| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Benötige Analyse von Logdateien nach SpyHunter4-Entfernung (habe 6 Tools durchlaufen lassen)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
30.10.2017, 16:23
| #1 |
 |  Benötige Analyse von Logdateien nach SpyHunter4-Entfernung (habe 6 Tools durchlaufen lassen) Hallo liebe Helfer, ersteinmal: schön, dass es so ein Forum gibt! Danke dafür! Ich habe mir SpyHunter4 eingefangen und bereits erfolgreich entfernt (glaube ich). Daraufhin bin ich durch eure Seite auf verschiedene Tools aufmerksam geworden und habe diese heruntergeladen und durchlaufen lassen. Nun möchte ich jemanden von euch bitten, sich die Logdateien dazu einmal anzusehen, da ich damit nicht wirklich etwas anfangen kann. Ich habe folgende Tools benutzt: -SpyHunterKiller -adwCleaner -JRT4 -MalwarebytesMalwareScanner -FRST64 -TDSSKiller Ich kopiere nun die verschiedenen Texdateien hier rein und würde mich sehr über ein Feedback dazu freuen  Grüße, Katja AdwCleaner ________________ # AdwCleaner 7.0.4.0 - Logfile created on Mon Oct 30 14:57:07 2017 # Updated on 2017/27/10 by Malwarebytes # Database: 10-28-2017.1 # Running on Windows 7 Home Premium (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** PUP.Optional.Chip, chip1click ***** [ Folders ] ***** PUP.Optional.Chip, C:\Program Files (x86)\Chip Digital GmbH PUP.Optional.Chip, C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9 PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9 PUP.Optional.Chip, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9 PUP.Optional.Chip, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [2982 B] - [2017/10/30 12:28:1] C:/AdwCleaner/AdwCleaner[C1].txt - [1492 B] - [2017/10/30 12:42:1] C:/AdwCleaner/AdwCleaner[S0].txt - [3072 B] - [2017/10/30 12:23:26] C:/AdwCleaner/AdwCleaner[S1].txt - [1255 B] - [2017/10/30 12:41:4] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ########## # AdwCleaner 7.0.4.0 - Logfile created on Mon Oct 30 15:06:32 2017 # Updated on 2017/27/10 by Malwarebytes # Running on Windows 7 Home Premium (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: chip1click ***** [ Folders ] ***** Deleted: C:\Program Files (x86)\Chip Digital GmbH Deleted: C:\Windows\\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9 Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9 Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9 Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Proxy settings cleared ::IE policies deleted ::Chrome policies deleted ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [2982 B] - [2017/10/30 12:28:1] C:/AdwCleaner/AdwCleaner[C1].txt - [1492 B] - [2017/10/30 12:42:1] C:/AdwCleaner/AdwCleaner[S0].txt - [3072 B] - [2017/10/30 12:23:26] C:/AdwCleaner/AdwCleaner[S1].txt - [1255 B] - [2017/10/30 12:41:4] C:/AdwCleaner/AdwCleaner[S2].txt - [2134 B] - [2017/10/30 14:57:7] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 7 Home Premium x64 Ran by Katja (Administrator) on 30.10.2017 at 13:49:40,34 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 40 Successfully deleted: C:\Users\Katja\AppData\Local\{18F58110-13BC-41DC-AA1D-0C2EEDF66C1D} (Empty Folder) Successfully deleted: C:\Users\Katja\AppData\Local\{39F9F514-E871-498D-A87B-F3B655FEE934} (Empty Folder) Successfully deleted: C:\Users\Katja\AppData\Local\{BF94A65C-C282-42F7-A4C0-D350E5861293} (Empty Folder) Successfully deleted: C:\Users\Katja\AppData\Local\{C119E72F-689D-4A32-9B42-FF241239D94E} (Empty Folder) Successfully deleted: C:\Users\Katja\AppData\Local\{FD6FBC16-9BB7-472C-9108-2ADCC298186D} (Empty Folder) Successfully deleted: C:\Users\Katja\AppData\Roaming\pdfforge (Folder) Successfully deleted: C:\Program Files (x86)\GUTC25B.tmp (File) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1DSYHO2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8U1CI1IG (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1YX9192 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AO1XMIO9 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DL06Y84U (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7K4NO4H (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q15G2LIM (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RCSYUNXG (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYETRUK5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TCNHYF2L (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XBKF7Y3R (Temporary Internet Files Folder) Successfully deleted: C:\Users\Katja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZN68QXYA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1DSYHO2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8U1CI1IG (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1YX9192 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AO1XMIO9 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DL06Y84U (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7K4NO4H (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q15G2LIM (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RCSYUNXG (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYETRUK5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TCNHYF2L (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XBKF7Y3R (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZN68QXYA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\SysWOW64\REN30FF.tmp (File) Deleted the following from C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\w79n8vv3.default\prefs.js user_pref(browser.search.defaultenginename, Ixquick HTTPS); user_pref(browser.search.order.1, Ask.com); user_pref(browser.urlbar.suggest.searches, false); user_pref(extensions.unitedinternet.email.runonceNewUsersShown, true); Registry: 3 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15109BDA-A765-4C36-8D7C-53BA50B3DE90} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 30.10.2017 at 13:55:49,49 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
30.10.2017, 16:24
| #2 |
| | FRST und AdditionFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
durchgeführt von Katja (Administrator) auf KATJA-PC (30-10-2017 15:29:27)
Gestartet von C:\Users\Katja\Desktop
Geladene Profile: Katja & (Verfügbare Profile: UpdatusUser & Katja)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12681320 2011-08-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [hshhsaaaws] => ******************************************************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2011-08-06] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-74741880-4081328958-883279795-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141030542\...\Run: [Power2GoExpress] => NA
HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Run: [Dropbox Update] => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Run: [f.lux] => C:\Users\Katja\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] ()
HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3770504 2017-03-27] (HP Inc.)
HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\MountPoints2: {ee1f7bb0-aa57-11e6-bcb8-00262dca80e3} - F:\autorun.exe
HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\MountPoints2: {f796cb71-5a35-11e6-a498-00262dca80e3} - F:\autorun.exe
HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\MountPoints2: {f796cb84-5a35-11e6-a498-00262dca80e3} - F:\autorun.exe
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\Run: [Dropbox Update] => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\Run: [f.lux] => C:\Users\Katja\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] ()
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3770504 2017-03-27] (HP Inc.)
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\MountPoints2: {ee1f7bb0-aa57-11e6-bcb8-00262dca80e3} - F:\autorun.exe
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\MountPoints2: {f796cb71-5a35-11e6-a498-00262dca80e3} - F:\autorun.exe
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\MountPoints2: {f796cb84-5a35-11e6-a498-00262dca80e3} - F:\autorun.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8F5DF9EE-DB20-4D5F-824A-44184399E846}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-74741880-4081328958-883279795-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
HKU\S-1-5-21-74741880-4081328958-883279795-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-20] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-74741880-4081328958-883279795-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\w79n8vv3.default [2017-10-30]
FF Extension: (20-20 3D Viewer - IKEA) - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\w79n8vv3.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-08-31]
FF Extension: (Avira Browserschutz) - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\w79n8vv3.default\Extensions\abs@avira.com.xpi [2017-10-27]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\w79n8vv3.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-09]
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\w79n8vv3.default\searchplugins\ixquick-https.xml [2015-01-19]
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\w79n8vv3.default\searchplugins\wiktionary-de.xml [2012-04-05]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-16] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-74741880-4081328958-883279795-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Katja\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Katja\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default [2017-10-30]
CHR Extension: (Präsentationen) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-16]
CHR Extension: (YouTube) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-16]
CHR Extension: (Google-Suche) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-16]
CHR Extension: (Tabellen) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Avira Browserschutz) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-08]
CHR Extension: (Google Docs Offline) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-03-30]
CHR Extension: (Visualping) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2017-08-17]
CHR Extension: (Google Mail) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [408944 2017-10-16] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-28] ()
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-01] (SafeNet Inc.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [191688 2016-05-17] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2011-08-06] (Wistron Corp.)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [994064 2011-09-16] (Intel(R) Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-08-25] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-03] (SafeNet Inc.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [194272 2017-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [151128 2017-09-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-04] ()
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-17] (Huawei Technologies Co., Ltd.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [158464 2011-10-27] (ITE )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-30] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-10-30] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-10-30] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-10-30] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-10-30] (Malwarebytes)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-10-30 15:30 - 2017-10-30 15:30 - 001533960 _____ (CHIP Digital GmbH) C:\Users\Katja\Desktop\TDSSKiller - CHIP-Installer.exe
2017-10-30 15:27 - 2017-10-30 15:30 - 000023581 _____ C:\Users\Katja\Desktop\FRST.txt
2017-10-30 15:27 - 2017-10-30 15:27 - 000000000 ____D C:\FRST
2017-10-30 15:26 - 2017-10-30 15:26 - 002403328 _____ (Farbar) C:\Users\Katja\Desktop\FRST64.exe
2017-10-30 14:07 - 2017-10-30 15:10 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-10-30 14:07 - 2017-10-30 14:07 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-10-30 14:07 - 2017-10-30 14:07 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-10-30 14:07 - 2017-10-30 14:07 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-10-30 14:06 - 2017-10-30 14:06 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-10-30 14:06 - 2017-10-30 14:06 - 000001871 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-30 14:06 - 2017-10-30 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-30 14:06 - 2017-10-30 14:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-30 14:06 - 2017-10-30 14:06 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-30 14:06 - 2017-10-04 13:15 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-30 13:55 - 2017-10-30 13:55 - 000007285 _____ C:\Users\Katja\Desktop\JRT.txt
2017-10-30 13:47 - 2017-10-30 13:47 - 001790024 _____ (Malwarebytes) C:\Users\Katja\Desktop\JRT4.exe
2017-10-30 13:21 - 2017-10-30 13:42 - 000000000 ____D C:\AdwCleaner
2017-10-30 13:20 - 2017-10-30 13:20 - 008261584 _____ (Malwarebytes) C:\Users\Katja\Desktop\adwcleaner_7.0.4.0.exe
2017-10-30 13:07 - 2017-10-30 13:07 - 001032192 _____ C:\Users\Katja\Desktop\SpyHunterKiller.exe
2017-10-30 12:56 - 2017-10-30 13:09 - 000000000 ____D C:\Users\Katja\AppData\Roaming\Geek Uninstaller
2017-10-30 12:55 - 2017-10-30 12:56 - 003005801 _____ C:\Users\Katja\Downloads\geek_1.4.5.121.zip
2017-10-30 12:14 - 2017-10-30 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2017-10-30 12:14 - 2017-10-30 12:14 - 000000000 ____D C:\Program Files\ffdshow
2017-10-30 12:14 - 2014-06-28 16:40 - 000127488 _____ C:\Windows\system32\ff_vfw.dll
2017-10-27 20:27 - 2017-10-27 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2017-10-27 20:27 - 2017-10-27 20:27 - 000000000 ____D C:\Program Files (x86)\ffdshow
2017-10-27 20:27 - 2014-06-28 15:39 - 000112640 _____ C:\Windows\SysWOW64\ff_vfw.dll
2017-10-27 20:22 - 2017-10-27 20:22 - 000000000 _____ C:\autoexec.bat
2017-10-27 20:17 - 2017-10-27 20:17 - 000000000 ____D C:\Users\Katja\ffdshow_rev4531
2017-10-27 20:15 - 2017-10-30 13:27 - 000000000 ____D C:\Users\Katja\AppData\Local\Downloaded Installations
2017-10-27 20:14 - 2017-10-27 20:14 - 009650071 _____ C:\Users\Katja\ffdshow_rev4531.zip
2017-10-27 13:47 - 2017-10-27 13:49 - 000000000 ____D C:\Users\Katja\Death Note plus 2 filme
2017-10-20 14:46 - 2017-10-20 14:46 - 000000000 ____D C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-17 21:11 - 2017-10-17 21:12 - 000000000 ____D C:\Users\Katja\Desktop\Fiat Panda
2017-10-11 14:17 - 2017-10-11 14:17 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:04 - 2017-09-13 16:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:04 - 2017-09-08 16:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-10 19:04 - 2017-09-08 16:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-10 19:04 - 2017-09-08 16:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-10 19:04 - 2017-09-08 16:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-10 19:04 - 2017-09-08 16:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-10 19:04 - 2017-09-08 16:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-10 19:04 - 2017-09-07 22:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-10 19:04 - 2017-09-07 22:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-10 19:04 - 2017-09-07 22:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-10 19:04 - 2017-09-07 21:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-10 19:04 - 2017-09-07 20:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-10 19:04 - 2017-09-07 20:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-10 19:04 - 2017-09-07 20:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-10 19:04 - 2017-09-07 20:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-10 19:04 - 2017-09-07 20:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-10 19:04 - 2017-09-07 20:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-10 19:04 - 2017-09-07 19:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-10 19:04 - 2017-09-07 19:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-10 19:04 - 2017-09-07 19:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-10 19:04 - 2017-09-07 19:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-10 19:04 - 2017-09-07 18:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-10 19:04 - 2017-08-19 16:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-10 19:04 - 2017-08-14 18:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-10 19:04 - 2017-08-14 18:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-10 19:03 - 2017-09-13 16:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-10 19:03 - 2017-09-13 16:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-10 19:03 - 2017-09-13 16:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-10 19:03 - 2017-09-13 16:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-10 19:03 - 2017-09-13 16:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-10 19:03 - 2017-09-13 16:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-10 19:03 - 2017-09-13 16:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-10 19:03 - 2017-09-13 16:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-10 19:03 - 2017-09-13 16:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-10 19:03 - 2017-09-13 16:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:03 - 2017-09-13 16:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-10 19:03 - 2017-09-13 16:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-10 19:03 - 2017-09-13 16:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:03 - 2017-09-13 15:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-10 19:03 - 2017-09-13 15:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-10 19:03 - 2017-09-13 15:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-10 19:03 - 2017-09-13 15:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-10 19:03 - 2017-09-13 15:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-10 19:03 - 2017-09-13 15:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-10 19:03 - 2017-09-13 15:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-10 19:03 - 2017-09-13 15:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-10 19:03 - 2017-09-13 15:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-10 19:03 - 2017-09-13 15:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-10 19:03 - 2017-09-13 15:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-10 19:03 - 2017-09-13 15:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-10 19:03 - 2017-09-13 15:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 15:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 15:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 15:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:03 - 2017-09-13 15:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-10 19:03 - 2017-09-09 01:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-10 19:03 - 2017-09-09 00:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-10 19:03 - 2017-09-08 16:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-10 19:03 - 2017-09-08 16:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:03 - 2017-09-08 16:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:03 - 2017-09-08 16:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:03 - 2017-09-08 16:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-10 19:03 - 2017-09-08 16:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-10 19:03 - 2017-09-08 16:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-10 19:03 - 2017-09-08 16:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-10 19:03 - 2017-09-08 16:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-10 19:03 - 2017-09-08 16:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-10 19:03 - 2017-09-08 16:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-10 19:03 - 2017-09-08 16:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-10 19:03 - 2017-09-08 16:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-10 19:03 - 2017-09-08 16:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-10 19:03 - 2017-09-08 16:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-10 19:03 - 2017-09-08 15:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-10 19:03 - 2017-09-08 15:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-10 19:03 - 2017-09-08 15:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-10 19:03 - 2017-09-08 15:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-10 19:03 - 2017-09-08 15:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-10 19:03 - 2017-09-07 22:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-10 19:03 - 2017-09-07 22:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-10 19:03 - 2017-09-07 22:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-10 19:03 - 2017-09-07 22:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-10 19:03 - 2017-09-07 22:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:03 - 2017-09-07 22:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-10 19:03 - 2017-09-07 22:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:03 - 2017-09-07 22:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-10 19:03 - 2017-09-07 22:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-10 19:03 - 2017-09-07 22:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-10 19:03 - 2017-09-07 22:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-10 19:03 - 2017-09-07 22:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-10 19:03 - 2017-09-07 22:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:03 - 2017-09-07 21:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:03 - 2017-09-07 21:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-10 19:03 - 2017-09-07 21:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:03 - 2017-09-07 21:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-10 19:03 - 2017-09-07 21:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-10 19:03 - 2017-09-07 21:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-10 19:03 - 2017-09-07 21:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-10 19:03 - 2017-09-07 21:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-10 19:03 - 2017-09-07 21:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-10 19:03 - 2017-09-07 21:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-10 19:03 - 2017-09-07 21:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-10 19:03 - 2017-09-07 21:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-10 19:03 - 2017-09-07 21:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-10 19:03 - 2017-09-07 21:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:03 - 2017-09-07 20:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-10 19:03 - 2017-09-07 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-10 19:03 - 2017-09-07 20:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-10 19:03 - 2017-09-07 20:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-10 19:03 - 2017-09-07 20:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-10 19:03 - 2017-09-07 20:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-10 19:03 - 2017-09-07 20:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-10 19:03 - 2017-09-07 20:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-10 19:03 - 2017-09-07 19:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-10 19:03 - 2017-09-07 19:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-10 19:03 - 2017-09-07 19:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-10 19:03 - 2017-09-07 19:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-10 19:03 - 2017-09-07 19:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-10 19:03 - 2017-09-07 19:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:03 - 2017-09-07 19:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-10 19:03 - 2017-09-07 19:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-10 19:03 - 2017-09-07 19:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-10 19:03 - 2017-09-07 19:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-10 19:03 - 2017-09-07 19:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-10 19:03 - 2017-09-07 19:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-10 19:03 - 2017-09-07 19:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-10 19:03 - 2017-09-07 19:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-10 19:03 - 2017-09-07 19:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-10 19:03 - 2017-09-07 18:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-10 19:03 - 2017-09-07 16:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-10 19:03 - 2017-09-07 16:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-10 19:03 - 2017-09-07 15:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-10 19:03 - 2017-09-07 15:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-10 19:03 - 2017-09-07 15:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-10 19:03 - 2017-08-19 16:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-10 19:03 - 2017-08-19 16:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-10 19:03 - 2017-08-19 16:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-10 19:03 - 2017-08-19 16:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-10 19:03 - 2017-08-19 16:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-10 19:03 - 2017-08-19 16:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-10 19:03 - 2017-08-19 16:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-10 19:03 - 2017-08-19 15:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-10 19:03 - 2017-08-19 15:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-10 19:03 - 2017-08-14 18:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-10 19:03 - 2017-08-13 22:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-09 11:39 - 2017-10-30 14:03 - 000003316 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2017-10-05 17:07 - 2017-10-26 18:28 - 000000000 ____D C:\Users\Katja\Desktop\LVI SaWiFragen
2017-10-04 16:10 - 2017-10-19 16:57 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-10-30 14:43 - 2015-06-29 13:17 - 000001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001UA.job
2017-10-30 13:58 - 2016-11-15 17:13 - 000000000 ____D C:\Users\Katja\AppData\LocalLow\Mozilla
2017-10-30 13:58 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-30 13:58 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-30 13:52 - 2011-10-28 13:11 - 000703682 _____ C:\Windows\system32\perfh007.dat
2017-10-30 13:52 - 2011-10-28 13:11 - 000151032 _____ C:\Windows\system32\perfc007.dat
2017-10-30 13:52 - 2009-07-14 06:13 - 001631124 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-30 13:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-10-30 13:43 - 2011-10-27 20:34 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-30 13:43 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-30 13:30 - 2012-01-19 14:39 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-30 11:50 - 2016-11-15 16:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-30 11:50 - 2012-04-26 14:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-27 20:43 - 2015-06-29 13:17 - 000001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001Core.job
2017-10-27 20:18 - 2012-02-22 18:07 - 000264704 ___SH C:\Users\Katja\Thumbs.db
2017-10-27 20:17 - 2012-01-19 14:45 - 000000000 ____D C:\Users\Katja
2017-10-25 15:02 - 2012-08-10 20:09 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-25 15:02 - 2012-08-10 20:09 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-25 15:02 - 2011-10-27 21:01 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-25 15:02 - 2011-10-27 21:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-25 15:02 - 2011-10-27 21:01 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-20 16:42 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2017-10-20 14:46 - 2012-09-27 23:31 - 000000000 ____D C:\Users\Katja\AppData\Roaming\Dropbox
2017-10-19 16:57 - 2013-10-28 20:59 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-19 16:57 - 2012-11-01 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-10-13 17:16 - 2009-07-14 06:08 - 000032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-12 06:34 - 2009-07-14 05:45 - 000602624 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-11 14:24 - 2013-08-19 17:39 - 000000000 ____D C:\Windows\system32\MRT
2017-10-11 14:17 - 2011-10-27 22:06 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-11 14:14 - 2012-02-23 09:07 - 001605404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-09 11:36 - 2013-03-27 20:49 - 000194272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-10-05 17:12 - 2012-05-15 15:57 - 000000000 ____D C:\Users\Katja\Documents\Bewerbungen
2017-10-05 16:52 - 2012-03-04 18:52 - 000000000 ____D C:\Users\Katja\AppData\Roaming\vlc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-01-20 10:04 - 2012-01-20 10:04 - 000017408 _____ () C:\Users\Katja\AppData\Local\WebpageIcons.db
2016-01-08 18:33 - 2016-01-08 18:33 - 000000057 _____ () C:\ProgramData\Ament.ini
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\InstallOffice 2007\SaveAsPDFandXPS.exe
C:\Users\InstallOffice 2007\setup.exe
Einige Dateien in TEMP:
====================
2014-03-15 19:46 - 2014-08-08 19:21 - 000000000 ____D () C:\Users\Katja\AppData\Local\Temp\avgnt.exe
2017-10-30 12:56 - 2017-10-30 12:56 - 004052928 _____ (Geek Unіnstaller) C:\Users\Katja\AppData\Local\Temp\geek64.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-10-30 14:46
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-10-2017
durchgeführt von Katja (30-10-2017 15:31:07)
Gestartet von C:\Users\Katja\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-19 13:45:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-74741880-4081328958-883279795-500 - Administrator - Disabled)
Gast (S-1-5-21-74741880-4081328958-883279795-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-74741880-4081328958-883279795-1003 - Limited - Enabled)
Katja (S-1-5-21-74741880-4081328958-883279795-1001 - Administrator - Enabled) => C:\Users\Katja
UpdatusUser (S-1-5-21-74741880-4081328958-883279795-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{69A90894-D54A-4657-8172-6B0FCE93414E}) (Version: 1.2 - American Megatrends Inc.)
