03:34.0527 0x19d4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:03:34.0538 0x19d4  WPCSvc - ok
21:03:34.0552 0x19d4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:03:34.0568 0x19d4  WPDBusEnum - ok
21:03:34.0575 0x19d4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:03:34.0598 0x19d4  ws2ifsl - ok
21:03:34.0606 0x19d4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:03:34.0619 0x19d4  wscsvc - ok
21:03:34.0622 0x19d4  WSearch - ok
21:03:34.0756 0x19d4  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:03:34.0813 0x19d4  wuauserv - ok
21:03:34.0839 0x19d4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:03:34.0848 0x19d4  WudfPf - ok
21:03:34.0870 0x19d4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:03:34.0881 0x19d4  WUDFRd - ok
21:03:34.0891 0x19d4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:03:34.0900 0x19d4  wudfsvc - ok
21:03:34.0924 0x19d4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:03:34.0936 0x19d4  WwanSvc - ok
21:03:35.0182 0x19d4  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
21:03:35.0346 0x19d4  ZuneNetworkSvc - ok
21:03:35.0394 0x19d4  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
21:03:35.0410 0x19d4  ZuneWlanCfgSvc - ok
21:03:35.0434 0x19d4  ================ Scan global ===============================
21:03:35.0454 0x19d4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:03:35.0468 0x19d4  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:03:35.0478 0x19d4  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
21:03:35.0502 0x19d4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:03:35.0531 0x19d4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:03:35.0537 0x19d4  [ Global ] - ok
21:03:35.0538 0x19d4  ================ Scan MBR ==================================
21:03:35.0548 0x19d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:03:35.0724 0x19d4  \Device\Harddisk0\DR0 - ok
21:03:35.0741 0x19d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:03:35.0797 0x19d4  \Device\Harddisk1\DR1 - ok
21:03:35.0799 0x19d4  ================ Scan VBR ==================================
21:03:35.0814 0x19d4  [ 39A14EFE21CDB9C5F53D2154301F3878 ] \Device\Harddisk0\DR0\Partition1
21:03:35.0818 0x19d4  \Device\Harddisk0\DR0\Partition1 - ok
21:03:35.0829 0x19d4  [ 8A92880193E8EAE578E98529639D407A ] \Device\Harddisk0\DR0\Partition2
21:03:35.0833 0x19d4  \Device\Harddisk0\DR0\Partition2 - ok
21:03:35.0850 0x19d4  [ CA361D30CF9CE7B4FA4123D0C11FE30F ] \Device\Harddisk1\DR1\Partition1
21:03:35.0853 0x19d4  \Device\Harddisk1\DR1\Partition1 - ok
21:03:35.0854 0x19d4  ================ Scan generic autorun ======================
21:03:35.0885 0x19d4  [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C, 6C6B186A2FC1DFD800041B160A7D71F5F1B3C70D62C7696B8DA89148A8D87D47 ] C:\Program Files\Zune\ZuneLauncher.exe
21:03:35.0921 0x19d4  Zune Launcher - ok
21:03:36.0199 0x19d4  [ 0FA05A42B80D87E6AB8D998827070DFE, FBCC4A70F3B97C4E964776CDD57407E7E2D060942BB69969F62A0717FD92191A ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:03:36.0362 0x19d4  RtHDVCpl - ok
21:03:36.0430 0x19d4  [ CF7FEE182773AA0B183A07199CC49B05, 6447331C9DAE4CF3CFDC15D85B4D91E8446B19B93A6DD0AF16C3B6B1F50AB6EB ] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
21:03:36.0468 0x19d4  Skytel - ok
21:03:36.0504 0x19d4  [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
21:03:36.0513 0x19d4  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
21:03:36.0571 0x19d4  Detect skipped due to KSN trusted
21:03:36.0571 0x19d4  FreePDF Assistant - ok
21:03:36.0611 0x19d4  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
21:03:36.0641 0x19d4  LWS - ok
21:03:36.0689 0x19d4  [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
21:03:36.0696 0x19d4  hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
21:03:36.0761 0x19d4  Detect skipped due to KSN trusted
21:03:36.0762 0x19d4  hpqSRMon - ok
21:03:36.0900 0x19d4  [ A5E03E0F22EDBC0815EB05DE1EAA99D8, 316A4428336FDE7B2F034BF2F10A72347D0DA218035BAE1DC88A48BDFE7657F4 ] C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe
21:03:36.0942 0x19d4  Ai Nap - detected UnsignedFile.Multi.Generic ( 1 )
21:03:37.0007 0x19d4  Detect skipped due to KSN trusted
21:03:37.0007 0x19d4  Ai Nap - ok
