|
Log-Analyse und Auswertung: Kaspersky findet Trojan.Multi.GenAutorunReg.a in System MemoryWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.08.2018, 05:34 | #1 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Hallo, Kaspersy findet den Trojaner Trojan.Multi.GenAutorunReg.a in System Memory, aber diesen darüber zu desinfzieren funktioniert nicht. Malwarebytes findet keine Bedrohung. Wie kann ich den Trojaner trotzdem loswerden? Vielen Dank Sabrin@ |
22.08.2018, 06:06 | #2 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Das ist die .txt Datei von AdwCleaner |
22.08.2018, 08:28 | #3 |
/// TB-Ausbilder | Kaspersky findet Trojan.Multi.GenAutorunReg.a in System MemoryMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Bitte poste mit deiner nächsten Antwort
|
22.08.2018, 14:24 | #4 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Hallo, danke schon mal für die Hilfe. Hier die zwei Dateien. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02 durchgeführt von Arhelger (Administrator) auf ARHELGER-PC (22-08-2018 12:45:31) Gestartet von C:\Users\Arhelger\Desktop Geladene Profile: Arhelger & (Verfügbare Profile: Arhelger) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Salfeld Computer) C:\Windows\cc\WinCtlSvc.exe (Salfeld Computer) C:\Windows\cc\CtlSysMgr.exe (AMD) C:\Windows\System32\atiesrxx.exe (Salfeld Computer GmbH) C:\ProgramData\NFS\NFSccsvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe () C:\Program Files (x86)\watchmi\TvdService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Salfeld Computer) C:\Windows\cc\CtlSysUI.exe (Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRIE.EXE (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION) HKLM\...\RunServicesOnce: [WISO Finanz Update] => C:\Users\Arhelger\AppData\Local\Temp\Buhl\WISO Mein Geld 365 Professional\WISOFinanz365Update_24.0.0.100.exe "/Reduced" "/InstallDir=C:\Program Files (x86)\Buhl\WISO Mein Geld 365" "/ProcessID=3916" " (Der Dateneintrag hat 77 mehr Zeichen). <==== ACHTUNG Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ACHTUNG HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-17] (Adobe Systems Incorporated) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-07] (Google Inc.) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1023664 2016-03-25] (Samsung) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {28f75973-3991-11e8-a592-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {2d327e58-f154-11e7-bdac-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" IFEO: [Debugger] logonui.exe IFEO\sethc.exe: [Debugger] logonui.exe GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{2F1AB9F8-898F-464B-B9F8-BE087F0E4A2C}: [NameServer] 192.168.178.0 Tcpip\..\Interfaces\{E700DAEE-439D-4EE4-962B-7D3507F98C6A}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06 SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {A7521B9F-4CC8-42E7-907C-2085ABD4F486} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-02-13] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => Keine Datei BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-06-07] (Oracle Corporation) BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation) BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default [2018-08-20] FF Homepage: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/ FF NewTab: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/ FF Extension: (Ciuvo Preisvergleich) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\extension@ciuvo.com.xpi [2016-04-19] [Legacy] FF Extension: (Forecastfox (fix version)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\forecastfox@s3_fix_version.xpi [2016-04-19] [Legacy] FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\newtaboverride@agenedia.com.xpi [2016-04-19] [Legacy] FF Extension: (S3.Google Translator) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\s3google@translator.xpi [2016-04-28] [Legacy] FF Extension: (Flagfox) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-04-28] [Legacy] FF Extension: (Adblock Plus) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-19] [Legacy] FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-08-21] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-10-29] [Legacy] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-07-25] [Legacy] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-06-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-06-07] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei] FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: @protectdisc.com/NPPDLicenseHelper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Arhelger\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( ) FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Arhelger\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei] Chrome: ======= CHR HomePage: Default -> hxxp://home.1und1.de/?linkId=hd.nav.themenportal&ucuoId=PUAC:default.EUE.DE-20150617064232-9E49C81A815F50BE9E13B68A1F3A997C.TCpfix111b&ac=OM.PU.PUb48K85425T7073a CHR StartupUrls: Default -> "hxxp://home.1und1.de/" CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html" CHR Profile: C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default [2018-08-22] CHR Extension: (Google Übersetzer) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-08-21] CHR Extension: (Präsentationen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-21] CHR Extension: (Kaspersky Protection) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-08-21] CHR Extension: (Docs) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21] CHR Extension: (Google Drive) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-21] CHR Extension: (YouTube) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21] CHR Extension: (Adobe Acrobat) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-08-21] CHR Extension: (Tabellen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-21] CHR Extension: (Google Docs Offline) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (Google Kalender) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2018-08-21] CHR Extension: (New Tab Redirect) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-08-21] CHR Extension: (Drucken für Google Chrome) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd [2018-08-21] CHR Extension: (Google Play) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-08-21] CHR Extension: (Google Maps) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-08-21] CHR Extension: (Google Mail-Checker) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-08-21] CHR Extension: (IP-Domain-Markierungsfahne) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2018-08-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-21] CHR Extension: (Google Mail) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-21] CHR Extension: (Chrome Media Router) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-21] CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arhelger\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Arhelger\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [245760 2017-02-28] (AVM GmbH) [Datei ist nicht signiert] R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab) R2 CC-Updater; C:\Windows\cc\WinCtlSvc.exe [7022192 2018-02-16] (Salfeld Computer) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation) R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [416560 2018-08-21] (AO Kaspersky Lab) S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation) R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation) R2 SCC-Dienst; C:\Windows\cc\ctlsysmgr.exe [6626464 2018-08-21] (Salfeld Computer) S2 sfrem01; C:\Windows\system32\sfrem01.exe [601208 2006-07-05] (Protection Technology (StarForce)) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert] R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 EsgShKernel; "C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-02-13] (AVM Berlin) R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2016-04-26] (AVM Berlin) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [836288 2018-05-27] (EasyAntiCheat Oy) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72904 2017-12-27] (AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122056 2018-02-02] (AO Kaspersky Lab) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [87752 2018-07-20] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [219328 2018-08-21] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1193160 2018-08-21] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1127104 2018-08-21] (AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-02-12] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [58056 2018-01-15] (AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (AO Kaspersky Lab) R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [161592 2018-07-20] (AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-08-22] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-08-22] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-22] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94328 2018-08-22] (Malwarebytes) R1 netfltcc; C:\Windows\System32\drivers\netfltcc.sys [64680 2017-11-25] (Windows (R) Win 7 DDK provider) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation) S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce)) S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce)) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 cpuz134; \??