ArcGIS 10.4 for Desktop (HKLM-x32\...\{72E7DF0D-FFEE-43CE-A5FA-43DFC25DC087}) (Version: 10.4.5524 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.4 for Desktop (HKLM-x32\...\ArcGIS 10.4 for Desktop) (Version: 10.4.5524 - Environmental Systems Research Institute, Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Avira (HKLM-x32\...\{79C4A62C-8CC2-44AC-91FE-1299A215B4B7}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{f5da837f-e932-4f55-995c-7e97c5cbebdd}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 3.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3184 - CDBurnerXP)
CodeBlocks (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
CodeBlocks (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3225.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.5 - DivX, LLC)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
f.lux (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Flux) (Version: - f.lux Software LLC)
f.lux (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\Flux) (Version: - f.lux Software LLC)
ffdshow v1.3.4531 [2014-06-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4531.0 - )
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free CD Ripper 3.1 (HKLM-x32\...\Free CD Ripper_is1) (Version: - Focussoft.net)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GEOgraf V7 (HKLM-x32\...\{22E8950D-9736-4CB7-8A4D-26DA534BCEA3}) (Version: 1.00.0000 - HHK Datentechnik GmbH) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Dropbox Plugin (HKLM-x32\...\{1E18E86D-632C-48B5-962C-B60C2E53A478}) (Version: 36.0.41.58587 - HP)
HP ENVY 5540 series - Grundlegende Software für das Gerät (HKLM\...\{B4C07C9B-245A-42D6-A9D0-1A796FB21237}) (Version: 40.11.1119.1786 - HP Inc.)
HP ENVY 5540 series Hilfe (HKLM-x32\...\{77CC15A9-308D-4ED4-AD21-D28937F196C1}) (Version: 35.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Google Drive Plugin (HKLM-x32\...\{039DDA62-50CC-4E7F-9D54-7CF032A2D362}) (Version: 36.0.41.58587 - HP)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}) (Version: 2.2.14.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IT9130 Driver v11.8.2.1 (HKLM-x32\...\IT9130 DriverInstaller_11.8.2.1) (Version: - )
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalender-Excel-8.9 (HKLM-x32\...\Kalender-Excel-8.9_is1) (Version: 8.9 - MSDatec)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.4 - Wistron Corp.)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable - Language Pack - deu (HKLM-x32\...\{B2F21D11-631B-33C2-8E1A-73EA57FDFE33}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
NVIDIA 3D Vision Treiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH)
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
Physik1 (HKLM-x32\...\Physik1) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Quantum GIS Lisboa 1.8.0 Lisboa (HKLM-x32\...\Quantum GIS Lisboa) (Version: 1.8.0-r${SVN_REVISION}-2 - QGIS Development Team)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Remote Control Input Device Registry Key (HKLM-x32\...\{91EB0B20-08B0-4905-88FB-020952B9979F}) (Version: 1.1.0.0.081231 - Chicony)
Sentinel HASP Vendor Library (HKLM-x32\...\{C36D1DB0-7343-44C3-BC57-3B9C06325399}) (Version: 1.50.1.14055 - Trimble Navigation Ltd.)
SketchUp 2013 (HKLM-x32\...\{2C0777B8-E91F-45AA-976B-7EB6B40E5400}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SleepTimer Ultimate 2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Spotify) (Version: 0.9.0.128.g3134f863 - Spotify AB)
Spotify (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\...\Spotify) (Version: 0.9.0.128.g3134f863 - Spotify AB)
SWR3 RauchFrei Version 1.2 (HKLM-x32\...\SWR3 RauchFrei_is1) (Version: 1.1 - Oliver Reuther und SWR3)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5C677DD3-45D9-4B10-8591-5F8CEA76BAE0}) (Version: 1.12.16 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{5C677DD3-45D9-4B10-8591-5F8CEA76BAE0}) (Version: 1.12.16 - Texas Instruments Inc.) Hidden
Trimble Business Center (HKLM-x32\...\{177949B1-DBAF-4EA3-8FFC-C63873F657FA}) (Version: 2.70 - Trimble Navigation Ltd.)
Trimble Business Center Tutorials (HKLM-x32\...\{B11FB116-E676-45C7-85EA-AF789F55AE55}) (Version: 2.70 - Trimble Navigation Ltd.)
Trimble Feature Definition Manager (HKLM-x32\...\{51876E16-06FD-43A6-B3B2-11287CC78FD9}) (Version: 2.11 - Trimble Navigation Ltd.)
Trimble Office Synchronizer (HKLM-x32\...\{80C580A3-AB8C-49D4-BBD4-C362B9367C20}) (Version: 1.62 - Trimble Navigation Ltd.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
verdi Screen Saver (HKLM-x32\...\verdi Screen Saver) (Version: - )
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinKafka (HKLM-x32\...\{EE8AD592-B5C8-11D7-83CB-0050BF4EBD69}) (Version: 7.5.0 vom 16.10.2013 - )
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
ZEIBER (HKLM-x32\...\ST6UNST #1) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30] (Intel Corporation)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-29] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-10] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-74741880-4081328958-883279795-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-74741880-4081328958-883279795-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-74741880-4081328958-883279795-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {20D7C6EE-9F87-4738-AB7F-A49AC6984E77} - System32\Tasks\{C4D51685-AA1C-44B9-81C4-6915E9F0FD22} => C:\Windows\system32\pcalua.exe -a C:\Users\Katja\Desktop\Setup-750.exe -d C:\Users\Katja\Desktop
Task: {4525AF94-7CD6-46FA-88D7-59665CBB9107} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {5E702F6D-AA1B-412B-8A2F-49311FDE0B1C} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2017-10-17] (Avira Operations GmbH & Co. KG)
Task: {94663206-05C9-48A4-876C-FCDAE90935A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {9F08DDD2-C42B-4305-988D-8AF398A043C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {A464F598-46CE-4765-A686-BFAE1D611C21} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
Task: {A51ACAFC-B77A-44F0-BED6-EDDE9D457409} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001UA => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {DFD014EC-CA70-4C03-B8C6-58311E420DBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {F7EC4E3C-337A-4313-9A78-349D2DAA6909} - System32\Tasks\{02327DF5-BAC2-4605-B1AC-3BE1E37FEEA1} => C:\Windows\system32\pcalua.exe -a C:\Users\Katja\AppData\Local\Temp\Temp1_CAPLAN_05_2015.zip\SETUP.EXE <==== ACHTUNG
Task: {F8075B0E-D8FC-47C9-ACF8-FA097B0DC6BD} - System32\Tasks\{9B641D66-9328-4A40-A903-C334202D4E91} => C:\Windows\system32\pcalua.exe -a C:\Users\Katja\AppData\Local\Temp\Temp3_WinKafka.zip\Setup.exe <==== ACHTUNG
Task: {FF8A7091-B5F3-49CB-A9FA-B9EA4BF5D14D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001Core => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001Core.job => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001UA.job => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Katja\Desktop\TFH\Quantum GIS Desktop (1.8.0).lnk -> C:\Program Files (x86)\Quantum GIS Lisboa\bin\nircmd.exe (NirSoft) -> exec hide "C:\Program Files (x86)\Quantum GIS Lisboa\bin\qgis.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-09-16 01:46 - 2011-09-16 01:46 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2016-08-25 13:26 - 2016-05-17 04:02 - 000191688 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2011-10-28 10:49 - 2010-12-14 10:39 - 000244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-10-30 14:06 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-30 14:06 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-09-19 15:20 - 2017-09-19 15:20 - 000172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\6e1c3d90ac78d88bc08feaa6e8165e2c\IsdiInterop.ni.dll
2011-10-27 20:30 - 2011-05-20 18:05 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Katja\IMG_1143.JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\Katja\Documents\Kündigungen Wohnung:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Katja\Documents\Widerspruch Leistungsbeurteilung Katja Gleibe.docx:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-74741880-4081328958-883279795-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10302017141031189\Control Panel\Desktop\\Wallpaper -> C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^Users^Katja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Katja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Versandhelfer.lnk => C:\Windows\pss\Versandhelfer.lnk.Startup
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: HotkeyApp => "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Wbutton => "C:\Program Files (x86)\Launch Manager\Wbutton.exe"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{E20DBD12-083A-4C7B-B048-62F51DC45532}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{60633C33-6005-4E69-8984-5F2785A192B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{D5DD458C-E95C-473B-BBA2-14F78D66C934}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{EE0023C5-BEC5-4439-8F16-25848213A970}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{3302037F-B355-48FF-9CB2-2DD3328EE5A7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{7823CE3F-C9EF-469E-B5D9-3606C9A064FA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{5BEE3C4B-32BC-45DD-B5EC-3FF39E4F997A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{E9E72A56-8EFB-4E5C-AD94-3C3414315EB6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{189DEBA2-F1A6-4BEC-966A-49AE66D8C66F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E535C925-CA20-49AD-92BA-4D22E5FAFA20}] => (Allow) LPort=2869
FirewallRules: [{3A3AE09E-14D3-4899-91D8-A6E0115DAD1B}] => (Allow) LPort=1900
FirewallRules: [{D72B193E-DAA6-4947-B0DD-79B43E88826F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8D91D971-A8C7-4D9F-832B-30290AFC1B88}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{F8FCBCCB-40A6-41EB-8417-DC15A9C4DB82}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4F1A3EDC-55DD-4CB4-B47B-B0FD18BD02CB}] => (Allow) C:\Program Files (x86)\Konz\Steuer-Software\EP_Konz.exe
FirewallRules: [{059E7212-8D3E-451D-8FBF-E81EB10D5A8C}] => (Allow) C:\Program Files (x86)\Konz\Steuer-Software\EP_Konz.exe
FirewallRules: [{410713E6-CCFE-4EE5-AB03-799B813CB667}] => (Allow) C:\Program Files (x86)\Konz\Steuer-Software\KonzSteuerSoftware.exe
FirewallRules: [{BCA0830E-3124-4E09-88E4-350426D15065}] => (Allow) C:\Program Files (x86)\Konz\Steuer-Software\KonzSteuerSoftware.exe
FirewallRules: [TCP Query User{38F3D8DC-372F-4149-81DF-1D67A785191E}C:\users\katja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katja\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F81DCAF1-3A74-48F5-AA1E-17794C2957F4}C:\users\katja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katja\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7E7533B1-55A3-48C3-9956-383366E59B53}C:\users\katja\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katja\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D95185DA-066A-4CF6-B37B-4C445CE6FF72}C:\users\katja\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katja\appdata\roaming\spotify\spotify.exe
FirewallRules: [{35F9CC56-8CCD-4D32-BAF4-2EA3D40F6427}] => (Allow) C:\Users\Katja\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D99579D5-71B8-40A6-9C02-ED7D788339F3}] => (Allow) C:\Users\Katja\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A7EB45C7-4CBD-4412-B78B-B078DF55C59E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BF36FC3D-C242-45EA-8064-56EAC32CD288}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{4190ADA4-DEE8-4430-B690-75F07F37DA8D}C:\users\katja\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\katja\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{CAF386D3-727A-424A-B80F-796502B85196}C:\users\katja\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\katja\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{E2C2106A-29DE-4CE0-8EBA-3C39B973DB93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{22E2BC97-7CA6-4335-B509-B60C8F8B211A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DF4ED944-3752-4D5F-B503-1AB6E0A21B35}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{711B5E6F-EB67-4259-B96B-C48B34E68328}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{0708A6D4-B751-4534-916C-B4C86AAFF95B}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [TCP Query User{EC4CB766-416B-42FF-9A63-0576213CFB17}C:\program files (x86)\trimble\trimble business center\trimblebusinesscenter.exe] => (Allow) C:\program files (x86)\trimble\trimble business center\trimblebusinesscenter.exe
FirewallRules: [UDP Query User{9C88B0B8-9161-4EE8-B1AC-0225C5A5C224}C:\program files (x86)\trimble\trimble business center\trimblebusinesscenter.exe] => (Allow) C:\program files (x86)\trimble\trimble business center\trimblebusinesscenter.exe
FirewallRules: [{046D5343-4090-4653-B762-E694B6D132A5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D055CD55-1C9B-4327-8CBD-D4F6ED475B15}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9284D827-94A7-4EF0-953A-8E70D0B2DC93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{367A9AD2-345B-4474-B4E1-EC0FF21C7698}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E75A7D75-FF9E-406A-A846-37C83B6658E5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{18D13652-B091-485D-A38E-5C4B12BD3712}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{EAAAF3B6-8D51-4F8E-ADC5-363CE97C3BE9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{EAFFFB06-840B-4D39-A03D-39134192714F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{7539AB32-32D3-4526-912F-9D810571E5FA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{101AA575-856C-461D-B881-D91C960A5325}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D241A78E-7B58-4836-B870-19F42898768B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7C4D37F3-789D-495D-A967-A65BE0A43902}] => (Allow) C:\Users\Katja\AppData\Local\Temp\7zS493C\HP.EasyStart.exe
FirewallRules: [{A2FABCDB-B910-45E3-A7DA-4C24BA856BC0}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\DeviceSetup.exe
FirewallRules: [{05EBE651-3715-4C4D-9B3F-8748BBC6BA7C}] => (Allow) LPort=5357
FirewallRules: [{87F2062D-B024-4DFA-A78A-196845DE55BE}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3F3C37B5-1CCA-4094-A174-566C1A55753C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
11-10-2017 13:59:32 Windows Update
20-10-2017 16:40:00 Geplanter Prüfpunkt
30-10-2017 13:49:49 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/30/2017 03:29:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 26.10.2017.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 100
Startzeit: 01d3518b1d175fa8
Endzeit: 0
Anwendungspfad: C:\Users\Katja\Desktop\FRST64.exe
Berichts-ID: a51ce6dc-bd7e-11e7-997f-00262dca80e3
Error: (10/30/2017 01:49:06 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (10/30/2017 01:47:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (10/30/2017 01:45:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/30/2017 01:33:28 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (10/30/2017 01:32:57 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (10/30/2017 01:30:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (10/30/2017 11:55:10 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (10/30/2017 11:54:39 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (10/30/2017 11:51:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (10/30/2017 03:30:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (10/30/2017 03:30:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (10/30/2017 03:30:48 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.
Error: (10/30/2017 03:30:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (10/30/2017 03:30:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (10/30/2017 03:30:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (10/30/2017 03:30:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (10/30/2017 03:30:38 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.
Error: (10/30/2017 03:30:38 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.