21:03:37.0063 0x19d4  [ 6EBF0C03E5F0D65F283128218AEEBFDB, 01B02CB336F8F13FBC40046F9B9A05D21026A63B6282115FB355E87DAF2F3504 ] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
21:03:37.0082 0x19d4  QFan Help - detected UnsignedFile.Multi.Generic ( 1 )
21:03:37.0145 0x19d4  Detect skipped due to KSN trusted
21:03:37.0145 0x19d4  QFan Help - ok
21:03:37.0192 0x19d4  [ A053F83A03990006B2B032CF9F61F50E, FB0C92857970A832B6B3C2C193869ED4763DB8380B41FBB15D8A3B74B4569D15 ] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe
21:03:37.0216 0x19d4  Cpu Level Up help - detected UnsignedFile.Multi.Generic ( 1 )
21:03:37.0280 0x19d4  Detect skipped due to KSN trusted
21:03:37.0281 0x19d4  Cpu Level Up help - ok
21:03:37.0468 0x19d4  [ B4BF928DBA5E42E3329ADA9B5DBB8065, 20660EAA849BEECD5626B1D66B891B9A63A7BD22A4C4E9220167215EFE2B4E9E ] C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
21:03:37.0574 0x19d4  TurboV - detected UnsignedFile.Multi.Generic ( 1 )
21:03:37.0653 0x19d4  Detect skipped due to KSN trusted
21:03:37.0653 0x19d4  TurboV - ok
21:03:37.0678 0x19d4  [ C637FC4638A96165256B28D38DE7B953, CD658543610F151C7860DBDCF36596C9B5417D87E598FA50A435392D4AED1C14 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:03:37.0693 0x19d4  HP Software Update - ok
21:03:37.0764 0x19d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:03:37.0797 0x19d4  Sidebar - ok
21:03:37.0816 0x19d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:03:37.0828 0x19d4  mctadmin - ok
21:03:37.0854 0x19d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:03:37.0881 0x19d4  Sidebar - ok
21:03:37.0888 0x19d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:03:37.0900 0x19d4  mctadmin - ok
21:03:37.0931 0x19d4  [ 89CACBC5A5D9F14AD11F09D1DE49294E, 5D9F810E57527ED9E95BB208DBA13D25AF64346B298C1C793335775F9AED21C7 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
21:03:37.0943 0x19d4  Sony PC Companion - ok
21:03:38.0459 0x19d4  [ 40F89D5FDA13C0DD0E2268B52D488AA1, EA43C83616F7C941452409465C7DAA0294408A2D4B717DAD0AC0380E587370B9 ] C:\Program Files (x86)\PicPick\picpick.exe
21:03:38.0842 0x19d4  PicPick Start - ok
21:03:38.0905 0x19d4  Skype - ok
21:03:38.0911 0x19d4  Vidalia - ok
21:03:39.0073 0x19d4  [ 83617B22205AE74AA31FF3CC145E2132, 5684D6523922A662799B408D8BC26FFC7D2212F633B82045919562F30C224F1E ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
21:03:39.0158 0x19d4  msnmsgr - ok
21:03:39.0190 0x19d4  [ 28572EF061F3D59B11A4BCF99530A130, 60D16959175F1D1AE185196C0BD4A10274DD1F454021AE75AAFF5E21FF2FC2F9 ] C:\Program Files\SpiderOak\SpiderOak.exe
21:03:39.0193 0x19d4  SpiderOak - detected UnsignedFile.Multi.Generic ( 1 )
21:03:39.0250 0x19d4  Detect skipped due to KSN trusted
21:03:39.0250 0x19d4  SpiderOak - ok
21:03:39.0779 0x19d4  [ 40F89D5FDA13C0DD0E2268B52D488AA1, EA43C83616F7C941452409465C7DAA0294408A2D4B717DAD0AC0380E587370B9 ] C:\Program Files (x86)\PicPick\picpick.exe
21:03:40.0164 0x19d4  PicPick Start - ok
21:03:40.0200 0x19d4  Skype - ok
21:03:40.0336 0x19d4  [ 422963B9386FD4052AA766A6575ED8DE, 3D9938360E3F08EF550B03A6204C6B36A32960D115577B5448DCA5D160B46F5B ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
21:03:40.0384 0x19d4  Advanced SystemCare 8 - ok
21:03:40.0391 0x19d4  [ 28572EF061F3D59B11A4BCF99530A130, 60D16959175F1D1AE185196C0BD4A10274DD1F454021AE75AAFF5E21FF2FC2F9 ] C:\Program Files\SpiderOak\SpiderOak.exe
21:03:40.0394 0x19d4  SpiderOak - detected UnsignedFile.Multi.Generic ( 1 )
21:03:40.0394 0x19d4  Detect skipped due to KSN trusted
21:03:40.0394 0x19d4  SpiderOak - ok
21:03:40.0395 0x19d4  Waiting for KSN requests completion. In queue: 167
21:03:41.0427 0x19d4  Win FW state via NFP2: enabled ( trusted )
21:03:41.0538 0x19d4  ============================================================
21:03:41.0538 0x19d4  Scan finished
21:03:41.0538 0x19d4  ============================================================
21:03:41.0558 0x12a0  Detected object count: 2
21:03:41.0558 0x12a0  Actual detected object count: 2
21:05:23.0382 0x12a0  chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
21:05:23.0382 0x12a0  chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:05:23.0383 0x12a0  myPWTNTService.exe ( UnsignedFile.Multi.Generic ) - skipped by user
21:05:23.0383 0x12a0  myPWTNTService.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Bitte die Anleitung zu MBAR richtig lesen.