\C:\Users\Arhelger\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ACHTUNG U3 DfSdkS; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-08-22 12:42 - 2018-08-22 12:46 - 000034135 _____ C:\Users\Arhelger\Desktop\FRST.txt 2018-08-22 12:42 - 2018-08-22 12:42 - 000000000 ____D C:\FRST 2018-08-22 12:41 - 2018-08-22 12:41 - 002413056 _____ (Farbar) C:\Users\Arhelger\Desktop\FRST64.exe 2018-08-22 06:33 - 2018-08-22 06:35 - 007417040 _____ (Malwarebytes) C:\Users\Arhelger\Desktop\adwcleaner_7.2.2.exe 2018-08-21 21:05 - 2018-08-21 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2018-08-21 21:04 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2018-08-21 21:03 - 2018-08-21 21:03 - 001193160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 001127104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 000219328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 000152360 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll 2018-08-21 21:00 - 2018-08-21 21:00 - 002509880 _____ (Kaspersky Lab) C:\Users\Arhelger\Downloads\kis19.0.0.1088de_14081.exe 2018-08-21 20:36 - 2018-08-21 20:36 - 008896960 _____ C:\Users\Arhelger\Downloads\kpm.exe 2018-08-21 20:25 - 2018-08-21 20:27 - 000484760 _____ C:\Windows\Minidump\082118-50669-01.dmp 2018-08-21 15:21 - 2018-08-21 15:32 - 579815424 _____ C:\Users\Arhelger\Downloads\krd (1).iso 2018-08-21 15:17 - 2018-08-21 15:19 - 147283752 _____ (Kaspersky Lab ZAO) C:\Users\Arhelger\Downloads\KVRT.exe 2018-08-21 14:19 - 2018-08-21 14:19 - 000380928 _____ C:\Users\Arhelger\Downloads\rb3crkqy.exe 2018-08-21 14:11 - 2018-08-21 14:14 - 579815424 _____ C:\Users\Arhelger\Downloads\krd.iso 2018-08-21 06:39 - 2018-08-21 06:39 - 000002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-08-21 05:46 - 2018-08-21 06:01 - 000073318 _____ C:\Windows\ntbtlog.txt 2018-08-21 05:16 - 2018-08-21 13:17 - 000455344 _____ (Microsoft Corporation) C:\msvcp120.dll 2018-08-21 05:16 - 2018-08-21 13:17 - 000000057 _____ C:\dllme.txt 2018-08-20 13:21 - 2018-08-22 12:34 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-08-20 13:21 - 2018-08-22 12:34 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2018-08-20 13:21 - 2018-08-22 12:34 - 000094328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2018-08-20 13:21 - 2018-08-22 12:34 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\Program Files\Malwarebytes 2018-08-20 13:20 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2018-08-20 12:53 - 2018-08-20 12:54 - 000000000 ____D C:\KVRT_Data 2018-08-20 12:47 - 2018-08-20 12:52 - 000002604 _____ C:\XoristDecryptor.2.5.3.4_20.08.2018_12.47.54_log.txt 2018-08-18 22:08 - 2018-08-18 22:13 - 000010330 _____ C:\Users\Arhelger\Documents\Toreliste.xlsx 2018-08-16 05:36 - 2018-08-16 05:36 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-08-16 05:36 - 2018-08-16 05:36 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-08-16 05:36 - 2018-08-16 05:36 - 000004378 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-08-15 18:37 - 2018-08-15 18:48 - 000009821 _____ C:\Users\Arhelger\Documents\Waschliste.xlsx 2018-08-05 19:16 - 2018-08-05 19:16 - 000291784 _____ C:\Windows\Minidump\080518-57829-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-08-22 12:44 - 2017-07-25 14:44 - 000000911 _____ C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job 2018-08-22 12:41 - 2012-02-09 06:43 - 000003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{39A51ED7-4797-424D-AF39-0B9550252DFD} 2018-08-22 12:36 - 2012-04-25 13:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2018-08-22 12:35 - 2012-02-07 07:28 - 000000000 ____D C:\Users\Arhelger 2018-08-22 12:33 - 2014-04-09 06:42 - 000000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2018-08-22 12:32 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-08-22 12:30 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\dl 2018-08-22 07:07 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-08-22 07:07 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-08-21 21:06 - 2016-09-19 08:04 - 000000000 ____D C:\Program Files\Common Files\AV 2018-08-21 21:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-08-21 21:04 - 2016-09-19 07:57 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2018-08-21 21:01 - 2018-06-06 05:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2018-08-21 20:25 - 2012-05-17 07:21 - 000000000 ____D C:\Windows\Minidump 2018-08-21 20:24 - 2018-07-10 20:11 - 1557671786 _____ C:\Windows\MEMORY.DMP 2018-08-21 13:18 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sabrina 2018-08-21 12:53 - 2014-09-15 12:27 - 000000000 ____D C:\AdwCleaner 2018-08-21 07:03 