Error: (10/30/2017 03:29:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 68%
Installierter physikalischer RAM: 4001.87 MB
Verfügbarer physikalischer RAM: 1251.31 MB
Summe virtueller Speicher: 8001.93 MB
Verfügbarer virtueller Speicher: 4804.75 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:394.66 GB) (Free:235.6 GB) NTFS
Drive d: (Recover) (Fixed) (Total:70 GB) (Free:41.41 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0DA1342C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=394.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=70 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
|
|
30.10.2017, 16:26
| #3 |
| | MBAM Malwarebytes
__________________www.malwarebytes.com -Protokolldetails- Scan-Datum: 30.10.17 Scan-Zeit: 14:10 Protokolldatei: a4575850-bd73-11e7-a2ca-00262dca80e3.json Administrator: Ja -Softwaredaten- Version: 3.2.2.2029 Komponentenversion: 1.0.212 Version des Aktualisierungspakets: 1.0.3127 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Katja-PC\Katja -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgeschlossen Gescannte Objekte: 475513 Erkannte Bedrohungen: 0 (keine bösartigen Elemente erkannt) In die Quarantäne verschobene Bedrohungen: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 13 Min., 51 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) 15:42:53.0687 0x16c4 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02 15:43:30.0769 0x16c4 ============================================================ 15:43:30.0769 0x16c4 Current date / time: 2017/10/30 15:43:30.0769 15:43:30.0769 0x16c4 SystemInfo: 15:43:30.0769 0x16c4 15:43:30.0769 0x16c4 OS Version: 6.1.7601 ServicePack: 1.0 15:43:30.0769 0x16c4 Product type: Workstation 15:43:30.0769 0x16c4 ComputerName: KATJA-PC 15:43:30.0769 0x16c4 UserName: Katja 15:43:30.0769 0x16c4 Windows directory: C:\Windows 15:43:30.0769 0x16c4 System windows directory: C:\Windows 15:43:30.0769 0x16c4 Running under WOW64 15:43:30.0769 0x16c4 Processor architecture: Intel x64 15:43:30.0769 0x16c4 Number of processors: 4 15:43:30.0769 0x16c4 Page size: 0x1000 15:43:30.0769 0x16c4 Boot type: Normal boot 15:43:30.0769 0x16c4 CodeIntegrityOptions = 0x00000001 15:43:30.0769 0x16c4 ============================================================ 15:43:33.0233 0x16c4 KLMD registered as C:\Windows\system32\drivers\96641657.sys 15:43:33.0233 0x16c4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23915, osProperties = 0x1 15:43:34.0185 0x16c4 System UUID: {EF2B1507-21B0-5827-FF17-749C5315408F} 15:43:35.0449 0x16c4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:43:35.0464 0x16c4 ============================================================ 15:43:35.0464 0x16c4 \Device\Harddisk0\DR0: 15:43:35.0464 0x16c4 MBR partitions: 15:43:35.0464 0x16c4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 15:43:35.0464 0x16c4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x31553000 15:43:35.0464 0x16c4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x31585800, BlocksNum 0x8C00000 15:43:35.0464 0x16c4 ============================================================ 15:43:35.0495 0x16c4 C: <-> \Device\Harddisk0\DR0\Partition2 15:43:35.0542 0x16c4 D: <-> \Device\Harddisk0\DR0\Partition3 15:43:35.0542 0x16c4 ============================================================ 15:43:35.0542 0x16c4 Initialize success 15:43:35.0542 0x16c4 ============================================================ 15:45:03.0604 0x0b1c ============================================================ 15:45:03.0604 0x0b1c Scan started 15:45:03.0604 0x0b1c Mode: Manual; SigCheck; TDLFS; 15:45:03.0604 0x0b1c ============================================================ 15:45:03.0604 0x0b1c KSN ping started 15:45:15.0039 0x0b1c KSN ping finished: true 15:45:16.0771 0x0b1c ================ Scan system memory ======================== 15:45:16.0771 0x0b1c System memory - ok 15:45:16.0771 0x0b1c ================ Scan services ============================= 15:45:17.0005 0x0b1c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 15:45:17.0145 0x0b1c 1394ohci - ok 15:45:17.0317 0x0b1c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 15:45:17.0364 0x0b1c ACPI - ok 15:45:17.0426 0x0b1c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 15:45:17.0457 0x0b1c AcpiPmi - ok 15:45:17.0629 0x0b1c [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 15:45:17.0676 0x0b1c AdobeARMservice - ok 15:45:17.0847 0x0b1c [ 1E849825D45BF597E82F86D6E99C42D2, 59103BC49849112BF2923E773B85FFA3405DF75589D3F23480B60E70933EFAA5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 15:45:17.0910 0x0b1c AdobeFlashPlayerUpdateSvc - ok 15:45:17.0988 0x0b1c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 15:45:18.0050 0x0b1c adp94xx - ok 15:45:18.0128 0x0b1c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 15:45:18.0175 0x0b1c adpahci - ok 15:45:18.0190 0x0b1c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 15:45:18.0222 0x0b1c adpu320 - ok 15:45:18.0253 0x0b1c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 15:45:18.0268 0x0b1c AeLookupSvc - ok 15:45:18.0362 0x0b1c [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys 15:45:18.0409 0x0b1c AFD - ok 15:45:18.0424 0x0b1c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 15:45:18.0456 0x0b1c agp440 - ok 15:45:18.0487 0x0b1c [ 44F360B65C37A42EB5B71C2E5179FDD5, A7E65515FEE1698C96F647111F5C7D009C5FAC9A1F62D027802861A699AF1F93 ] aksdf C:\Windows\system32\drivers\aksdf.sys 15:45:18.0502 0x0b1c aksdf - ok 15:45:18.0549 0x0b1c [ 43415AF4F20E9867974623840A22FE98, 6AA2B5C000D984D21AC75A0BE48D359C24EDEB6343A9B507C299ECDA5DEAD367 ] aksfridge C:\Windows\system32\DRIVERS\aksfridge.sys 15:45:18.0580 0x0b1c aksfridge - ok 15:45:18.0643 0x0b1c [ A56F1B0F967AEF8A82D7771E6D166DEF, 498B2C9AFC8298C0D06FD6278DEA698C2AFEEC419200C1EF8C150ED7CB6FA1E8 ] akshasp C:\Windows\system32\DRIVERS\akshasp.sys 15:45:18.0690 0x0b1c akshasp - ok 15:45:18.0705 0x0b1c [ BC0EE7F8D0BE561793B80871F4F10627, DC748791B3E10598B9C6C9CA80176802A0A44063F3523C74E6C0D0732DFFAC3D ] akshhl C:\Windows\system32\DRIVERS\akshhl.sys 15:45:18.0736 0x0b1c akshhl - ok 15:45:18.0752 0x0b1c [ 27F2E2C89A1855B063FCAC21EB7D6A73, B6DB303B5A41F8A73D929492699396ADC22F0D4DD9A32A7731D0F85B1B629A4D ] aksusb C:\Windows\system32\DRIVERS\aksusb.sys 15:45:18.0768 0x0b1c aksusb - ok 15:45:18.0799 0x0b1c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 15:45:18.0830 0x0b1c ALG - ok 15:45:18.0861 0x0b1c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 15:45:18.0877 0x0b1c aliide - ok 15:45:18.0908 0x0b1c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 15:45:18.0924 0x0b1c amdide - ok 15:45:18.0970 0x0b1c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 15:45:19.0002 0x0b1c AmdK8 - ok 15:45:19.0017 0x0b1c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 15:45:19.0033 0x0b1c AmdPPM - ok 15:45:19.0064 0x0b1c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 15:45:19.0080 0x0b1c amdsata - ok 15:45:19.0095 0x0b1c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 15:45:19.0126 0x0b1c amdsbs - ok 15:45:19.0142 0x0b1c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 15:45:19.0158 0x0b1c amdxata - ok 15:45:19.0236 0x0b1c [ 3BC90482A834F998C3B7A9C934A20342, D49765D1DCDE0D7FB2478D33BD28A3733ADA951C5AE7628A5E316F039A3AA0B1 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys 15:45:19.0298 0x0b1c AMPPAL - ok 15:45:19.0329 0x0b1c [ 3BC90482A834F998C3B7A9C934A20342, D49765D1DCDE0D7FB2478D33BD28A3733ADA951C5AE7628A5E316F039A3AA0B1 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys 15:45:19.0345 0x0b1c AMPPALP - ok 15:45:19.0501 0x0b1c [ A47D7FEBD9381D34DDB4FF38B15A67FE, 2935E312C0BEDC2B8CABAA9B20C653B87373BE72F9AEEE0980E329CC30FCF678 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 15:45:19.0594 0x0b1c AMPPALR3 - ok 15:45:19.0719 0x0b1c [ BE5AC6251F7CD342384A8E3E3694B6BA, 420C43D24047A81CFC4A2C5BE8C50D4B39A3238EDBF6F106A2F9F9895BC88AC4 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 15:45:19.0782 0x0b1c AntiVirMailService - ok 15:45:19.0828 0x0b1c [ 30230481E43BC868DD46B8C045B43B87, 0A94AD3A11ACEDC1CE54FA886028EC40E33326C5CCE0E9D665DE3F4602CCC7D8 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:45:19.0875 0x0b1c AntiVirSchedulerService - ok 15:45:19.0938 0x0b1c [ 30230481E43BC868DD46B8C045B43B87, 0A94AD3A11ACEDC1CE54FA886028EC40E33326C5CCE0E9D665DE3F4602CCC7D8 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:45:19.0984 0x0b1c AntiVirService - ok 15:45:20.0125 0x0b1c [ ED4AB79E74D309369EA4B12DCD4F9FA2, 1CF9A18F6FBECDDA0952861A9151677EC48C2EC9508939B01955CF8A456B325C ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 15:45:20.0218 0x0b1c AntiVirWebService - ok 15:45:20.0281 0x0b1c [ C16B5B379A2A79702CC5FF923EAAE3FD, FD6A1E3C46282CF77AFA9FB4B4ACE2DB6295DFB0C69EA07BE7160538041CDB2F ] AppID C:\Windows\system32\drivers\appid.sys 15:45:20.0312 0x0b1c AppID - ok 15:45:20.0343 0x0b1c [ 5152D6B29C61EF59537DBDA92BFE2978, 6D426A0FEE016A8899ADE864DD84BE019C5B5DB7E1DB295ED720239877FCB3EF ] AppIDSvc C:\Windows\System32\appidsvc.dll 15:45:20.0374 0x0b1c AppIDSvc - ok 15:45:20.0421 0x0b1c [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll 15:45:20.0437 0x0b1c Appinfo - ok 15:45:20.0468 0x0b1c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 15:45:20.0484 0x0b1c arc - ok 15:45:20.0515 0x0b1c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 15:45:20.0530 0x0b1c arcsas - ok 15:45:20.0671 0x0b1c [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:45:20.0749 0x0b1c aspnet_state - ok 15:45:20.0780 0x0b1c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 15:45:20.0827 0x0b1c AsyncMac - ok 15:45:20.0874 0x0b1c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 15:45:20.0889 0x0b1c atapi - ok 15:45:20.0952 0x0b1c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 15:45:20.0983 0x0b1c AudioEndpointBuilder - ok 15:45:21.0030 0x0b1c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll 15:45:21.0061 0x0b1c AudioSrv - ok 15:45:21.0139 0x0b1c [ 6C94D74033458BC2BDF11EED4E78F027, E52134268B2CED17801EE1D7ABA713CECE4CD960AF24749B74CD84B707CB344B ] avdevprot C:\Windows\system32\DRIVERS\avdevprot.sys 15:45:21.0170 0x0b1c avdevprot - ok 15:45:21.0248 0x0b1c [ 5F5A98E76AD853E19253CDC13510AB56, 97F8E5F7DB933E22312422B6F38A6C08A7BD10EF52B310B3C08839EEBC502AEB ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 15:45:21.0295 0x0b1c avgntflt - ok 15:45:21.0342 0x0b1c [ BECC8515CE9E2AD079CF008B5A611446, 336F6E317EC52B2D0F58C453E8DF0E532DCAEC84FDD14C265B88C2D23F2A6255 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 15:45:21.0373 0x0b1c avipbb - ok 15:45:21.0513 0x0b1c [ 7261EDB02B17397107D2D618EE3157FF, F93A39E0952E4FD877443F05A7191C14A8089FE3D6CE1583F3E3299317B3B0FA ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 15:45:21.0544 0x0b1c Avira.ServiceHost - ok 15:45:21.0607 0x0b1c [ 3E0AB8C453FA433B15A30BAA8BD4B275, 30453E68013DF1A3CD9197F28E8591A67BFA6CA784129666A6F7DF9D2E12440B ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 15:45:21.0638 0x0b1c avkmgr - ok 15:45:21.0716 0x0b1c [ 19B6F9073BD606B7ABEC03A0328FDC1B, 639E6A05BB0E52CDBDF887A3FA209B32F84253D274F2A9A89E1D96F1BE4C8143 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 15:45:21.0747 0x0b1c avnetflt - ok 15:45:21.0794 0x0b1c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 15:45:21.0825 0x0b1c AxInstSV - ok 15:45:21.0872 0x0b1c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 15:45:21.0919 0x0b1c b06bdrv - ok 15:45:21.0966 0x0b1c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 15:45:21.0997 0x0b1c b57nd60a - ok 15:45:22.0044 0x0b1c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 15:45:22.0090 0x0b1c BDESVC - ok 15:45:22.0106 0x0b1c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 15:45:22.0153 0x0b1c Beep - ok 15:45:22.0215 0x0b1c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 15:45:22.0246 0x0b1c BFE - ok 15:45:22.0309 0x0b1c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 15:45:22.0387 0x0b1c BITS - ok 15:45:22.0418 0x0b1c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 15:45:22.0434 0x0b1c blbdrive - ok 15:45:22.0558 0x0b1c [ 55B0C8441DE7D91A819A39D0351154A2, EA39144C82DB7F48D12042ED12701932C9339DA9E9AF002B09FF5E8101BC6047 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 15:45:22.0605 0x0b1c Bluetooth Device Monitor - ok 15:45:22.0652 0x0b1c [ 7E262330DF0C4BE4ECE853B59B9CBE4C, 11397833838266425CB400B5A0F4379E1F23822D1E7BFBC898F7ABD88CC8DA9A ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 15:45:22.0714 0x0b1c Bluetooth Media Service - ok 15:45:22.0808 0x0b1c [ 8BF4B9956E13871A88A3810074E2E110, CB76A83C02904675A28E6E3C29FA6FC3969C1012B6528FF0B0A55036E2E73AF7 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 15:45:22.0886 0x0b1c Bluetooth OBEX Service - ok 15:45:22.0948 0x0b1c [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys 15:45:22.0980 0x0b1c bowser - ok 15:45:22.0995 0x0b1c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 15:45:23.0026 0x0b1c BrFiltLo - ok 15:45:23.0026 0x0b1c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 15:45:23.0058 0x0b1c BrFiltUp - ok 15:45:23.0089 0x0b1c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 15:45:23.0120 0x0b1c Browser - ok 15:45:23.0167 0x0b1c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 15:45:23.0198 0x0b1c Brserid - ok 15:45:23.0229 0x0b1c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 15:45:23.0245 0x0b1c BrSerWdm - ok 15:45:23.0260 0x0b1c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 15:45:23.0276 0x0b1c BrUsbMdm - ok 15:45:23.0292 0x0b1c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 15:45:23.0323 0x0b1c BrUsbSer - ok 15:45:23.0370 0x0b1c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 15:45:23.0416 0x0b1c BthEnum - ok 15:45:23.0448 0x0b1c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 15:45:23.0463 0x0b1c BTHMODEM - ok 15:45:23.0541 0x0b1c [ 5A8951D195AFEF979C4AB02A129EBC37, 48FD4A921E51B6DD306A1248EB9A1A6AEC5F59E49528423BF2F40600B3AF1D08 ] BthPan C:\Windows\system32\drivers\bthpan.sys 15:45:23.0572 0x0b1c BthPan - ok 15:45:23.0635 0x0b1c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 15:45:23.0682 0x0b1c BTHPORT - ok 15:45:23.0713 0x0b1c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 15:45:23.0760 0x0b1c bthserv - ok 15:45:23.0791 0x0b1c [ 9E2AF97302B9F4BF97E952A865EB31AE, 2DE38CF8A24CC1E31604EF870704DE342D800762A2ECCF3E4AF0B183C1408456 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 15:45:23.0806 0x0b1c BTHSSecurityMgr - ok 15:45:23.0838 0x0b1c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 15:45:23.0853 0x0b1c BTHUSB - ok 15:45:23.0884 0x0b1c [ 270FBA230E78E25726D065A924589A72, 9D68C51B0A5F969CE2700F6CD9D98DE224D9D67F43D599F07BDCEC020C890E79 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 15:45:23.0916 0x0b1c btmaux - ok 15:45:23.0962 0x0b1c [ 0010A54571F525A97EED8C091E96EAA9, 6BA69BD0BEAFAF0385C53E2FEB3C7E19DA797C4C732F60600243F2B79B6CDC64 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 15:45:23.0994 0x0b1c btmhsf - ok 15:45:24.0025 0x0b1c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 15:45:24.0072 0x0b1c cdfs - ok 15:45:24.0103 0x0b1c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 15:45:24.0134 0x0b1c cdrom - ok 15:45:24.0165 0x0b1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 15:45:24.0212 0x0b1c CertPropSvc - ok 15:45:24.0274 0x0b1c [ 5E1BCF6E4859E66CE5A0246DF8827A16, 21DC9CFA0EF40B6D45F4FC2DF4AE7D911D53CB3AA462BE8CE71D5421EF39D3CB ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe 15:45:24.0290 0x0b1c chip1click - detected UnsignedFile.Multi.Generic ( 1 ) 15:45:24.0742 0x0b1c chip1click ( UnsignedFile.Multi.Generic ) - warning 15:45:25.0257 0x0b1c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 15:45:25.0288 0x0b1c circlass - ok 15:45:25.0382 0x0b1c [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS C:\Windows\system32\CLFS.sys 15:45:25.0413 0x0b1c CLFS - ok 15:45:25.0491 0x0b1c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:45:25.0522 0x0b1c clr_optimization_v2.0.50727_32 - ok 15:45:25.0569 0x0b1c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:45:25.0600 0x0b1c clr_optimization_v2.0.50727_64 - ok 15:45:25.0710 0x0b1c [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:45:25.0772 0x0b1c clr_optimization_v4.0.30319_32 - ok 15:45:25.0788 0x0b1c [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:45:25.0819 0x0b1c clr_optimization_v4.0.30319_64 - ok 15:45:25.0850 0x0b1c [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 15:45:25.0897 0x0b1c clwvd - ok 15:45:25.0912 0x0b1c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 15:45:25.0928 0x0b1c CmBatt - ok 15:45:25.0959 0x0b1c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 15:45:25.0975 0x0b1c cmdide - ok 15:45:26.0100 0x0b1c [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys 15:45:26.0131 0x0b1c CNG - ok 15:45:26.0178 0x0b1c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 15:45:26.0193 0x0b1c Compbatt - ok 15:45:26.0224 0x0b1c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 15:45:26.0256 0x0b1c CompositeBus - ok 15:45:26.0271 0x0b1c COMSysApp - ok 15:45:26.0412 0x0b1c [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 15:45:26.0458 0x0b1c cphs - ok 15:45:26.0490 0x0b1c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 15:45:26.0521 0x0b1c crcdisk - ok 15:45:26.0568 0x0b1c [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc C:\Windows\system32\cryptsvc.dll 15:45:26.0599 0x0b1c CryptSvc - ok 15:45:26.0770 0x0b1c [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 15:45:26.0848 0x0b1c cvhsvc - ok 15:45:26.0926 0x0b1c [ 7F5CD87CA5BDB4D83F992D8C77201483, 01818EF455833CA3396C8EA4696B8DC28E3A6A3618C081D046C8F207FACAB788 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe 15:45:26.0958 0x0b1c CyberLink PowerDVD 10 MS Monitor Service - ok 15:45:26.0989 0x0b1c [ 9FAF58E876A3B1DB3030A0A5805F2D86, 682939B774DF6A28268897A7E113F6D2DF9AD73DBF1994F937FB48818478B7FE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe 15:45:27.0036 0x0b1c CyberLink PowerDVD 10 MS Service - ok 15:45:27.0098 0x0b1c [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] DcomLaunch C:\Windows\system32\rpcss.dll 15:45:27.0145 0x0b1c DcomLaunch - ok 15:45:27.0176 0x0b1c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 15:45:27.0223 0x0b1c defragsvc - ok 15:45:27.0285 0x0b1c [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys 15:45:27.0332 0x0b1c DfsC - ok 15:45:27.0363 0x0b1c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 15:45:27.0410 0x0b1c Dhcp - ok 15:45:27.0535 0x0b1c [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll 15:45:27.0628 0x0b1c DiagTrack - ok 15:45:27.0660 0x0b1c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 15:45:27.0706 0x0b1c discache - ok 15:45:27.0753 0x0b1c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys 15:45:27.0769 0x0b1c Disk - ok 15:45:27.0800 0x0b1c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 15:45:27.0847 0x0b1c Dnscache - ok 15:45:27.0878 0x0b1c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 15:45:27.0925 0x0b1c dot3svc - ok 15:45:27.0956 0x0b1c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 15:45:28.0003 0x0b1c DPS - ok 15:45:28.0050 0x0b1c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 15:45:28.0081 0x0b1c drmkaud - ok 15:45:28.0143 0x0b1c [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 15:45:28.0206 0x0b1c DXGKrnl - ok 15:45:28.0268 0x0b1c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 15:45:28.0330 0x0b1c EapHost - ok 15:45:28.0502 0x0b1c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 15:45:28.0674 0x0b1c ebdrv - ok 15:45:28.0705 0x0b1c [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] EFS C:\Windows\System32\lsass.exe 15:45:28.0736 0x0b1c EFS - ok 15:45:28.0830 0x0b1c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 15:45:28.0892 0x0b1c ehRecvr - ok 15:45:28.0908 0x0b1c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 15:45:28.0923 0x0b1c ehSched - ok 15:45:29.0017 0x0b1c [ 9DF468D8CCE3B3BD200CFB31E9EA17BB, D2700E2ACB034E8698E81526E7470E265E1F791503ED528E66ED0BB574CA6FFA ] ElfoService C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe 15:45:29.0079 0x0b1c ElfoService - ok 15:45:29.0142 0x0b1c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 15:45:29.0188 0x0b1c elxstor - ok 15:45:29.0220 0x0b1c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 15:45:29.0235 0x0b1c ErrDev - ok 15:45:29.0298 0x0b1c [ 11B9D886D7AE2F2F5C6BC03D7C52FD31, CA3EB6AB127A01311DA1C7CE3A2F4C2C3E3641F45718CFCA0F8AED7235BE910D ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys 15:45:29.0329 0x0b1c ESProtectionDriver - ok 15:45:29.0391 0x0b1c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 15:45:29.0454 0x0b1c EventSystem - ok 15:45:29.0625 0x0b1c [ B20A788579E443F768AAB1A24F705D0A, 7F861BFAE038F44FABE96F91FA9C28D6FFEBA61A400F49B77F60829DE3C31638 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 15:45:29.0703 0x0b1c EvtEng - ok 15:45:29.0766 0x0b1c [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys 15:45:29.0812 0x0b1c exfat - ok 15:45:29.0828 0x0b1c [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys 15:45:29.0875 0x0b1c fastfat - ok 15:45:29.0937 0x0b1c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 15:45:30.0015 0x0b1c Fax - ok 15:45:30.0046 0x0b1c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 15:45:30.0078 0x0b1c fdc - ok 15:45:30.0093 0x0b1c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 15:45:30.0124 0x0b1c fdPHost - ok 15:45:30.0140 0x0b1c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 15:45:30.0187 0x0b1c FDResPub - ok 15:45:30.0234 0x0b1c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 15:45:30.0265 0x0b1c FileInfo - ok 15:45:30.0280 0x0b1c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 15:45:30.0327 0x0b1c Filetrace - ok 15:45:30.0483 0x0b1c [ B036BA28DAC35BC9D4845023E8043CD6, 4654FD668471927AD64372694086F205BC5C7B74382FBD70F471B0CC917C8A43 ] FlexNet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe 15:45:30.0530 0x0b1c FlexNet Licensing Service - ok 15:45:30.0592 0x0b1c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 15:45:30.0624 0x0b1c flpydisk - ok 15:45:30.0655 0x0b1c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 15:45:30.0686 0x0b1c FltMgr - ok 15:45:30.0795 0x0b1c [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache C:\Windows\system32\FntCache.dll 15:45:30.0920 0x0b1c FontCache - ok 15:45:30.0998 0x0b1c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:45:31.0014 0x0b1c FontCache3.0.0.0 - ok 15:45:31.0029 0x0b1c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 15:45:31.0060 0x0b1c FsDepends - ok 15:45:31.0076 0x0b1c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 15:45:31.0107 0x0b1c Fs_Rec - ok 15:45:31.0154 0x0b1c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 15:45:31.0216 0x0b1c fvevol - ok 15:45:31.0248 0x0b1c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 15:45:31.0263 0x0b1c gagp30kx - ok 15:45:31.0357 0x0b1c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll 15:45:31.0466 0x0b1c gpsvc - ok 15:45:31.0560 0x0b1c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:45:31.0575 0x0b1c gupdate - ok 15:45:31.0606 0x0b1c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:45:31.0622 0x0b1c gupdatem - ok 15:45:31.0731 0x0b1c [ D619BA1712B83D14149850E758B835AD, AD18807EC4DA6FA8C6846C1A0D914071FD59BD3273AFC103E5F2A7141F18C5F4 ] hardlock C:\Windows\system32\drivers\hardlock.sys 15:45:31.0762 0x0b1c hardlock - ok 15:45:31.0778 0x0b1c hasplms - ok 15:45:31.0809 0x0b1c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 15:45:31.0825 0x0b1c hcw85cir - ok 15:45:31.0872 0x0b1c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 15:45:31.0903 0x0b1c HdAudAddService - ok 15:45:31.0918 0x0b1c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 15:45:31.0950 0x0b1c HDAudBus - ok 15:45:31.0965 0x0b1c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 15:45:31.0996 0x0b1c HidBatt - ok 15:45:32.0012 0x0b1c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 15:45:32.0043 0x0b1c HidBth - ok 15:45:32.0074 0x0b1c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 15:45:32.0106 0x0b1c HidIr - ok 15:45:32.0121 0x0b1c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 15:45:32.0168 0x0b1c hidserv - ok 15:45:32.0215 0x0b1c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 15:45:32.0277 0x0b1c HidUsb - ok 15:45:32.0308 0x0b1c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 15:45:32.0355 0x0b1c hkmsvc - ok 15:45:32.0371 0x0b1c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 15:45:32.0402 0x0b1c HomeGroupListener - ok 15:45:32.0433 0x0b1c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 15:45:32.0464 0x0b1c HomeGroupProvider - ok 15:45:32.0496 0x0b1c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 15:45:32.0527 0x0b1c HpSAMD - ok 15:45:32.0605 0x0b1c [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP C:\Windows\system32\drivers\HTTP.sys 15:45:32.0667 0x0b1c HTTP - ok 15:45:32.0745 0x0b1c [ 32ED4147E7252A6885C28BE688895FD8, 259A9FDB41F0D09F8CEB59FBD215C2D27AA9894FB88E9CCFD251DE6663F18E8F ] HuaweiHiSuiteService64.exe C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe 15:45:32.0792 0x0b1c HuaweiHiSuiteService64.exe - ok 15:45:32.0839 0x0b1c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 15:45:32.0854 0x0b1c hwpolicy - ok 15:45:32.0901 0x0b1c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 15:45:32.0917 0x0b1c i8042prt - ok 15:45:32.0964 0x0b1c [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\drivers\iaStor.sys 15:45:32.0995 0x0b1c iaStor - ok 15:45:33.0073 0x0b1c [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 15:45:33.0088 0x0b1c IAStorDataMgrSvc - ok 15:45:33.0135 0x0b1c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 15:45:33.0182 0x0b1c iaStorV - ok 15:45:33.0213 0x0b1c [ DE9E40BAEE2E48FD1E3EB423074C014C, 33F0738F8E0C803C025E72401E9A3A5B54E5256BFF18CEE6D913EB65E8003D2B ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys 15:45:33.0244 0x0b1c iBtFltCoex - ok 15:45:33.0291 0x0b1c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:45:33.0354 0x0b1c idsvc - ok 15:45:33.0400 0x0b1c IEEtwCollectorService - ok 15:45:33.0650 0x0b1c [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 15:45:33.0900 0x0b1c igfx - ok 15:45:33.0931 0x0b1c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 15:45:33.0962 0x0b1c iirsp - ok 15:45:34.0024 0x0b1c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 15:45:34.0102 0x0b1c IKEEXT - ok 15:45:34.0212 0x0b1c [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 15:45:34.0243 0x0b1c intaud_WaveExtensible - ok 15:45:34.0399 0x0b1c [ A5F7CEF8A939EBE270462EDEFD629F20, 889AB15BB3027C3350449776158579C9916F1CCA2B278FEB50E23D599366FDFA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 15:45:34.0570 0x0b1c IntcAzAudAddService - ok 15:45:34.0664 0x0b1c [ AE594CC17C33AC146739494615E14851, 0E4FA415C1B4065083D761A458450FAE9C6A6EE6E49B3A598B43871D6F01B3EC ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 15:45:34.0711 0x0b1c IntcDAud - ok 15:45:34.0758 0x0b1c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 15:45:34.0773 0x0b1c intelide - ok 15:45:34.0789 0x0b1c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 15:45:34.0820 0x0b1c intelppm - ok 15:45:34.0851 0x0b1c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 15:45:34.0898 0x0b1c IPBusEnum - ok 15:45:34.0929 0x0b1c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:45:34.0976 0x0b1c IpFilterDriver - ok 15:45:35.0007 0x0b1c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 15:45:35.0070 0x0b1c iphlpsvc - ok 15:45:35.0101 0x0b1c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 15:45:35.0116 0x0b1c IPMIDRV - ok 15:45:35.0148 0x0b1c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 15:45:35.0194 0x0b1c IPNAT - ok 15:45:35.0226 0x0b1c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 15:45:35.0241 0x0b1c IRENUM - ok 15:45:35.0272 0x0b1c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 15:45:35.0288 0x0b1c isapnp - ok 15:45:35.0335 0x0b1c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 15:45:35.0366 0x0b1c iScsiPrt - ok 15:45:35.0428 0x0b1c [ 00CB3B7A1B166B425F9A330CA51E3568, 769F36EC0A4A18A9FEC8AE5FF1605E003E514C688182AA779F5C77652A7C3061 ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys 15:45:35.0460 0x0b1c IT9135BDA - ok 15:45:35.0506 0x0b1c [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys 15:45:35.0522 0x0b1c iwdbus - ok 15:45:35.0553 0x0b1c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 15:45:35.0569 0x0b1c kbdclass - ok 15:45:35.0584 0x0b1c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 15:45:35.0616 0x0b1c kbdhid - ok 15:45:35.0631 0x0b1c [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] KeyIso C:\Windows\system32\lsass.exe 15:45:35.0662 0x0b1c KeyIso - ok 15:45:35.0709 0x0b1c [ DFE85B031220F8E0271716BBB3C4C8FF, 531AB0851AE2F2B25D751605529C483B4734E5D26F94F56DEC0191730DD6A9A4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 15:45:35.0725 0x0b1c KSecDD - ok 15:45:35.0756 0x0b1c [ 70D7302DD70B979637179BFD8295C924, 7A3498C8A90AC5D7A070E9BCAF1BC0D16F478A7160A9333C58247034C5B3B59F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 15:45:35.0772 0x0b1c KSecPkg - ok 15:45:35.0803 0x0b1c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 15:45:35.0834 0x0b1c ksthunk - ok 15:45:35.0881 0x0b1c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 15:45:35.0943 0x0b1c KtmRm - ok 15:45:35.0974 0x0b1c [ 6DD5383C9413AAE3113FAF89E345663D, 205760D46BF2B7011B7F32E85206C996D6D018D572BC61ED44671E5810144DCA ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 15:45:35.0990 0x0b1c L1C - ok 15:45:36.0021 0x0b1c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 15:45:36.0068 0x0b1c LanmanServer - ok 15:45:36.0099 0x0b1c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 15:45:36.0146 0x0b1c LanmanWorkstation - ok 15:45:36.0193 0x0b1c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 15:45:36.0240 0x0b1c lltdio - ok 15:45:36.0271 0x0b1c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 15:45:36.0333 0x0b1c lltdsvc - ok 15:45:36.0349 0x0b1c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 15:45:36.0396 0x0b1c lmhosts - ok 15:45:36.0442 0x0b1c [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 15:45:36.0458 0x0b1c LMS - ok 15:45:36.0505 0x0b1c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 15:45:36.0520 0x0b1c LSI_FC - ok 15:45:36.0552 0x0b1c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 15:45:36.0583 0x0b1c LSI_SAS - ok 15:45:36.0583 0x0b1c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 15:45:36.0598 0x0b1c LSI_SAS2 - ok 15:45:36.0630 0x0b1c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 15:45:36.0645 0x0b1c LSI_SCSI - ok 15:45:36.0676 0x0b1c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 15:45:36.0723 0x0b1c luafv - ok 15:45:36.0770 0x0b1c [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys 15:45:36.0786 0x0b1c LVRS64 - ok 15:45:37.0020 0x0b1c [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 15:45:37.0238 0x0b1c LVUVC64 - ok 15:45:37.0300 0x0b1c [ CECCE390C61356C615FB21D735EF5E47, F994A6BD3B791BDE77C789C6FD3484E4C7897B9F8EE93543D46838CBE0CA411E ] MBAMChameleon C:\Windows\System32\Drivers\MbamChameleon.sys 15:45:37.0332 0x0b1c MBAMChameleon - ok 15:45:37.0394 0x0b1c [ 20046A5DB1466EBD0DCAEB84D00C5432, AC1E264C2D8348FF543193890BE328A8AC4C9BB32A2BBB14FD36644B930C384F ] MBAMFarflt C:\Windows\system32\DRIVERS\farflt.sys 15:45:37.0425 0x0b1c MBAMFarflt - ok 15:45:37.0441 0x0b1c [ 30F7226AC3603A18FC86DFBEA5EBB13D, 86A725B05869CEBC49D6A5EAB9825FDBB3A2CFDB76820173F2D94D3A9274E3F2 ] MBAMProtection C:\Windows\system32\DRIVERS\mbam.sys 15:45:37.0472 0x0b1c MBAMProtection - ok 15:45:37.0815 0x0b1c [ FEAF4E98C93BC3512B8108D2F534A3BA, 6D93EF21DB9BFFACC1241E823F9BB7719B9395D64BBF952874CFF015B7930D92 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe 15:45:38.0112 0x0b1c MBAMService - ok 15:45:38.0190 0x0b1c [ EAC1189D80DE42C84066BA51DAC1A3C0, FA6E28AEE1DF43D4276461A91DEA8BE6937F07C818EA015594911CE5FB393808 ] MBAMSwissArmy C:\Windows\System32\Drivers\mbamswissarmy.sys 15:45:38.0221 0x0b1c MBAMSwissArmy - ok 15:45:38.0268 0x0b1c [ 8135271183EA7C59BD865873C972159D, ECCA510FF375E706AFB8D412FD8B05C5AC7E14215D1BCC18EA7DC080BFBBB3CB ] MBAMWebProtection C:\Windows\system32\DRIVERS\mwac.sys 15:45:38.0283 0x0b1c MBAMWebProtection - ok 15:45:38.0314 0x0b1c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 15:45:38.0346 0x0b1c Mcx2Svc - ok 15:45:38.0377 0x0b1c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 15:45:38.0392 0x0b1c megasas - ok 15:45:38.0424 0x0b1c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 15:45:38.0455 0x0b1c MegaSR - ok 15:45:38.0502 0x0b1c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys 15:45:38.0517 0x0b1c MEIx64 - ok 15:45:38.0595 0x0b1c [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 15:45:38.0642 0x0b1c Microsoft Office Groove Audit Service - ok 15:45:38.0673 0x0b1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 15:45:38.0720 0x0b1c MMCSS - ok 15:45:38.0751 0x0b1c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 15:45:38.0782 0x0b1c Modem - ok 15:45:38.0798 0x0b1c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 15:45:38.0829 0x0b1c monitor - ok 15:45:38.0860 0x0b1c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 15:45:38.0876 0x0b1c mouclass - ok 15:45:38.0923 0x0b1c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 15:45:38.0938 0x0b1c mouhid - ok 15:45:39.0001 0x0b1c [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 15:45:39.0016 0x0b1c mountmgr - ok 15:45:39.0094 0x0b1c [ 9483990A1D62927147778E2A1C2F5775, 0721E682853D348227FA6E925CC83FC839D9CCD27DBAD81363C471D9B7155132 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 15:45:39.0141 0x0b1c MozillaMaintenance - ok 15:45:39.0172 0x0b1c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 15:45:39.0188 0x0b1c mpio - ok 15:45:39.0219 0x0b1c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 15:45:39.0250 0x0b1c mpsdrv - ok 15:45:39.0360 0x0b1c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 15:45:39.0438 0x0b1c MpsSvc - ok 15:45:39.0484 0x0b1c [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 15:45:39.0516 0x0b1c MRxDAV - ok 15:45:39.0578 0x0b1c [ 767C6DF04C5758B9F0790D400541B44F, BFC38D7BCF19F7246BCAD3E04273A403F6B973432EE0EF6E25B16BA3826A21B7 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 15:45:39.0594 0x0b1c mrxsmb - ok 15:45:39.0625 0x0b1c [ BD55F604FFABC911F8E5500186AE70E5, 3719EDB070E6FFE9781337A05CA0309C3CD5CD38A292DF091E05C9BA3D5A479F ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:45:39.0656 0x0b1c mrxsmb10 - ok 15:45:39.0672 0x0b1c [ 92EECFB046D4706A4B8D699A4069B6EC, 3B3E232DABA913A500CE55AD8600D8DD8F28E32B0276B9B6C8FD6239688833A4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:45:39.0703 0x0b1c mrxsmb20 - ok 15:45:39.0734 0x0b1c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 15:45:39.0750 0x0b1c msahci - ok 15:45:39.0765 0x0b1c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 15:45:39.0796 0x0b1c msdsm - ok 15:45:39.0796 0x0b1c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 15:45:39.0828 0x0b1c MSDTC - ok 15:45:39.0874 0x0b1c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 15:45:39.0921 0x0b1c Msfs - ok 15:45:39.0968 0x0b1c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 15:45:39.0999 0x0b1c mshidkmdf - ok 15:45:40.0015 0x0b1c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 15:45:40.0030 0x0b1c msisadrv - ok 15:45:40.0062 0x0b1c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 15:45:40.0108 0x0b1c MSiSCSI - ok 15:45:40.0108 0x0b1c msiserver - ok 15:45:40.0140 0x0b1c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 15:45:40.0186 0x0b1c MSKSSRV - ok 15:45:40.0186 0x0b1c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 15:45:40.0233 0x0b1c MSPCLOCK - ok 15:45:40.0249 0x0b1c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 15:45:40.0280 0x0b1c MSPQM - ok 15:45:40.0311 0x0b1c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 15:45:40.0327 0x0b1c MsRPC - ok 15:45:40.0358 0x0b1c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 15:45:40.0389 0x0b1c mssmbios - ok 15:45:40.0405 0x0b1c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 15:45:40.0436 0x0b1c MSTEE - ok 15:45:40.0467 0x0b1c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 15:45:40.0483 0x0b1c MTConfig - ok 15:45:40.0498 0x0b1c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 15:45:40.0514 0x0b1c Mup - ok 15:45:40.0592 0x0b1c [ F217D7718FD7577AF331E89910B2D21E, 216605E4F3F7E2FDB531E4197FBDE46166D5C7D812099D322E20E0CA4BF4797C ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 15:45:40.0608 0x0b1c MyWiFiDHCPDNS - ok 15:45:40.0686 0x0b1c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 15:45:40.0748 0x0b1c napagent - ok 15:45:40.0826 0x0b1c [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 15:45:40.0873 0x0b1c NativeWifiP - ok 15:45:40.0935 0x0b1c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 15:45:40.0998 0x0b1c NDIS - ok 15:45:41.0013 