Ok, hab´s geprüft: mbar ausgeführt mit Admin-Rechten extrahiert sich in den Admin-Desktop. Habs ncchmal laufen lassen, hier das Ergebnis:

Gruß,

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.01.02.03
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Fast Alle :: AMD-GARDEROBE [administrator]

02.01.2017 21:44:18
mbar-log-2017-01-02 (21-44-18).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 366254
Time elapsed: 19 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Hallo und Guten Abend,

Ergebnis ADWCleaner:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v6.041 - Bericht erstellt am 03/01/2017 um 18:54:05
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2017-01-03.1 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Fast Alle - AMD-GARDEROBE
# Gestartet von : C:\Users\Alle\Desktop\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Alle\AppData\Local\PackageAware
[-] Ordner gelöscht: C:\Users\Alle\AppData\Roaming\AdvertismentImages
[-] Ordner gelöscht: C:\Users\Fast Alle\AppData\Local\DriverToolkit
[-] Ordner gelöscht: C:\Users\Fast Alle\AppData\Local\PackageAware
[-] Ordner gelöscht: C:\Users\Fast Alle\AppData\Roaming\AdvertismentImages
[-] Ordner gelöscht: C:\ProgramData\apn
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\apn
[-] Ordner gelöscht: C:\Program Files (x86)\DriverToolkit
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\HPAppData
[-] Ordner gelöscht: C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\extensions\ascsurfingprotection@iobit.com


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKU\S-1-5-21-2390081207-1673913599-2541008035-1000\Software\usyndication.com
[-] Schlüssel gelöscht: HKU\S-1-5-21-2390081207-1673913599-2541008035-1004\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\DriverToolkit
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Video downloader
[-] Schlüssel gelöscht: HKLM\SOFTWARE\WISECLEANER
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\DriverToolkit
[-] Daten  wiederhergestellt: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKU\S-1-5-21-2390081207-1673913599-2541008035-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Daten  wiederhergestellt: HKU\S-1-5-21-2390081207-1673913599-2541008035-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Daten  wiederhergestellt: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] 
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\euask.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.euask.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\euask.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.euask.com