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sven 2018-08-21 06:39 - 2012-02-07 07:31 - 000000000 ____D C:\Users\Arhelger\AppData\Local\Google 2018-08-21 06:38 - 2012-02-07 07:22 - 000000000 ____D C:\Program Files (x86)\Google 2018-08-20 14:29 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\cc 2018-08-18 21:52 - 2015-04-30 06:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-08-18 16:51 - 2012-11-05 09:37 - 000058051 _____ C:\Users\Arhelger\Documents\Wanderwege Dietzhölztal - Eschenburg.xlsx 2018-08-18 16:29 - 2017-05-12 18:14 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Mozilla 2018-08-18 16:29 - 2016-11-27 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2018-08-18 16:29 - 2015-04-30 06:04 - 000001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2018-08-18 16:29 - 2014-03-25 09:07 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Thunderbird 2018-08-18 16:29 - 2014-02-04 09:04 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Mozilla 2018-08-16 06:12 - 2012-02-08 07:22 - 000000000 ____D C:\Users\Arhelger\Documents\WISO Mein Geld 2018-08-16 06:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2018-08-16 05:36 - 2018-05-21 15:14 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-08-16 05:36 - 2011-10-14 14:15 - 000000000 ____D C:\Windows\system32\Macromed 2018-08-16 05:36 - 2011-07-18 23:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-08-15 05:15 - 2015-06-26 05:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-08-07 05:45 - 2011-05-16 16:04 - 000699884 _____ C:\Windows\system32\perfh007.dat 2018-08-07 05:45 - 2011-05-16 16:04 - 000149766 _____ C:\Windows\system32\perfc007.dat 2018-08-07 05:45 - 2009-07-14 07:13 - 001622300 _____ C:\Windows\system32\PerfStringBackup.INI 2018-08-01 20:07 - 2012-02-08 07:17 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-04-23 06:21 - 2015-04-23 06:21 - 004218880 _____ (Piriform Ltd) C:\Program Files (x86)\ccsetup504_slim.exe 2015-04-06 10:47 - 2015-04-06 10:47 - 000000132 _____ () C:\Users\Arhelger\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format 2015-01-15 08:53 - 2015-01-15 08:53 - 000001456 _____ () C:\Users\Arhelger\AppData\Local\Adobe Für Web speichern 12.0 Prefs 2016-07-16 15:12 - 2016-07-16 15:12 - 000009728 _____ () C:\Users\Arhelger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-20 14:40 - 2015-04-20 14:40 - 000000000 ___SH () C:\Users\Arhelger\AppData\Local\LumaEmu 2013-10-18 03:23 - 2013-10-18 03:23 - 000007605 _____ () C:\Users\Arhelger\AppData\Local\Resmon.ResmonCfg 2012-02-07 09:12 - 2012-02-07 09:12 - 000017408 _____ () C:\Users\Arhelger\AppData\Local\WebpageIcons.db Einige Dateien in TEMP: ==================== 2017-11-10 07:15 - 2014-03-06 02:39 - 000726616 ____N (CANON INC.) C:\Users\Arhelger\AppData\Local\Temp\MPDD0000.exe 2017-07-25 08:27 - 2014-03-12 13:40 - 001122384 ____N (CANON INC.) C:\Users\Arhelger\AppData\Local\Temp\MSETUP4.EXE 2016-03-29 15:42 - 2016-03-29 15:42 - 007251976 _____ (SEIKO EPSON CORPORATION) C:\Users\Arhelger\AppData\Local\Temp\Setup.exe 2017-07-25 08:04 - 2014-01-20 09:38 - 000354392 _____ (CANON INC.) C:\Users\Arhelger\AppData\Local\Temp\uninstall.exe 2018-05-14 05:41 - 2012-02-29 16:28 - 000455600 _____ (Macrovision Corporation) C:\Users\Arhelger\AppData\Local\Temp\_is815F.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2018-08-16 17:16 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02 durchgeführt von Arhelger (22-08-2018 12:47:47) Gestartet von C:\Users\Arhelger\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-02-07 05:28:37) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2519664068-3109547711-38441924-500 - Administrator - Disabled) Arhelger (S-1-5-21-2519664068-3109547711-38441924-1001 - Administrator - Enabled) => C:\Users\Arhelger Gast (S-1-5-21-2519664068-3109547711-38441924-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2519664068-3109547711-38441924-1026 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated) Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Premiere Elements 11 (HKLM\...\{66CF1DF9-1715-4325-89BC-76B1CA2EE3BE}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated) Ahnenblatt 2.98 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.98.1.1 - Dirk Böttcher) AMD Catalyst Install Manager (HKLM\...\{0348F1C7-2092-A05D-DC67-8ECA9EA72C20}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.) Apowersoft Online Launcher Version 1.4.6 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED) Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG) Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin) AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden calibre (HKLM-x32\...