0x0b1c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 15:45:41.0060 0x0b1c NdisCap - ok 15:45:41.0091 0x0b1c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 15:45:41.0138 0x0b1c NdisTapi - ok 15:45:41.0169 0x0b1c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 15:45:41.0200 0x0b1c Ndisuio - ok 15:45:41.0232 0x0b1c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 15:45:41.0278 0x0b1c NdisWan - ok 15:45:41.0278 0x0b1c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 15:45:41.0341 0x0b1c NDProxy - ok 15:45:41.0356 0x0b1c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 15:45:41.0403 0x0b1c NetBIOS - ok 15:45:41.0450 0x0b1c [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 15:45:41.0481 0x0b1c NetBT - ok 15:45:41.0512 0x0b1c [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] Netlogon C:\Windows\system32\lsass.exe 15:45:41.0528 0x0b1c Netlogon - ok 15:45:41.0559 0x0b1c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 15:45:41.0622 0x0b1c Netman - ok 15:45:41.0715 0x0b1c [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:45:41.0793 0x0b1c NetMsmqActivator - ok 15:45:41.0824 0x0b1c [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:45:41.0840 0x0b1c NetPipeActivator - ok 15:45:41.0887 0x0b1c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 15:45:41.0965 0x0b1c netprofm - ok 15:45:42.0012 0x0b1c [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:45:42.0043 0x0b1c NetTcpActivator - ok 15:45:42.0074 0x0b1c [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:45:42.0090 0x0b1c NetTcpPortSharing - ok 15:45:42.0511 0x0b1c [ 9FD1BE1881446D954FF77244AE58FBCB, 4FC9FFDB8F3079372C33F87102E38DC6A82E47FB8751498447CA4B00C2A17694 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 15:45:42.0885 0x0b1c NETwNs64 - ok 15:45:42.0932 0x0b1c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 15:45:42.0963 0x0b1c nfrd960 - ok 15:45:42.0994 0x0b1c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 15:45:43.0041 0x0b1c NlaSvc - ok 15:45:43.0072 0x0b1c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 15:45:43.0135 0x0b1c Npfs - ok 15:45:43.0166 0x0b1c [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi C:\Windows\system32\nsisvc.dll 15:45:43.0197 0x0b1c nsi - ok 15:45:43.0197 0x0b1c [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 15:45:43.0228 0x0b1c nsiproxy - ok 15:45:43.0353 0x0b1c [ 96FEB18D7FFA4DC10F0C3CC4EF41500E, B7F937B8579CD81CC3298E0AADDF559DB451DE04DBAC88A082C722B7E84E0494 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 15:45:43.0447 0x0b1c Ntfs - ok 15:45:43.0462 0x0b1c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 15:45:43.0494 0x0b1c Null - ok 15:45:43.0915 0x0b1c [ 993D73A8090C957230DE4E14AA9C5DFF, 3864CB466E0F76881131AC8043C53297B70C30D3F1B5C3C7A8CC031EA86D60FC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:45:44.0383 0x0b1c nvlddmkm - ok 15:45:44.0586 0x0b1c [ 29C4634D4B9A36CAA14BA5C91E5F4E8B, 474894ED2E48375BBA9C2A9B45CA44E58CDE5816218ED03DE418955615CF6CD4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys 15:45:44.0617 0x0b1c nvpciflt - ok 15:45:44.0648 0x0b1c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 15:45:44.0679 0x0b1c nvraid - ok 15:45:44.0710 0x0b1c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 15:45:44.0726 0x0b1c nvstor - ok 15:45:44.0773 0x0b1c [ C367AD646714E03E14F24F39EC206736, 231EFD56E51497DC452D96F249E1C193CEF8139392253CDB32AA664107B76E62 ] nvsvc C:\Windows\system32\nvvsvc.exe 15:45:44.0820 0x0b1c nvsvc - ok 15:45:44.0929 0x0b1c [ 44407283382D82C64C9195DE686D4205, 51BE011A0D4CB850B62B30324A9ED14EEC125F4B7AC46926014D9CCD2C10820D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 15:45:44.0976 0x0b1c nvUpdatusService - ok 15:45:45.0007 0x0b1c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 15:45:45.0022 0x0b1c nv_agp - ok 15:45:45.0132 0x0b1c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 15:45:45.0163 0x0b1c odserv - ok 15:45:45.0194 0x0b1c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 15:45:45.0210 0x0b1c ohci1394 - ok 15:45:45.0319 0x0b1c [ D30981DA22F2EDB8678AF50B634A9587, 0758ACE093D62226EF045CF080A038A16CAA42FD007B4133052828DB28ABBC60 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:45:45.0350 0x0b1c ose - ok 15:45:45.0631 0x0b1c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:45:45.0880 0x0b1c osppsvc - ok 15:45:45.0927 0x0b1c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 15:45:45.0990 0x0b1c p2pimsvc - ok 15:45:46.0364 0x0b1c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 15:45:46.0395 0x0b1c p2psvc - ok 15:45:46.0442 0x0b1c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 15:45:46.0473 0x0b1c Parport - ok 15:45:46.0520 0x0b1c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 15:45:46.0536 0x0b1c partmgr - ok 15:45:46.0582 0x0b1c [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll 15:45:46.0629 0x0b1c PcaSvc - ok 15:45:46.0645 0x0b1c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 15:45:46.0676 0x0b1c pci - ok 15:45:46.0723 0x0b1c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 15:45:46.0738 0x0b1c pciide - ok 15:45:46.0785 0x0b1c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 15:45:46.0801 0x0b1c pcmcia - ok 15:45:46.0832 0x0b1c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 15:45:46.0848 0x0b1c pcw - ok 15:45:46.0910 0x0b1c [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys 15:45:46.0972 0x0b1c PEAUTH - ok 15:45:47.0066 0x0b1c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 15:45:47.0097 0x0b1c PerfHost - ok 15:45:47.0222 0x0b1c [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll 15:45:47.0347 0x0b1c pla - ok 15:45:47.0425 0x0b1c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 15:45:47.0487 0x0b1c PlugPlay - ok 15:45:47.0503 0x0b1c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 15:45:47.0534 0x0b1c PNRPAutoReg - ok 15:45:47.0565 0x0b1c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 15:45:47.0581 0x0b1c PNRPsvc - ok 15:45:47.0659 0x0b1c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 15:45:47.0721 0x0b1c PolicyAgent - ok 15:45:47.0768 0x0b1c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 15:45:47.0815 0x0b1c Power - ok 15:45:47.0862 0x0b1c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 15:45:47.0924 0x0b1c PptpMiniport - ok 15:45:47.0955 0x0b1c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 15:45:47.0971 0x0b1c Processor - ok 15:45:48.0018 0x0b1c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 15:45:48.0064 0x0b1c ProfSvc - ok 15:45:48.0080 0x0b1c [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] ProtectedStorage C:\Windows\system32\lsass.exe 15:45:48.0111 0x0b1c ProtectedStorage - ok 15:45:48.0142 0x0b1c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 15:45:48.0189 0x0b1c Psched - ok 15:45:48.0220 0x0b1c [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 15:45:48.0252 0x0b1c PSI_SVC_2 - ok 15:45:48.0345 0x0b1c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 15:45:48.0439 0x0b1c ql2300 - ok 15:45:48.0517 0x0b1c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 15:45:48.0548 0x0b1c ql40xx - ok 15:45:48.0579 0x0b1c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 15:45:48.0610 0x0b1c QWAVE - ok 15:45:48.0642 0x0b1c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 15:45:48.0673 0x0b1c QWAVEdrv - ok 15:45:48.0782 0x0b1c [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 15:45:48.0798 0x0b1c RapiMgr - ok 15:45:48.0829 0x0b1c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 15:45:48.0860 0x0b1c RasAcd - ok 15:45:48.0891 0x0b1c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 15:45:48.0938 0x0b1c RasAgileVpn - ok 15:45:48.0954 0x0b1c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 15:45:49.0000 0x0b1c RasAuto - ok 15:45:49.0032 0x0b1c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 15:45:49.0063 0x0b1c Rasl2tp - ok 15:45:49.0094 0x0b1c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 15:45:49.0156 0x0b1c RasMan - ok 15:45:49.0172 0x0b1c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 15:45:49.0219 0x0b1c RasPppoe - ok 15:45:49.0250 0x0b1c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 15:45:49.0297 0x0b1c RasSstp - ok 15:45:49.0312 0x0b1c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 15:45:49.0359 0x0b1c rdbss - ok 15:45:49.0390 0x0b1c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 15:45:49.0406 0x0b1c rdpbus - ok 15:45:49.0422 0x0b1c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 15:45:49.0484 0x0b1c RDPCDD - ok 15:45:49.0484 0x0b1c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 15:45:49.0531 0x0b1c RDPENCDD - ok 15:45:49.0546 0x0b1c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 15:45:49.0593 0x0b1c RDPREFMP - ok 15:45:49.0749 0x0b1c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 15:45:49.0827 0x0b1c RdpVideoMiniport - ok 15:45:49.0874 0x0b1c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 15:45:49.0952 0x0b1c RDPWD - ok 15:45:49.0983 0x0b1c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 15:45:50.0014 0x0b1c rdyboost - ok 15:45:50.0124 0x0b1c [ B9A0810D16EA7935B10A5499ABA61DC3, 231D8E9E07FACC03D2E0A4AC97B1151DB942B0B297FFF20A703878EC3A20770D ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 15:45:50.0170 0x0b1c RegSrvc - ok 15:45:50.0202 0x0b1c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 15:45:50.0248 0x0b1c RemoteAccess - ok 15:45:50.0280 0x0b1c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 15:45:50.0326 0x0b1c RemoteRegistry - ok 15:45:50.0358 0x0b1c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 15:45:50.0389 0x0b1c RFCOMM - ok 15:45:50.0482 0x0b1c [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 15:45:50.0545 0x0b1c RichVideo - detected UnsignedFile.Multi.Generic ( 1 ) 15:45:50.0888 0x0b1c Detect skipped due to KSN trusted 15:45:50.0888 0x0b1c RichVideo - ok 15:45:51.0013 0x0b1c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 15:45:51.0075 0x0b1c RpcEptMapper - ok 15:45:51.0106 0x0b1c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 15:45:51.0138 0x0b1c RpcLocator - ok 15:45:51.0184 0x0b1c [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] RpcSs C:\Windows\system32\rpcss.dll 15:45:51.0216 0x0b1c RpcSs - ok 15:45:51.0262 0x0b1c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 15:45:51.0309 0x0b1c rspndr - ok 15:45:51.0340 0x0b1c [ CE0A1D8A59410E698140821E4E69DA0D, 4AEBF07C4016AF62B1A4F1C838FDC3A272FC643E596A86E4FE3C34F10523E318 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys 15:45:51.0372 0x0b1c RSUSBVSTOR - ok 15:45:51.0387 0x0b1c [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] SamSs C:\Windows\system32\lsass.exe 15:45:51.0403 0x0b1c SamSs - ok 15:45:51.0434 0x0b1c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 15:45:51.0450 0x0b1c sbp2port - ok 15:45:51.0481 0x0b1c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 15:45:51.0528 0x0b1c SCardSvr - ok 15:45:51.0559 0x0b1c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 15:45:51.0606 0x0b1c scfilter - ok 15:45:51.0684 0x0b1c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 15:45:51.0762 0x0b1c Schedule - ok 15:45:51.0793 0x0b1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 15:45:51.0824 0x0b1c SCPolicySvc - ok 15:45:51.0855 0x0b1c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 15:45:51.0886 0x0b1c SDRSVC - ok 15:45:51.0933 0x0b1c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 15:45:51.0949 0x0b1c secdrv - ok 15:45:51.0996 0x0b1c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll 15:45:52.0027 0x0b1c seclogon - ok 15:45:52.0058 0x0b1c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 15:45:52.0105 0x0b1c SENS - ok 15:45:52.0136 0x0b1c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 15:45:52.0167 0x0b1c SensrSvc - ok 15:45:52.0198 0x0b1c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 15:45:52.0230 0x0b1c Serenum - ok 15:45:52.0245 0x0b1c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 15:45:52.0276 0x0b1c Serial - ok 15:45:52.0308 0x0b1c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 15:45:52.0323 0x0b1c sermouse - ok 15:45:52.0354 0x0b1c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 15:45:52.0401 0x0b1c SessionEnv - ok 15:45:52.0417 0x0b1c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 15:45:52.0448 0x0b1c sffdisk - ok 15:45:52.0464 0x0b1c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 15:45:52.0479 0x0b1c sffp_mmc - ok 15:45:52.0495 0x0b1c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 15:45:52.0510 0x0b1c sffp_sd - ok 15:45:52.0526 0x0b1c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 15:45:52.0542 0x0b1c sfloppy - ok 15:45:52.0620 0x0b1c [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 15:45:52.0666 0x0b1c Sftfs - ok 15:45:52.0760 0x0b1c [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 15:45:52.0807 0x0b1c sftlist - ok 15:45:52.0869 0x0b1c [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 15:45:52.0900 0x0b1c Sftplay - ok 15:45:52.0900 0x0b1c [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 15:45:52.0932 0x0b1c Sftredir - ok 15:45:52.0947 0x0b1c [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 15:45:52.0963 0x0b1c Sftvol - ok 15:45:53.0010 0x0b1c [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 15:45:53.0041 0x0b1c sftvsa - ok 15:45:53.0072 0x0b1c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 15:45:53.0150 0x0b1c SharedAccess - ok 15:45:53.0181 0x0b1c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 15:45:53.0244 0x0b1c ShellHWDetection - ok 15:45:53.0290 0x0b1c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 15:45:53.0306 0x0b1c SiSRaid2 - ok 15:45:53.0337 0x0b1c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 15:45:53.0368 0x0b1c SiSRaid4 - ok 15:45:53.0446 0x0b1c [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 15:45:53.0478 0x0b1c SkypeUpdate - ok 15:45:53.0509 0x0b1c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 15:45:53.0556 0x0b1c Smb - ok 15:45:53.0602 0x0b1c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 15:45:53.0618 0x0b1c SNMPTRAP - ok 15:45:53.0649 0x0b1c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 15:45:53.0665 0x0b1c spldr - ok 15:45:53.0696 0x0b1c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 15:45:53.0758 0x0b1c Spooler - ok 15:45:53.0914 0x0b1c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 15:45:54.0086 0x0b1c sppsvc - ok 15:45:54.0117 0x0b1c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 15:45:54.0164 0x0b1c sppuinotify - ok 15:45:54.0226 0x0b1c [ 72E6A150A8C8530B201832D1C801CDE6, EFBDD5D1FB924979E63D829A6970CB5552A746BEBB7C4D41066684CA16A374E0 ] srv C:\Windows\system32\DRIVERS\srv.sys 15:45:54.0289 0x0b1c srv - ok 15:45:54.0320 0x0b1c [ C4F67ABCC5033D334613F28F9E782809, A19E32E2EF790E88E7013C298AF0A34A9957A7CE55DF19FBD7BDF688D3767BA5 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 15:45:54.0367 0x0b1c srv2 - ok 15:45:54.0382 0x0b1c [ C53CB62B0E57488AAE41FDA0FF8A0AB9, 93614C72C578E348B66690585F8AC2B53C0C19D2C96AAD3E776D3389CA5E43B6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 15:45:54.0414 0x0b1c srvnet - ok 15:45:54.0445 0x0b1c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 15:45:54.0492 0x0b1c SSDPSRV - ok 15:45:54.0507 0x0b1c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 15:45:54.0554 0x0b1c SstpSvc - ok 15:45:54.0663 0x0b1c [ 17FC2EAD763F0237457817A753A5A676, CDA2EFE4AC5A7BE034FF1A5A6469CF7C4B295BF5E1D995C9A289AD9E8FBD3740 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 15:45:54.0726 0x0b1c Stereo Service - ok 15:45:54.0741 0x0b1c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 15:45:54.0757 0x0b1c stexstor - ok 15:45:54.0804 0x0b1c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 15:45:54.0835 0x0b1c StillCam - ok 15:45:54.0882 0x0b1c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 15:45:54.0944 0x0b1c stisvc - ok 15:45:54.0975 0x0b1c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 15:45:54.0991 0x0b1c swenum - ok 15:45:55.0022 0x0b1c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 15:45:55.0084 0x0b1c swprv - ok 15:45:55.0162 0x0b1c [ B3AD15FA10EBEAFC1275F34050E4E230, 23FE8863FD6BD69FAB40880D21678AF6B696DD3E1C014C3B7DE21D371EA628A6 ] SynTP C:\Windows\system32\drivers\SynTP.sys 15:45:55.0209 0x0b1c SynTP - ok 15:45:55.0303 0x0b1c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 15:45:55.0412 0x0b1c SysMain - ok 15:45:55.0443 0x0b1c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 15:45:55.0474 0x0b1c TabletInputService - ok 15:45:55.0506 0x0b1c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 15:45:55.0568 0x0b1c TapiSrv - ok 15:45:55.0708 0x0b1c [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 15:45:55.0849 0x0b1c Tcpip - ok 15:45:55.0927 0x0b1c [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 15:45:55.0989 0x0b1c TCPIP6 - ok 15:45:56.0036 0x0b1c [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 15:45:56.0083 0x0b1c tcpipreg - ok 15:45:56.0114 0x0b1c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 15:45:56.0145 0x0b1c TDPIPE - ok 15:45:56.0161 0x0b1c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 15:45:56.0192 0x0b1c TDTCP - ok 15:45:56.0239 0x0b1c [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 15:45:56.0254 0x0b1c tdx - ok 15:45:56.0301 0x0b1c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 15:45:56.0317 0x0b1c TermDD - ok 15:45:56.0364 0x0b1c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 15:45:56.0410 0x0b1c TermService - ok 15:45:56.0442 0x0b1c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 15:45:56.0473 0x0b1c Themes - ok 15:45:56.0504 0x0b1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 15:45:56.0551 0x0b1c THREADORDER - ok 15:45:56.0582 0x0b1c [ DA632FAE7B5629032B2C24E1BE29168B, 89327F67F427B12C5DAB664FA88FCA2133C737945C92037945CBF25C5E396587 ] tihub3 C:\Windows\system32\drivers\tihub3.sys 15:45:56.0598 0x0b1c tihub3 - ok 15:45:56.0644 0x0b1c [ 6AAD465F69632931B6D8D61B287E6DE9, 789837B5241B836F0EFEEF0970062AC965425246DF2B638535B8648CC7EF7DF9 ] tixhci C:\Windows\system32\drivers\tixhci.sys 15:45:56.0691 0x0b1c tixhci - ok 15:45:56.0722 0x0b1c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 15:45:56.0769 0x0b1c TrkWks - ok 15:45:56.0800 0x0b1c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 15:45:56.0847 0x0b1c TrustedInstaller - ok 15:45:56.0894 0x0b1c [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 15:45:56.0925 0x0b1c tssecsrv - ok 15:45:56.0941 0x0b1c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 15:45:56.0972 0x0b1c TsUsbFlt - ok 