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

\AdwCleaner\AdwCleaner[C0].txt - [5281 Bytes] - [03/01/2017 18:54:05]
\AdwCleaner\AdwCleaner[R0].txt - [8932 Bytes] - [18/02/2014 23:35:16]
\AdwCleaner\AdwCleaner[R1].txt - [996 Bytes] - [18/02/2014 23:42:46]
\AdwCleaner\AdwCleaner[R2].txt - [1116 Bytes] - [18/02/2014 23:50:21]
\AdwCleaner\AdwCleaner[S0].txt - [8744 Bytes] - [18/02/2014 23:36:53]
\AdwCleaner\AdwCleaner[S1].txt - [1056 Bytes] - [18/02/2014 23:44:38]
\AdwCleaner\AdwCleaner[S3].txt - [6298 Bytes] - [03/01/2017 18:49:30]
\AdwCleaner\AdwCleaner[S4].txt - [6328 Bytes] - [22/11/2015 22:34:13]
\AdwCleaner\AdwCleaner[S5].txt - [6368 Bytes] - [03/01/2017 18:53:33]

########## EOF - \AdwCleaner\AdwCleaner[C0].txt - [5919 Bytes] ##########
         

Ergebnis JRT:

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64 
Ran by Fast Alle (Administrator) on 03.01.2017 at 19:08:43,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 34 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\driver booster 2 (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\wise registry cleaner (Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\extensions\bingsearch.full@microsoft.com\search.xml (File) 
Successfully deleted: C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\user.js (File) 
Successfully deleted: C:\Users\Fast Alle\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Roaming\wise registry cleaner (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\AviraSpeedup (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scan (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (Fast Alle) (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Update (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Alle (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Fast_Alle (Task)
Successfully deleted: C:\Windows\system32\Tasks\Wise Registry Cleaner Schedule Task (Task)
Successfully deleted: C:\Windows\Tasks\Uninstaller_SkipUac_Fast_Alle.job (Task) 
Successfully deleted: C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job (Task) 
Successfully deleted: C:\Program Files (x86)\wise\wise registry cleaner (Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91AZFV14 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIKLO52Y (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SRY88LDL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Fast Alle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZNCNWWTA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91AZFV14 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIKLO52Y (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SRY88LDL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZNCNWWTA (Temporary Internet Files Folder) 

Deleted the following from C:\Users\Fast Alle\AppData\Roaming\Mozilla\Firefox\Profiles\tg6cq8a0.default\prefs.js
user_pref(avira.safe_search.installed, [\safesearch\]);
user_pref(avira.safe_search.search_was_active, false);
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\privatebrowsing-button\,\save-
user_pref(extensions.safesearch.MP_DISTINCT_ID, \147e9f9b41c7b-0b60bc03ad3dc5-42504136-0-147e9f9b41d270\);
user_pref(extensions.safesearch.SAUTH_expires_at, 1428917765);
user_pref(extensions.safesearch.SAUTH_rndsnr, \202b869f26051892ebb9827df2100130ad8d3a8f\);
user_pref(extensions.safesearch.SAUTH_userid, 5980829507);
user_pref(extensions.safesearch.SAUTH_utoken, \6d9f651744aa7fb1fca48157d313e659ae6922e1\);
user_pref(extensions.safesearch.install, 1408379761697);
user_pref(extensions.safesearch.search_offer_disabled, true);
user_pref(extensions.safesearch@avira.com.AUC_GUID, e82239c2-88d3-4ce9-95cd-6cb5fb9d74e2);
user_pref(extensions.safesearch@avira.com.MP_DISTINCT_ID, 147e9f9b41c7b-0b60bc03ad3dc5-42504136-0-147e9f9b41d270);
user_pref(extensions.safesearch@avira.com.initialSettingsApplied, true);
user_pref(extensions.safesearch@avira.com.install, 1408379761697);
user_pref(extensions.safesearch@avira.com.install-event-fired, true);
user_pref(extensions.safesearch@avira.com.migration_1_2_1, true);
user_pref(extensions.safesearch@avira.com.overrideNewTab, true);
user_pref(extensions.safesearch@avira.com.prev_default_engine_name, \Google\);
user_pref(extensions.safesearch@avira.com.sdk.baseURI, resource://safesearch-at-avira-dot-com/);
user_pref(extensions.safesearch@avira.com.sdk.domain, safesearch-at-avira-dot-com);
user_pref(extensions.safesearch@avira.com.sdk.load.reason, startup);
user_pref(extensions.safesearch@avira.com.sdk.rootURI, jar:file:///C:/Users/Fast%20Alle/AppData/Roaming/Mozilla/Firefox/Profiles/tg6cq8a0.default/extensions/safesearch@avir
user_pref(extensions.safesearch@avira.com.sdk.version, 1.4.1.371);
user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\Fast Alle\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\tg6cq8a0.def