\{D2DCF339-7EBC-4D88-B515-A504297796EA}) (Version: 3.6.0 - Kovid Goyal) Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - ) Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation) CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation) CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DATA BECKER CD-DVD Druckerei 7 (HKLM-x32\...\CD-DVD Druckerei 7_is1) (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden Druckerdeinstallation für EPSON XP-540 Series (HKLM\...\EPSON XP-540 Series) (Version: - Seiko Epson Corporation) Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation) EG*Headlight 1 e-Workbook (HKLM-x32\...\{94D858E3-1BE9-4D81-94A4-FF1695F61CAB}) (Version: 1.0.7.0 - Cornelsen Verlag) Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Ihr Firmenname) Hidden Epic Games Launcher (HKLM-x32\...\{AF7881ED-41D7-4ECA-8C7C-AE10DFA0E489}) (Version: 1.1.151.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation) Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{29F4F2C2-CB73-418D-BA99-7BB5ECD9F7BF}) (Version: 4.4.6 - Seiko Epson Corporation) EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation) EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA) Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden FRITZ!Powerline (HKLM-x32\...\{EB579783-79C4-461A-9493-B9F19EAA23B2}) (Version: 01.02.00 - AVM GmbH) Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hpg4000 (HKLM-x32\...\{2814D1CB-7038-4EE4-8421-9C18FD571014}) (Version: 13.0.0.0 - Ihr Firmenname) Hidden HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Kindersicherung 2017 (HKLM-x32\...\Salfeld-Kindersicherung_is1) (Version: - ) Landwirtschafts Simulator 2011 (HKLM-x32\...\FarmingSimulator2011_PLATINUMDE_is1) (Version: 1.0 - GIANTS Software) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) MAGIX Foto Manager 10 (HKLM-x32\...\{5F2380C8-5443-40E4-8FD5-DE0AEC16B4BC}) (Version: 8.0.1.136 - MAGIX AG) Hidden MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG) MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\{340912AA-1A68-4D7F-9604-E3520FF69B98}) (Version: 10.5.0.12 - MAGIX AG) Hidden MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx_SE) (Version: 10.5.0.12 - MAGIX AG) MAGIX Online Druck Service (HKLM-x32\...\{A6338038-539C-3896-C692-1D33BBB01D46}) (Version: 1.1.0 - myphotobook GmbH) Hidden MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH) MAGIX Screenshare (HKLM-x32\...\{129D4434-B9AB-4C09-BCE1-110E6C8E10E9}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Speed burnR (MSI) (HKLM\...\{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Video deluxe 2014 (HKLM\...\{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Hidden MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.) Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation) Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5041.1001 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla) Mozilla Thunderbird 60.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 60.0 (x86 de)) (Version: 60.0 - Mozilla) Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH) PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (HKLM-x32\...\{45FF54A4-ECD4-455D-89A2-D209737AD726}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Pošta Windows Live (HKLM-x32\...\{125D677D-7C65-4660-8E1C-68EF9F32F291}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PRE11 STI 64Installer (HKLM-x32\...\{B614E5FA-6DA4-45A1-845C-52F870240A89}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Protect Disc License Helper 1.0.125 (IE) (HKU\.DEFAULT\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc) Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd) Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Hidden SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\InstallShield_{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Sinner Kochbuch-CD (HKLM-x32\...\Sinner Kochbuch-CD) (Version: 1.0 - Computerstudio Lemmer & Ernst GmbH) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden Sounds für Video- und Foto Shows DELUXE (HKLM-x32\...\Sounds für Video- und Foto Shows DELUXE) (Version: - ) Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Versandhelfer (HKLM-x32\...\{7189F66A-1560-1573-05C9-DE53613AEA1A}) (Version: 0.9.511 - Deutsche Post AG) Hidden Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionpc.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH) WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies) WISO Mein Geld 365 Professional (HKLM-x32\...\{36C0BA39-2207-4146-BD4E-3146DF7B9147}) (Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version: - Buhl Data Service GmbH) WISO steuer:Sparbuch 2017 (HKLM-x32\...\{E2049356-A0DB-404A-A8FA-521981BE9736}) (Version: 24.00.1375 - Buhl Data Service GmbH) WISO steuer:Sparbuch 2018 (HKLM-x32\...