15:45:56.0988 0x0b1c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 15:45:57.0019 0x0b1c TsUsbGD - ok 15:45:57.0066 0x0b1c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 15:45:57.0097 0x0b1c tunnel - ok 15:45:57.0128 0x0b1c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 15:45:57.0144 0x0b1c uagp35 - ok 15:45:57.0175 0x0b1c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 15:45:57.0222 0x0b1c udfs - ok 15:45:57.0253 0x0b1c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 15:45:57.0268 0x0b1c UI0Detect - ok 15:45:57.0300 0x0b1c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 15:45:57.0315 0x0b1c uliagpkx - ok 15:45:57.0362 0x0b1c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 15:45:57.0393 0x0b1c umbus - ok 15:45:57.0424 0x0b1c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 15:45:57.0456 0x0b1c UmPass - ok 15:45:57.0487 0x0b1c [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 15:45:57.0534 0x0b1c UMVPFSrv - ok 15:45:57.0690 0x0b1c [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 15:45:57.0861 0x0b1c UNS - ok 15:45:57.0892 0x0b1c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 15:45:57.0955 0x0b1c upnphost - ok 15:45:58.0002 0x0b1c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 15:45:58.0048 0x0b1c usbaudio - ok 15:45:58.0080 0x0b1c [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 15:45:58.0126 0x0b1c usbccgp - ok 15:45:58.0142 0x0b1c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 15:45:58.0189 0x0b1c usbcir - ok 15:45:58.0204 0x0b1c [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys 15:45:58.0236 0x0b1c usbehci - ok 15:45:58.0282 0x0b1c [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys 15:45:58.0314 0x0b1c usbhub - ok 15:45:58.0314 0x0b1c [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys 15:45:58.0345 0x0b1c usbohci - ok 15:45:58.0376 0x0b1c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 15:45:58.0407 0x0b1c usbprint - ok 15:45:58.0438 0x0b1c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys 15:45:58.0454 0x0b1c usbscan - ok 15:45:58.0501 0x0b1c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:45:58.0532 0x0b1c USBSTOR - ok 15:45:58.0563 0x0b1c [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 15:45:58.0594 0x0b1c usbuhci - ok 15:45:58.0657 0x0b1c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 15:45:58.0672 0x0b1c usbvideo - ok 15:45:58.0704 0x0b1c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 15:45:58.0750 0x0b1c UxSms - ok 15:45:58.0766 0x0b1c [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] VaultSvc C:\Windows\system32\lsass.exe 15:45:58.0782 0x0b1c VaultSvc - ok 15:45:58.0813 0x0b1c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 15:45:58.0828 0x0b1c vdrvroot - ok 15:45:58.0860 0x0b1c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 15:45:58.0922 0x0b1c vds - ok 15:45:58.0953 0x0b1c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 15:45:58.0984 0x0b1c vga - ok 15:45:59.0000 0x0b1c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 15:45:59.0047 0x0b1c VgaSave - ok 15:45:59.0078 0x0b1c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 15:45:59.0109 0x0b1c vhdmp - ok 15:45:59.0140 0x0b1c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 15:45:59.0156 0x0b1c viaide - ok 15:45:59.0172 0x0b1c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 15:45:59.0203 0x0b1c volmgr - ok 15:45:59.0265 0x0b1c [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 15:45:59.0312 0x0b1c volmgrx - ok 15:45:59.0359 0x0b1c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 15:45:59.0374 0x0b1c volsnap - ok 15:45:59.0406 0x0b1c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 15:45:59.0437 0x0b1c vsmraid - ok 15:45:59.0499 0x0b1c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 15:45:59.0608 0x0b1c VSS - ok 15:45:59.0640 0x0b1c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 15:45:59.0655 0x0b1c vwifibus - ok 15:45:59.0686 0x0b1c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 15:45:59.0718 0x0b1c vwififlt - ok 15:45:59.0733 0x0b1c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 15:45:59.0749 0x0b1c vwifimp - ok 15:45:59.0796 0x0b1c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 15:45:59.0858 0x0b1c W32Time - ok 15:45:59.0874 0x0b1c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 15:45:59.0905 0x0b1c WacomPen - ok 15:45:59.0936 0x0b1c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 15:45:59.0983 0x0b1c WANARP - ok 15:46:00.0014 0x0b1c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 15:46:00.0061 0x0b1c Wanarpv6 - ok 15:46:00.0451 0x0b1c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 15:46:00.0591 0x0b1c WatAdminSvc - ok 15:46:00.0685 0x0b1c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 15:46:00.0794 0x0b1c wbengine - ok 15:46:00.0825 0x0b1c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 15:46:00.0856 0x0b1c WbioSrvc - ok 15:46:00.0966 0x0b1c [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 15:46:01.0012 0x0b1c WcesComm - ok 15:46:01.0059 0x0b1c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 15:46:01.0106 0x0b1c wcncsvc - ok 15:46:01.0153 0x0b1c [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 15:46:01.0200 0x0b1c WcsPlugInService - ok 15:46:01.0246 0x0b1c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 15:46:01.0262 0x0b1c Wd - ok 15:46:01.0309 0x0b1c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 15:46:01.0371 0x0b1c Wdf01000 - ok 15:46:01.0402 0x0b1c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 15:46:01.0465 0x0b1c WdiServiceHost - ok 15:46:01.0480 0x0b1c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 15:46:01.0512 0x0b1c WdiSystemHost - ok 15:46:01.0574 0x0b1c [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll 15:46:01.0605 0x0b1c WebClient - ok 15:46:01.0636 0x0b1c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 15:46:01.0683 0x0b1c Wecsvc - ok 15:46:01.0730 0x0b1c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 15:46:01.0761 0x0b1c wercplsupport - ok 15:46:01.0792 0x0b1c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 15:46:01.0839 0x0b1c WerSvc - ok 15:46:01.0917 0x0b1c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 15:46:01.0964 0x0b1c WfpLwf - ok 15:46:01.0995 0x0b1c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 15:46:02.0011 0x0b1c WIMMount - ok 15:46:02.0026 0x0b1c WinDefend - ok 15:46:02.0058 0x0b1c WinHttpAutoProxySvc - ok 15:46:02.0089 0x0b1c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 15:46:02.0151 0x0b1c Winmgmt - ok 15:46:02.0307 0x0b1c [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll 15:46:02.0463 0x0b1c WinRM - ok 15:46:02.0557 0x0b1c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 15:46:02.0588 0x0b1c WinUsb - ok 15:46:02.0650 0x0b1c [ 4C69A8E2E159C1C59BC4B688E9DD7F8C, 235C7A41425846EFE4966490EB7F72AA768B3FE1665843BF58520DDBD6822A74 ] WisLMSvc C:\Program Files (x86)\Launch Manager\WisLMSvc.exe 15:46:02.0697 0x0b1c WisLMSvc - ok 15:46:02.0791 0x0b1c [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc C:\Windows\System32\wlansvc.dll 15:46:02.0853 0x0b1c Wlansvc - ok 15:46:02.0916 0x0b1c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 15:46:02.0947 0x0b1c wlcrasvc - ok 15:46:03.0087 0x0b1c [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:46:03.0212 0x0b1c wlidsvc - ok 15:46:03.0259 0x0b1c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 15:46:03.0274 0x0b1c WmiAcpi - ok 15:46:03.0306 0x0b1c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 15:46:03.0337 0x0b1c wmiApSrv - ok 15:46:03.0368 0x0b1c WMPNetworkSvc - ok 15:46:03.0399 0x0b1c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 15:46:03.0430 0x0b1c WPCSvc - ok 15:46:03.0430 0x0b1c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 15:46:03.0462 0x0b1c WPDBusEnum - ok 15:46:03.0493 0x0b1c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 15:46:03.0540 0x0b1c ws2ifsl - ok 15:46:03.0555 0x0b1c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 15:46:03.0586 0x0b1c wscsvc - ok 15:46:03.0602 0x0b1c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 15:46:03.0618 0x0b1c WSDPrintDevice - ok 15:46:03.0633 0x0b1c WSearch - ok 15:46:03.0758 0x0b1c [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv C:\Windows\system32\wuaueng.dll 15:46:03.0914 0x0b1c wuauserv - ok 15:46:03.0945 0x0b1c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 15:46:03.0976 0x0b1c WudfPf - ok 15:46:04.0023 0x0b1c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 15:46:04.0039 0x0b1c WUDFRd - ok 15:46:04.0070 0x0b1c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 15:46:04.0086 0x0b1c wudfsvc - ok 15:46:04.0132 0x0b1c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 15:46:04.0179 0x0b1c WwanSvc - ok 15:46:04.0257 0x0b1c [ 7EB06617A7F2F280D58CF62776FDDDC2, F994D0F837E65141EBFCA673DC15ACEDFDBB999E032F59079308E0F81726BD47 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe 15:46:04.0320 0x0b1c ZcfgSvc7 - ok 15:46:04.0351 0x0b1c ================ Scan global =============================== 15:46:04.0382 0x0b1c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 15:46:04.0429 0x0b1c [ 66A8A9412337B08E1735204B8ADEE58C, 766429FBB014A9CA6AEFD39579C3F33625335A3DFD88AB324E4534978695B887 ] C:\Windows\system32\winsrv.dll 15:46:04.0444 0x0b1c [ 66A8A9412337B08E1735204B8ADEE58C, 766429FBB014A9CA6AEFD39579C3F33625335A3DFD88AB324E4534978695B887 ] C:\Windows\system32\winsrv.dll 15:46:04.0460 0x0b1c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 15:46:04.0507 0x0b1c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 15:46:04.0507 0x0b1c [ Global ] - ok 15:46:04.0507 0x0b1c ================ Scan MBR ================================== 15:46:04.0522 0x0b1c [ EB2571B16B316C9FE5AA1C4797FF61EE ] \Device\Harddisk0\DR0 15:46:07.0252 0x0b1c \Device\Harddisk0\DR0 - ok 15:46:07.0252 0x0b1c ================ Scan VBR ================================== 15:46:07.0299 0x0b1c [ 99B7E04C5CB88E500B914EE2628729C3 ] \Device\Harddisk0\DR0\Partition1 15:46:07.0299 0x0b1c \Device\Harddisk0\DR0\Partition1 - ok 15:46:07.0299 0x0b1c [ 8B891B889BC9C16081C131209EBF0F77 ] \Device\Harddisk0\DR0\Partition2 15:46:07.0299 0x0b1c \Device\Harddisk0\DR0\Partition2 - ok 15:46:07.0299 0x0b1c [ 44A1A062C90E4C06B60942525CB5811B ] \Device\Harddisk0\DR0\Partition3 15:46:07.0315 0x0b1c \Device\Harddisk0\DR0\Partition3 - ok 15:46:07.0315 0x0b1c ================ Scan generic autorun ====================== 15:46:07.0408 0x0b1c [ 84AB0E0EFB4E3EE9EF0133959779A26A, 031CD8B242D9FDAB70E81A55ACEF507A3C1237EAC2969CED34E78FFAC2C29F5B ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe 15:46:07.0502 0x0b1c IntelPROSet - ok 15:46:07.0580 0x0b1c [ 84AB0E0EFB4E3EE9EF0133959779A26A, 031CD8B242D9FDAB70E81A55ACEF507A3C1237EAC2969CED34E78FFAC2C29F5B ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe 15:46:07.0642 0x0b1c IntelPAN - ok 15:46:07.0642 0x0b1c SynTPEnh - ok 15:46:08.0126 0x0b1c [ 10E268B0D4AA2ECED79BE1A327A16A61, 460AF4A72F44F2EC3C726353BADA4294BB3736FA1131C83D9AFDCF1F318FD60F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 15:46:08.0641 0x0b1c RTHDVCPL - ok 15:46:08.0890 0x0b1c [ E897F9B62E611D59FDFAB82FC829B93A, E11E1A488D461105104E7FFD9F8219BDD231807FE33600233BEF11A432E138FD ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 15:46:09.0000 0x0b1c RtHDVBg_Dolby - ok 15:46:09.0015 0x0b1c [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe 15:46:09.0031 0x0b1c IgfxTray - ok 15:46:09.0078 0x0b1c [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe 15:46:09.0109 0x0b1c Persistence - ok 15:46:09.0187 0x0b1c [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe 15:46:09.0249 0x0b1c Windows Mobile Device Center - ok 15:46:09.0296 0x0b1c [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 15:46:09.0312 0x0b1c IAStorIcon - ok 15:46:09.0343 0x0b1c [ DFA1067EA4157BCCCFD48F052066A076, 5E5B60C20CFF1F3F9D45588B0E0AEB59C3F4C11089CCB52AA92890773BAA081F ] C:\Program Files (x86)\Launch Manager\OSD.exe 15:46:09.0358 0x0b1c LMgrVolOSD - ok 15:46:09.0358 0x0b1c LMgrOSD - ok 15:46:09.0468 0x0b1c [ 4EB0C6C3EF4D8885CF2B5D0062F31E44, A3967758E30609D29A4856F373DD2C971B341F914825D720387ACFD7499EDC3D ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 15:46:09.0546 0x0b1c DivXUpdate - ok 15:46:09.0624 0x0b1c [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe 15:46:09.0639 0x0b1c GrooveMonitor - ok 15:46:09.0733 0x0b1c [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 15:46:09.0748 0x0b1c HP Software Update - ok 15:46:09.0811 0x0b1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 15:46:09.0904 0x0b1c Sidebar - ok 15:46:09.0920 0x0b1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 15:46:09.0967 0x0b1c mctadmin - ok 15:46:10.0029 0x0b1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 15:46:10.0092 0x0b1c Sidebar - ok 15:46:10.0092 0x0b1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 15:46:10.0123 0x0b1c mctadmin - ok 15:46:10.0170 0x0b1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 15:46:10.0216 0x0b1c Sidebar - ok 15:46:10.0216 0x0b1c Power2GoExpress - ok 15:46:10.0232 0x0b1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 15:46:10.0248 0x0b1c mctadmin - ok 15:46:10.0372 0x0b1c [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe 15:46:10.0404 0x0b1c Dropbox Update - ok 15:46:10.0513 0x0b1c [ 62DE809B424E930E1CFB1BB80DB4FD15, 9F6CA2C5F38FD2B6EADBED321A6DF769A52974E758BD4A14FC7DE6AB971BEABD ] C:\Users\Katja\AppData\Local\FluxSoftware\Flux\flux.exe 15:46:10.0544 0x0b1c Suspicious file ( Forged ): C:\Users\Katja\AppData\Local\FluxSoftware\Flux\flux.exe. Real md5: 62DE809B424E930E1CFB1BB80DB4FD15, sha256: 9F6CA2C5F38FD2B6EADBED321A6DF769A52974E758BD4A14FC7DE6AB971BEABD, fake md5: A528460ED5456ABDEEA782DC018CF4ED, fake sha256: 262BD2EE3D99DE953ED519BD53153DA21D763DABBFB162DDB9ED1853248C5BB6 15:46:10.0544 0x0b1c f.lux - detected ForgedFile.Multi.Generic ( 1 ) 15:46:10.0856 0x0b1c f.lux ( ForgedFile.Multi.Generic ) - warning 15:46:11.0480 0x0b1c [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe 15:46:11.0620 0x0b1c HP Officejet Pro 8600 (NET) - ok 15:46:11.0839 0x0b1c [ 76B8C6388092B15442A06A7FBBCF86C3, C270F613ADEB24F3F6908A98EB3343ECA3374B7C12AD2085D6D87B076D4BEB3F ] C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe 15:46:12.0073 0x0b1c HP ENVY 5540 series (NET) - ok 15:46:12.0073 0x0b1c Waiting for KSN requests completion. In queue: 154 15:46:13.0243 0x0b1c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\WindowsSecurityCenter.exe ( 15.0.32.11 ), 0x41000 ( enabled : updated ) 15:46:13.0258 0x0b1c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated ) 15:46:13.0321 0x0b1c Win FW state via NFP2: enabled ( trusted ) 15:46:13.0680 0x0b1c ============================================================ 15:46:13.0680 0x0b1c Scan finished 15:46:13.0680 0x0b1c ============================================================ 15:46:13.0695 0x1ca4 Detected object count: 2 15:46:13.0695 0x1ca4 Actual detected object count: 2 15:47:05.0441 0x1ca4 chip1click ( UnsignedFile.Multi.Generic ) - skipped by user 15:47:05.0441 0x1ca4 chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:47:05.0441 0x1ca4 f.lux ( ForgedFile.Multi.Generic ) - skipped by user 15:47:05.0441 0x1ca4 f.lux ( ForgedFile.Multi.Generic ) - User select action: Skip |
|
02.11.2017, 10:56
| #4 |
| /// TB-Ausbilder   | Benötige Analyse von Logdateien nach SpyHunter4-Entfernung (habe 6 Tools durchlaufen lassen) Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! AdwCleaner und MBAM bitte nochmal ausführen zur Kontrolle und dabei bitte genau an die Anweisungen halten. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
02.11.2017, 12:54
| #5 |
| | Adw Cleaner Hallo Matthias, schön dass du dich meiner annimmst  Hier gleich zwei Adw-Cleaner Logs, weil beim ersten Mal nicht als Admin ausgeführt, und im zweiten Log steht was anderes drin, als im ersten..... # AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 02 11:18:05 2017 # Updated on 2017/27/10 by Malwarebytes # Running on Windows 7 Home Premium (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Chip Digital GmbH\chip1click\ Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Chip Digital GmbH\ ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Prefetch files deleted ::Proxy settings cleared ::Firewall rules cleared ::IE policies deleted ::Chrome policies deleted ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [2982 B] - [2017/10/30 12:28:1] C:/AdwCleaner/AdwCleaner[C1].txt - [1492 B] - [2017/10/30 12:42:1] C:/AdwCleaner/AdwCleaner[C2].txt - [2292 B] - [2017/10/30 15:6:32] C:/AdwCleaner/AdwCleaner[S0].txt - [3072 B] - [2017/10/30 12:23:26] C:/AdwCleaner/AdwCleaner[S1].txt - [1255 B] - [2017/10/30 12:41:4] C:/AdwCleaner/AdwCleaner[S2].txt - [2134 B] - [2017/10/30 14:57:7] C:/AdwCleaner/AdwCleaner[S3].txt - [1614 B] - [2017/11/2 11:14:26] C:/AdwCleaner/AdwCleaner[S4].txt - [1682 B] - [2017/11/2 11:17:17] ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ########## # AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 02 11:35:39 2017 # Updated on 2017/27/10 by Malwarebytes # Running on Windows 7 Home Premium (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Prefetch files deleted ::Proxy settings cleared ::Firewall rules cleared ::IE policies deleted ::Chrome policies deleted ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [2982 B] - [2017/10/30 12:28:1] C:/AdwCleaner/AdwCleaner[C1].txt - [1492 B] - [2017/10/30 12:42:1] C:/AdwCleaner/AdwCleaner[C2].txt - [2292 B] - [2017/10/30 15:6:32] C:/AdwCleaner/AdwCleaner[C3].txt - [1971 B] - [2017/11/2 11:18:5] C:/AdwCleaner/AdwCleaner[S0].txt - [3072 B] - [2017/10/30 12:23:26] C:/AdwCleaner/AdwCleaner[S1].txt - [1255 B] - [2017/10/30 12:41:4] C:/AdwCleaner/AdwCleaner[S2].txt - [2134 B] - [2017/10/30 14:57:7] C:/AdwCleaner/AdwCleaner[S3].txt - [1614 B] - [2017/11/2 11:14:26] C:/AdwCleaner/AdwCleaner[S4].txt - [1682 B] - [2017/11/2 11:17:17] C:/AdwCleaner/AdwCleaner[S5].txt - [1564 B] - [2017/11/2 11:35:2] ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt ########## Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 02.11.17 Scan-Zeit: 12:24 Protokolldatei: 6c216347-bfc0-11e7-818c-00262dca80e3.json Administrator: Ja -Softwaredaten- Version: 3.2.2.2029 Komponentenversion: 1.0.212 Version des Aktualisierungspakets: 1.0.3157 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Katja-PC\Katja -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgebrochen Gescannte Objekte: 383806 Erkannte Bedrohungen: 0 (keine bösartigen Elemente erkannt) In die Quarantäne verschobene Bedrohungen: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 8 Min., 23 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 02.11.17 Scan-Zeit: 12:24 Protokolldatei: 6c216347-bfc0-11e7-818c-00262dca80e3.json Administrator: Ja -Softwaredaten- Version: 3.2.2.2029 Komponentenversion: 1.0.212 Version des Aktualisierungspakets: 1.0.3157 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Katja-PC\Katja -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgebrochen Gescannte Objekte: 383806 Erkannte Bedrohungen: 0 (keine bösartigen Elemente erkannt) In die Quarantäne verschobene Bedrohungen: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 8 Min., 23 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) No log file ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-10-17] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-10-17] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [408944 2017-10-16] (Avira Operations GmbH & Co. KG) R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink) R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink) S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-28] () R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-01] (SafeNet Inc.) R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [191688 2016-05-17] () R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] () R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2011-08-06] (Wistron Corp.) R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [994064 2011-09-16] (Intel(R) Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-08-25] (SafeNet Inc.