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.01.2017 at 19:10:28,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Danke und Gruß!

Bitte nochmal adwCleaner ausführen um sicherzustellen, dass es auch alles bekannte erwischt hat.

Gemacht, keine Schadprogramme gefunden:

Schönen Abend noch!

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v6.041 - Bericht erstellt am 03/01/2017 um 22:12:07
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2017-01-03.1 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Fast Alle - AMD-GARDEROBE
# Gestartet von : C:\Users\Alle\Desktop\AdwCleaner_6.041.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

\AdwCleaner\AdwCleaner[C0].txt - [6032 Bytes] - [03/01/2017 18:54:05]
\AdwCleaner\AdwCleaner[R0].txt - [8932 Bytes] - [18/02/2014 23:35:16]
\AdwCleaner\AdwCleaner[R1].txt - [996 Bytes] - [18/02/2014 23:42:46]
\AdwCleaner\AdwCleaner[R2].txt - [1116 Bytes] - [18/02/2014 23:50:21]
\AdwCleaner\AdwCleaner[S0].txt - [8744 Bytes] - [18/02/2014 23:36:53]
\AdwCleaner\AdwCleaner[S1].txt - [1056 Bytes] - [18/02/2014 23:44:38]
\AdwCleaner\AdwCleaner[S3].txt - [6298 Bytes] - [03/01/2017 18:49:30]
\AdwCleaner\AdwCleaner[S4].txt - [6328 Bytes] - [22/11/2015 22:34:13]
\AdwCleaner\AdwCleaner[S5].txt - [6368 Bytes] - [03/01/2017 18:53:33]
\AdwCleaner\AdwCleaner[S6].txt - [1853 Bytes] - [03/01/2017 22:12:07]

########## EOF - \AdwCleaner\AdwCleaner[S6].txt - [1924 Bytes] ##########
         

____________________________________________________________

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v6.041 - Bericht erstellt am 03/01/2017 um 22:17:05
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2017-01-03.1 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Fast Alle - AMD-GARDEROBE
# Gestartet von : C:\Users\Alle\Desktop\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

\AdwCleaner\AdwCleaner[C0].txt - [6032 Bytes] - [03/01/2017 18:54:05]
\AdwCleaner\AdwCleaner[C2].txt - [1025 Bytes] - [03/01/2017 22:17:05]
\AdwCleaner\AdwCleaner[R0].txt - [8932 Bytes] - [18/02/2014 23:35:16]
\AdwCleaner\AdwCleaner[R1].txt - [996 Bytes] - [18/02/2014 23:42:46]
\AdwCleaner\AdwCleaner[R2].txt - [1116 Bytes] - [18/02/2014 23:50:21]
\AdwCleaner\AdwCleaner[S0].txt - [8744 Bytes] - [18/02/2014 23:36:53]
\AdwCleaner\AdwCleaner[S1].txt - [1056 Bytes] - [18/02/2014 23:44:38]
\AdwCleaner\AdwCleaner[S3].txt - [6298 Bytes] - [03/01/2017 18:49:30]
\AdwCleaner\AdwCleaner[S4].txt - [6328 Bytes] - [22/11/2015 22:34:13]
\AdwCleaner\AdwCleaner[S5].txt - [6368 Bytes] - [03/01/2017 18:53:33]
\AdwCleaner\AdwCleaner[S6].txt - [2001 Bytes] - [03/01/2017 22:12:07]

########## EOF - \AdwCleaner\AdwCleaner[C2].txt - [1734 Bytes] ##########