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-03] (SafeNet Inc.) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [194272 2017-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [151128 2017-09-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-04] () R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-17] (Huawei Technologies Co., Ltd.) S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [158464 2011-10-27] (ITE ) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-30] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-02] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-11-02] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-11-02] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-11-02] (Malwarebytes) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-11-02 13:00 - 2017-11-02 13:00 - 000004236 _____ C:\Users\Katja\Desktop\FRST.txt 2017-11-02 12:57 - 2017-11-02 12:57 - 000001428 _____ C:\Users\Katja\Desktop\MBAM2.txt 2017-11-02 12:57 - 2017-11-02 12:57 - 000000000 ____D C:\Users\Katja\Desktop\FRST-OlderVersion 2017-11-02 12:39 - 2017-11-02 12:39 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-11-02 12:39 - 2017-11-02 12:39 - 000001878 _____ C:\Users\Katja\Desktop\AdwCleaner[C4].txt 2017-11-02 12:22 - 2017-11-02 12:22 - 000001971 _____ C:\Users\Katja\Desktop\AdwCleaner[C3].txt 2017-10-30 15:56 - 2017-10-30 15:56 - 000001431 _____ C:\Users\Katja\Desktop\mbam.txt 2017-10-30 15:42 - 2017-10-30 15:52 - 000233218 _____ C:\TDSSKiller.3.1.0.15_30.10.2017_15.42.53_log.txt 2017-10-30 15:41 - 2017-10-30 15:41 - 004830473 _____ C:\Users\Katja\Downloads\tdss15killer.zip 2017-10-30 15:27 - 2017-11-02 12:58 - 000000000 ____D C:\FRST 2017-10-30 15:26 - 2017-11-02 12:57 - 002403328 _____ (Farbar) C:\Users\Katja\Desktop\FRST64.exe 2017-10-30 14:07 - 2017-11-02 12:39 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-10-30 14:07 - 2017-11-02 12:39 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-10-30 14:07 - 2017-10-30 14:07 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2017-10-30 14:06 - 2017-11-02 12:39 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2017-10-30 14:06 - 2017-10-30 14:06 - 000001871 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-10-30 14:06 - 2017-10-30 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-10-30 14:06 - 2017-10-30 14:06 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-10-30 14:06 - 2017-10-30 14:06 - 000000000 ____D C:\Program Files\Malwarebytes 2017-10-30 14:06 - 2017-10-04 13:15 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-10-30 13:55 - 2017-10-30 13:55 - 000007285 _____ C:\Users\Katja\Desktop\JRT.txt 2017-10-30 13:47 - 2017-10-30 13:47 - 001790024 _____ (Malwarebytes) C:\Users\Katja\Desktop\JRT4.exe 2017-10-30 13:21 - 2017-11-02 12:35 - 000000000 ____D C:\AdwCleaner 2017-10-30 13:20 - 2017-10-30 13:20 - 008261584 _____ (Malwarebytes) C:\Users\Katja\Desktop\adwcleaner_7.0.4.0.exe 2017-10-30 13:07 - 2017-10-30 13:07 - 001032192 _____ C:\Users\Katja\Desktop\SpyHunterKiller.exe 2017-10-30 12:56 - 2017-10-30 13:09 - 000000000 ____D C:\Users\Katja\AppData\Roaming\Geek Uninstaller 2017-10-30 12:55 - 2017-10-30 12:56 - 003005801 _____ C:\Users\Katja\Downloads\geek_1.4.5.121.zip 2017-10-30 12:14 - 2017-10-30 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64 2017-10-30 12:14 - 2017-10-30 12:14 - 000000000 ____D C:\Program Files\ffdshow 2017-10-30 12:14 - 2014-06-28 16:40 - 000127488 _____ C:\Windows\system32\ff_vfw.dll 2017-10-27 20:27 - 2017-10-27 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow 2017-10-27 20:27 - 2017-10-27 20:27 - 000000000 ____D C:\Program Files (x86)\ffdshow 2017-10-27 20:27 - 2014-06-28 15:39 - 000112640 _____ C:\Windows\SysWOW64\ff_vfw.dll 2017-10-27 20:22 - 2017-10-27 20:22 - 000000000 _____ C:\autoexec.bat 2017-10-27 20:17 - 2017-10-27 20:17 - 000000000 ____D C:\Users\Katja\ffdshow_rev4531 2017-10-27 20:15 - 2017-10-30 15:41 - 000000000 ____D C:\Users\Katja\AppData\Local\Downloaded Installations 2017-10-27 20:14 - 2017-10-27 20:14 - 009650071 _____ C:\Users\Katja\ffdshow_rev4531.zip 2017-10-27 13:47 - 2017-10-27 13:49 - 000000000 ____D C:\Users\Katja\Death Note plus 2 filme 2017-10-20 14:46 - 2017-10-20 14:46 - 000000000 ____D C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-10-17 21:11 - 2017-11-02 10:22 - 000000000 ____D C:\Users\Katja\Desktop\Fiat Panda 2017-10-11 14:17 - 2017-10-11 14:17 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2017-10-10 19:04 - 2017-09-13 16:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-10-10 19:04 - 2017-09-08 16:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-10-10 19:04 - 2017-09-08 16:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-10-10 19:04 - 2017-09-08 16:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2017-10-10 19:04 - 2017-09-08 16:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-10-10 19:04 - 2017-09-08 16:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll 2017-10-10 19:04 - 2017-09-08 16:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-10-10 19:04 - 2017-09-07 22:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-10-10 19:04 - 2017-09-07 22:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-10-10 19:04 - 2017-09-07 22:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-10-10 19:04 - 2017-09-07 21:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-10-10 19:04 - 2017-09-07 20:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-10-10 19:04 - 2017-09-07 20:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-10-10 19:04 - 2017-09-07 20:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-10-10 19:04 - 2017-09-07 20:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-10-10 19:04 - 2017-09-07 20:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-10-10 19:04 - 2017-09-07 20:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-10-10 19:04 - 2017-09-07 19:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-10-10 19:04 - 2017-09-07 19:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-10-10 19:04 - 2017-09-07 19:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-10-10 19:04 - 2017-09-07 19:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-10-10 19:04 - 2017-09-07 18:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-10-10 19:04 - 2017-08-19 16:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2017-10-10 19:04 - 2017-08-14 18:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2017-10-10 19:04 - 2017-08-14 18:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2017-10-10 19:03 - 2017-09-13 16:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-10-10 19:03 - 2017-09-13 16:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-10-10 19:03 - 2017-09-13 16:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-10-10 19:03 - 2017-09-13 16:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-10-10 19:03 - 2017-09-13 16:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2017-10-10 19:03 - 2017-09-13 16:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-10-10 19:03 - 2017-09-13 16:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-10-10 19:03 - 2017-09-13 16:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-10-10 19:03 - 2017-09-13 16:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2017-10-10 19:03 - 2017-09-13 16:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-10-10 19:03 - 2017-09-13 16:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-10-10 19:03 - 2017-09-13 16:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2017-10-10 19:03 - 2017-09-13 16:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-10-10 19:03 - 2017-09-13 15:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2017-10-10 19:03 - 2017-09-13 15:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2017-10-10 19:03 - 2017-09-13 15:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-10-10 19:03 - 2017-09-13 15:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-10-10 19:03 - 2017-09-13 15:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-10-10 19:03 - 2017-09-13 15:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-10-10 19:03 - 2017-09-13 15:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-10-10 19:03 - 2017-09-13 15:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-10-10 19:03 - 2017-09-13 15:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-10-10 19:03 - 2017-09-13 15:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-10-10 19:03 - 2017-09-13 15:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-10-10 19:03 - 2017-09-13 15:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-10-10 19:03 - 2017-09-13 15:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 15:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 15:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 15:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-10-10 19:03 - 2017-09-13 15:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-10-10 19:03 - 2017-09-09 01:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-10-10 19:03 - 2017-09-09 00:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2017-10-10 19:03 - 2017-09-08 16:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2017-10-10 19:03 - 2017-09-08 16:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-10-10 19:03 - 2017-09-08 16:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-10-10 19:03 - 2017-09-08 16:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2017-10-10 19:03 - 2017-09-08 16:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-10-10 19:03 - 2017-09-08 16:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2017-10-10 19:03 - 2017-09-08 16:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-10-10 19:03 - 2017-09-08 16:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-10-10 19:03 - 2017-09-08 16:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-10-10 19:03 - 2017-09-08 16:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2017-10-10 19:03 - 2017-09-08 16:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2017-10-10 19:03 - 2017-09-08 16:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2017-10-10 19:03 - 2017-09-08 16:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2017-10-10 19:03 - 2017-09-08 16:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-10-10 19:03 - 2017-09-08 16:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-10-10 19:03 - 2017-09-08 15:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2017-10-10 19:03 - 2017-09-08 15:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2017-10-10 19:03 - 2017-09-08 15:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll 2017-10-10 19:03 - 2017-09-08 15:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2017-10-10 19:03 - 2017-09-08 15:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll 2017-10-10 19:03 - 2017-09-07 22:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-10-10 19:03 - 2017-09-07 22:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-10-10 19:03 - 2017-09-07 22:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-10-10 19:03 - 2017-09-07 22:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-10-10 19:03 - 2017-09-07 22:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-10-10 19:03 - 2017-09-07 22:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-10-10 19:03 - 2017-09-07 22:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-10-10 19:03 - 2017-09-07 22:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-10-10 19:03 - 2017-09-07 22:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-10-10 19:03 - 2017-09-07 22:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-10-10 19:03 - 2017-09-07 22:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-10-10 19:03 - 2017-09-07 22:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-10-10 19:03 - 2017-09-07 22:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-10-10 19:03 - 2017-09-07 21:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-10-10 19:03 - 2017-09-07 21:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-10-10 19:03 - 2017-09-07 21:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-10-10 19:03 - 2017-09-07 21:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-10-10 19:03 - 2017-09-07 21:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-10-10 19:03 - 2017-09-07 21:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-10-10 19:03 - 2017-09-07 21:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-10-10 19:03 - 2017-09-07 21:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-10-10 19:03 - 2017-09-07 21:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-10-10 19:03 - 2017-09-07 21:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-10-10 19:03 - 2017-09-07 21:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-10-10 19:03 - 2017-09-07 21:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-10-10 19:03 - 2017-09-07 21:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-10-10 19:03 - 2017-09-07 21:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-10-10 19:03 - 2017-09-07 20:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-10-10 19:03 - 2017-09-07 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-10-10 19:03 - 2017-09-07 20:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-10-10 19:03 - 2017-09-07 20:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-10-10 19:03 - 2017-09-07 20:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-10-10 19:03 - 2017-09-07 20:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-10-10 19:03 - 2017-09-07 20:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-10-10 19:03 - 2017-09-07 20:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-10-10 19:03 - 2017-09-07 19:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-10-10 19:03 - 2017-09-07 19:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-10-10 19:03 - 2017-09-07 19:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-10-10 19:03 - 2017-09-07 19:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-10-10 19:03 - 2017-09-07 19:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-10-10 19:03 - 2017-09-07 19:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-10-10 19:03 - 2017-09-07 19:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-10-10 19:03 - 2017-09-07 19:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-10-10 19:03 - 2017-09-07 19:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-10-10 19:03 - 2017-09-07 19:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-10-10 19:03 - 2017-09-07 19:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-10-10 19:03 - 2017-09-07 19:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-10-10 19:03 - 2017-09-07 19:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-10-10 19:03 - 2017-09-07 19:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-10-10 19:03 - 2017-09-07 19:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-10-10 19:03 - 2017-09-07 18:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-10-10 19:03 - 2017-09-07 16:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2017-10-10 19:03 - 2017-09-07 16:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2017-10-10 19:03 - 2017-09-07 15:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-10-10 19:03 - 2017-09-07 15:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-10-10 19:03 - 2017-09-07 15:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2017-10-10 19:03 - 2017-08-19 16:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2017-10-10 19:03 - 2017-08-19 16:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2017-10-10 19:03 - 2017-08-19 16:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2017-10-10 19:03 - 2017-08-19 16:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2017-10-10 19:03 - 2017-08-19 16:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2017-10-10 19:03 - 2017-08-19 16:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2017-10-10 19:03 - 2017-08-19 16:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2017-10-10 19:03 - 2017-08-19 15:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2017-10-10 19:03 - 2017-08-19 15:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2017-10-10 19:03 - 2017-08-14 18:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2017-10-10 19:03 - 2017-08-13 22:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2017-10-09 11:39 - 2017-11-02 12:36 - 000003316 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray 2017-10-05 17:07 - 2017-10-26 18:28 - 000000000 ____D C:\Users\Katja\Desktop\LVI SaWiFragen 2017-10-04 16:10 - 2017-10-19 16:57 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-11-02 12:47 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-11-02 12:47 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-11-02 12:43 - 2015-06-29 13:17 - 000001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001UA.job 2017-11-02 12:37 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-11-02 12:36 - 2011-10-27 20:34 - 000000000 ____D C:\ProgramData\NVIDIA 2017-11-02 12:26 - 2011-10-28 13:11 - 000703682 _____ C:\Windows\system32\perfh007.dat 2017-11-02 12:26 - 2011-10-28 13:11 - 000151032 _____ C:\Windows\system32\perfc007.dat 2017-11-02 12:26 - 2009-07-14 06:13 - 001631124 _____ C:\Windows\system32\PerfStringBackup.INI 2017-11-02 12:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2017-11-02 12:11 - 2016-11-15 17:13 - 000000000 ____D C:\Users\Katja\AppData\LocalLow\Mozilla 2017-11-01 21:49 - 2015-06-29 13:17 - 000001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001Core.job 2017-11-01 17:22 - 2011-10-27 20:44 - 000000000 ___HD C:\Windows\system32\WLANProfiles 2017-10-30 13:30 - 2012-01-19 14:39 - 000000000 ____D C:\Program Files (x86)\Google 2017-10-30 11:50 - 2016-11-15 16:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-10-30 11:50 - 2012-04-26 14:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-27 20:18 - 2012-02-22 18:07 - 000264704 ___SH C:\Users\Katja\Thumbs.db 2017-10-27 20:17 - 2012-01-19 14:45 - 000000000 ____D C:\Users\Katja 2017-10-25 15:02 - 2012-08-10 20:09 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-10-25 15:02 - 2012-08-10 20:09 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-10-25 15:02 - 2011-10-27 21:01 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-25 15:02 - 2011-10-27 21:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-10-25 15:02 - 2011-10-27 21:01 - 000000000 ____D C:\Windows\system32\Macromed 2017-10-20 16:42 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache 2017-10-20 14:46 - 2012-09-27 23:31 - 000000000 ____D C:\Users\Katja\AppData\Roaming\Dropbox 2017-10-19 16:57 - 2013-10-28 20:59 - 000000000 ____D C:\ProgramData\Package Cache 2017-10-19 16:57 - 2012-11-01 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-10-13 17:16 - 2009-07-14 06:08 - 000032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-10-12 06:34 - 2009-07-14 05:45 - 000602624 _____ C:\Windows\system32\FNTCACHE.DAT 2017-10-11 14:24 - 2013-08-19 17:39 - 000000000 ____D C:\Windows\system32\MRT 2017-10-11 14:17 - 2011-10-27 22:06 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-10-11 14:14 - 2012-02-23 09:07 - 001605404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-10-09 11:36 - 2013-03-27 20:49 - 000194272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2017-10-05 17:12 - 2012-05-15 15:57 - 000000000 ____D C:\Users\Katja\Documents\Bewerbungen 2017-10-05 16:52 - 2012-03-04 18:52 - 000000000 ____D C:\Users\Katja\AppData\Roaming\vlc ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-01-20 10:04 - 2012-01-20 10:04 - 000017408 _____ () C:\Users\Katja\AppData\Local\WebpageIcons.db 2016-01-08 18:33 - 2016-01-08 18:33 - 000000057 _____ () C:\ProgramData\Ament.ini Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\InstallOffice 2007\SaveAsPDFandXPS.exe C:\Users\InstallOffice 2007\setup.exe Einige Dateien in TEMP: ==================== 2014-03-15 19:46 - 2014-08-08 19:21 - 000000000 ____D () C:\Users\Katja\AppData\Local\Temp\avgnt.exe 2017-10-30 12:56 - 2017-10-30 12:56 - 004052928 _____ (Geek Unіnstaller) C:\Users\Katja\AppData\Local\Temp\geek64.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-10-30 14:46 ==================== Ende von FRST.txt ============================ FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-11-2017
durchgeführt von Katja (02-11-2017 13:01:36)
Gestartet von C:\Users\Katja\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-19 13:45:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-74741880-4081328958-883279795-500 - Administrator - Disabled)
Gast (S-1-5-21-74741880-4081328958-883279795-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-74741880-4081328958-883279795-1003 - Limited - Enabled)
Katja (S-1-5-21-74741880-4081328958-883279795-1001 - Administrator - Enabled) => C:\Users\Katja
UpdatusUser (S-1-5-21-74741880-4081328958-883279795-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11022017124217664\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{69A90894-D54A-4657-8172-6B0FCE93414E}) (Version: 1.2 - American Megatrends Inc.)
ArcGIS 10.4 for Desktop (HKLM-x32\...\{72E7DF0D-FFEE-43CE-A5FA-43DFC25DC087}) (Version: 10.4.5524 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.4 for Desktop (HKLM-x32\...\ArcGIS 10.4 for Desktop) (Version: 10.4.5524 - Environmental Systems Research Institute, Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Avira (HKLM-x32\...\{79C4A62C-8CC2-44AC-91FE-1299A215B4B7}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{f5da837f-e932-4f55-995c-7e97c5cbebdd}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 3.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3184 - CDBurnerXP)
CodeBlocks (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
CodeBlocks (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11022017124217664\...\CodeBlocks) (Version: 10.05 - The Code::Blocks Team)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3225.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4013 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.5 - DivX, LLC)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11022017124217664\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
f.lux (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Flux) (Version: - f.lux Software LLC)
f.lux (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11022017124217664\...\Flux) (Version: - f.lux Software LLC)
ffdshow v1.3.4531 [2014-06-28] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4531.0 - )
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free CD Ripper 3.1 (HKLM-x32\...\Free CD Ripper_is1) (Version: - Focussoft.net)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GEOgraf V7 (HKLM-x32\...\{22E8950D-9736-4CB7-8A4D-26DA534BCEA3}) (Version: 1.00.0000 - HHK Datentechnik GmbH) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Dropbox Plugin (HKLM-x32\...\{1E18E86D-632C-48B5-962C-B60C2E53A478}) (Version: 36.0.41.58587 - HP)
HP ENVY 5540 series - Grundlegende Software für das Gerät (HKLM\...\{B4C07C9B-245A-42D6-A9D0-1A796FB21237}) (Version: 40.11.1119.1786 - HP Inc.)
HP ENVY 5540 series Hilfe (HKLM-x32\...\{77CC15A9-308D-4ED4-AD21-D28937F196C1}) (Version: 35.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Google Drive Plugin (HKLM-x32\...\{039DDA62-50CC-4E7F-9D54-7CF032A2D362}) (Version: 36.0.41.58587 - HP)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}) (Version: 2.2.14.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IT9130 Driver v11.8.2.1 (HKLM-x32\...\IT9130 DriverInstaller_11.8.2.1) (Version: - )
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalender-Excel-8.9 (HKLM-x32\...\Kalender-Excel-8.9_is1) (Version: 8.9 - MSDatec)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.4 - Wistron Corp.)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Medion Home Cinema (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable - Language Pack - deu (HKLM-x32\...\{B2F21D11-631B-33C2-8E1A-73EA57FDFE33}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
NVIDIA 3D Vision Treiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH)
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
Physik1 (HKLM-x32\...\Physik1) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Quantum GIS Lisboa 1.8.0 Lisboa (HKLM-x32\...\Quantum GIS Lisboa) (Version: 1.8.0-r${SVN_REVISION}-2 - QGIS Development Team)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Remote Control Input Device Registry Key (HKLM-x32\...\{91EB0B20-08B0-4905-88FB-020952B9979F}) (Version: 1.1.0.0.081231 - Chicony)
Sentinel HASP Vendor Library (HKLM-x32\...\{C36D1DB0-7343-44C3-BC57-3B9C06325399}) (Version: 1.50.1.14055 - Trimble Navigation Ltd.)
SketchUp 2013 (HKLM-x32\...\{2C0777B8-E91F-45AA-976B-7EB6B40E5400}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SleepTimer Ultimate 2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-74741880-4081328958-883279795-1001\...\Spotify) (Version: 0.9.0.128.g3134f863 - Spotify AB)
Spotify (HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11022017124217664\...\Spotify) (Version: 0.9.0.128.g3134f863 - Spotify AB)
SWR3 RauchFrei Version 1.2 (HKLM-x32\...\SWR3 RauchFrei_is1) (Version: 1.1 - Oliver Reuther und SWR3)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5C677DD3-45D9-4B10-8591-5F8CEA76BAE0}) (Version: 1.12.16 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{5C677DD3-45D9-4B10-8591-5F8CEA76BAE0}) (Version: 1.12.16 - Texas Instruments Inc.) Hidden
Trimble Business Center (HKLM-x32\...\{177949B1-DBAF-4EA3-8FFC-C63873F657FA}) (Version: 2.70 - Trimble Navigation Ltd.)
Trimble Business Center Tutorials (HKLM-x32\...\{B11FB116-E676-45C7-85EA-AF789F55AE55}) (Version: 2.70 - Trimble Navigation Ltd.)
Trimble Feature Definition Manager (HKLM-x32\...\{51876E16-06FD-43A6-B3B2-11287CC78FD9}) (Version: 2.11 - Trimble Navigation Ltd.)
Trimble Office Synchronizer (HKLM-x32\...\{80C580A3-AB8C-49D4-BBD4-C362B9367C20}) (Version: 1.62 - Trimble Navigation Ltd.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
verdi Screen Saver (HKLM-x32\...\verdi Screen Saver) (Version: - )
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinKafka (HKLM-x32\...\{EE8AD592-B5C8-11D7-83CB-0050BF4EBD69}) (Version: 7.5.0 vom 16.10.2013 - )
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
ZEIBER (HKLM-x32\...\ST6UNST #1) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-74741880-4081328958-883279795-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30] (Intel Corporation)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-29] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-10] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-74741880-4081328958-883279795-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-74741880-4081328958-883279795-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-74741880-4081328958-883279795-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {20D7C6EE-9F87-4738-AB7F-A49AC6984E77} - System32\Tasks\{C4D51685-AA1C-44B9-81C4-6915E9F0FD22} => C:\Windows\system32\pcalua.exe -a C:\Users\Katja\Desktop\Setup-750.exe -d C:\Users\Katja\Desktop
Task: {4525AF94-7CD6-46FA-88D7-59665CBB9107} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {5E702F6D-AA1B-412B-8A2F-49311FDE0B1C} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2017-10-17] (Avira Operations GmbH & Co. KG)
Task: {94663206-05C9-48A4-876C-FCDAE90935A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {9F08DDD2-C42B-4305-988D-8AF398A043C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {A464F598-46CE-4765-A686-BFAE1D611C21} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
Task: {A51ACAFC-B77A-44F0-BED6-EDDE9D457409} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001UA => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {DFD014EC-CA70-4C03-B8C6-58311E420DBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-16] (Google Inc.)
Task: {F7EC4E3C-337A-4313-9A78-349D2DAA6909} - System32\Tasks\{02327DF5-BAC2-4605-B1AC-3BE1E37FEEA1} => C:\Windows\system32\pcalua.exe -a C:\Users\Katja\AppData\Local\Temp\Temp1_CAPLAN_05_2015.zip\SETUP.EXE <==== ACHTUNG
Task: {F8075B0E-D8FC-47C9-ACF8-FA097B0DC6BD} - System32\Tasks\{9B641D66-9328-4A40-A903-C334202D4E91} => C:\Windows\system32\pcalua.exe -a C:\Users\Katja\AppData\Local\Temp\Temp3_WinKafka.zip\Setup.exe <==== ACHTUNG
Task: {FF8A7091-B5F3-49CB-A9FA-B9EA4BF5D14D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001Core => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001Core.job => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-74741880-4081328958-883279795-1001UA.job => C:\Users\Katja\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Katja\Desktop\TFH\Quantum GIS Desktop (1.8.0).lnk -> C:\Program Files (x86)\Quantum GIS Lisboa\bin\nircmd.exe (NirSoft) -> exec hide "C:\Program Files (x86)\Quantum GIS Lisboa\bin\qgis.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-09-16 01:46 - 2011-09-16 01:46 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-10-27 20:34 - 2013-01-10 22:36 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-25 13:26 - 2016-05-17 04:02 - 000191688 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2011-10-28 10:49 - 2010-12-14 10:39 - 000244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-10-30 14:06 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-10-30 14:06 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2011-10-17 14:18 - 2011-09-25 23:36 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-07-29 00:08 - 2011-07-29 00:08 - 001259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-07-29 00:09 - 2011-07-29 00:09 - 000096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2017-09-19 15:20 - 2017-09-19 15:20 - 000172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\6e1c3d90ac78d88bc08feaa6e8165e2c\IsdiInterop.ni.dll
2011-10-27 20:30 - 2011-05-20 18:05 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Katja\IMG_1143.JPG:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\Katja\Documents\Kündigungen Wohnung:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Katja\Documents\Widerspruch Leistungsbeurteilung Katja Gleibe.docx:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-74741880-4081328958-883279795-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-74741880-4081328958-883279795-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11022017124217664\Control Panel\Desktop\\Wallpaper -> C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^Users^Katja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Katja^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Versandhelfer.lnk => C:\Windows\pss\Versandhelfer.lnk.Startup
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: HotkeyApp => "C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Wbutton => "C:\Program Files (x86)\Launch Manager\Wbutton.exe"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{638D8E15-5C23-4E3F-8B78-DAF75B2AF797}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{66C8B90A-01ED-4416-8976-CC3A4FFFE968}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{5E19AF99-F6DB-4C6D-91C0-1DE6418B86AE}C:\program files\hp\hp envy 5540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{07D285E7-9823-4A8D-AFAA-C4044E474E1F}C:\program files\hp\hp envy 5540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{5F141CD2-3E26-47AE-875A-975B8893106B}C:\program files\hp\hp envy 5540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{4D9D32F8-47EB-4D1B-AF1C-D1BC3292DF3A}C:\program files\hp\hp envy 5540 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5540 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{BF9A4709-00FF-4D9B-B2A8-F9E30CFCE581}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{CD7A4061-9883-4979-A3ED-E003494B89D0}C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe
==================== Wiederherstellungspunkte =========================
11-10-2017 13:59:32 Windows Update
20-10-2017 16:40:00 Geplanter Prüfpunkt
30-10-2017 13:49:49 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/02/2017 12:41:54 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (11/02/2017 12:41:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (11/02/2017 12:38:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (11/02/2017 12:23:53 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (11/02/2017 12:23:22 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (11/02/2017 12:21:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (11/02/2017 12:14:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm adwcleaner_7.0.4.0.exe, Version 7.0.4.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f0c
Startzeit: 01d353cb68ee4126
Endzeit: 60000
Anwendungspfad: C:\Users\Katja\Desktop\adwcleaner_7.0.4.0.exe
Berichts-ID: d1087309-bfbe-11e7-abde-00262dca80e3
Error: (11/02/2017 12:14:27 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm AdwCleaner wurde wegen dieses Fehlers geschlossen.
Programm: AdwCleaner
Datei:
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0
Error: (11/02/2017 12:14:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner_7.0.4.0.exe, Version: 7.0.4.0, Zeitstempel: 0x59f3de9c
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000096
Fehleroffset: 0x054d9bf8
ID des fehlerhaften Prozesses: 0xf0c
Startzeit der fehlerhaften Anwendung: 0x01d353cb68ee4126
Pfad der fehlerhaften Anwendung: C:\Users\Katja\Desktop\adwcleaner_7.0.4.0.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: fcf4da9a-bfbe-11e7-abde-00262dca80e3
Error: (11/02/2017 09:56:11 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Systemfehler:
=============
Error: (11/02/2017 12:41:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (11/02/2017 12:41:35 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
Anmeldung fehlgeschlagen: Das angegebene Kennwort des Kontos ist abgelaufen.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/02/2017 12:40:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/02/2017 12:40:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/02/2017 12:40:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/02/2017 12:40:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/02/2017 12:40:35 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.
Error: (11/02/2017 12:40:35 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.
Error: (11/02/2017 12:40:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/02/2017 12:40:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 4001.87 MB
Verfügbarer physikalischer RAM: 2107.3 MB
Summe virtueller Speicher: 8001.93 MB
Verfügbarer virtueller Speicher: 5660.27 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:394.66 GB) (Free:233.2 GB) NTFS
Drive d: (Recover) (Fixed) (Total:70 GB) (Free:41.41 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0DA1342C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=394.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=70 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
|
|
02.11.2017, 14:16
| #6 |
| /// TB-Ausbilder | Benötige Analyse von Logdateien nach SpyHunter4-Entfernung (habe 6 Tools durchlaufen lassen) Servus, die Logdatei von FRST.txt ist unvollständig, bitte nochmal komplett posten. |
|
| Themen zu Benötige Analyse von Logdateien nach SpyHunter4-Entfernung (habe 6 Tools durchlaufen lassen) |
| analyse, benötige, bereits, chromium, eingefangen, entfern, entfernt, erfolgreich, folge, folgende, forum, freue, gefangen, gen, glaube, helfer, liebe, logdateien, schön, seite, spyhunter, tools, verschiedene, verschiedenen, wirklich, würde |
Hybrid-Darstellung