\{2827FF45-D53F-4E56-B4A7-AB71F58A3945}) (Version: 25.00.1359 - Buhl Data Service GmbH) Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2519664068-3109547711-38441924-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arhelger\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-15] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {27A9B751-54B1-4C34-80FD-671C0D15FDD5} - System32\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE [2013-11-22] (SEIKO EPSON CORPORATION) Task: {2965DD3B-3092-4083-8961-B712E545D4DC} - System32\Tasks\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA} => E:\AutoStarter.exe Task: {33FBFA83-E6EA-43C5-9C4F-C9BE0F7F4440} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {3975816E-C543-4A8E-97CB-45685403F54C} - System32\Tasks\{6A91FDCB-94AF-4D97-9C80-E46395E39257} => C:\Windows\system32\pcalua.exe -a "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster\12400-annihilator-v09.exe" -d "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster" Task: {3A29FA87-8FFA-4A97-9EAF-D6FF83004861} - System32\Tasks\{84062063-C92A-47A5-8F03-AB3936029012} => E:\AutoStarter.exe Task: {41867780-87F0-41F4-93CE-27EC26702487} - System32\Tasks\AdobeAAMUpdater-1.0-Arhelger-PC-Arhelger => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated) Task: {69960CA3-BF20-46D1-A185-697EB5E88195} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {93FF0622-A5E9-42A7-8DC9-EF2D8705766F} - System32\Tasks\{ECEE297A-548D-44AC-83E1-39E190F9CE3D} => C:\Windows\system32\pcalua.exe -a C:\Users\Arhelger\Downloads\KiesSetup.exe -d C:\Users\Arhelger\Downloads Task: {C41E458A-066F-4949-988C-ADA1DFB53FC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {C4F77D83-E9BE-4623-93C1-1EA03A7BA6B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {D2D7279E-97E4-49D7-975A-0FF6CF076EDA} - System32\Tasks\{14435DC4-9037-46B0-AC76-63495A072DB3} => C:\Windows\system32\pcalua.exe -a "E:\Flatout Ultimate Carnage\1Setup.exe" -d "E:\Flatout Ultimate Carnage" Task: {DAF4BB1B-2E9A-4774-9840-7DD25D2DC585} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated) Task: {E0A9F752-14E5-4F98-B6D1-AD7F21DDA114} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-16] (Adobe Systems Incorporated) Task: {E5105AE2-05D1-4016-BFCB-CF159E6BD14C} - System32\Tasks\{B0FE20F0-FF1A-43F8-A424-FE83AB4A359E} => C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe [2016-12-13] (Seiko Epson Corporation) Task: {F0560587-8336-4E42-BB5D-640F637F5D6D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-08-16] (Adobe Systems Incorporated) Task: {FBC496D9-5A9C-47A8-9AED-7ACA124821F1} - \{6220CDF8-30A8-45DE-8BC4-E3953F081C4A} -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE:/EXE:{43713E83-749E-4B66-AFC6-AA2EF8550266} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9d7ba33b467ddc1\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" --app-id=pjkljhegncpnkpknbcohdijeoejaedia ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\Jannik - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eafae96818e1883\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Sven - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-04-14 06:59 - 2006-02-23 11:35 - 000020480 _____ () C:\Windows\System32\FritzColorPort64.dll 2014-04-14 06:59 - 2006-02-22 10:39 - 000020480 _____ () C:\Windows\System32\FritzPort64.dll 2014-10-09 09:30 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2011-10-07 12:23 - 2011-10-07 12:23 - 000070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe 2012-02-07 07:22 - 2012-02-07 07:22 - 000058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000029696 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Config\2.7.0.12__f722db7bec59a14b\Tvd.Config.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000112640 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\ApricoIJW.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 006936576 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\axelspringer.dll 2018-08-20 13:20 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-08-20 13:20 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2011-09-15 22:44 - 2011-09-15 22:44 - 000103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2011-09-15 23:00 - 2011-09-15 23:00 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2018-08-21 06:39 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll 2018-08-21 06:39 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll 2017-04-07 06:42 - 2016-04-13 13:18 - 000178968 _____ () C:\ProgramData\Software\CC\sse.dll 2017-04-07 06:55 - 2017-11-25 14:40 - 000131072 _____ () C:\ProgramData\NFS\nfccapi.dll 2017-04-07 06:55 - 2017-11-25 14:40 - 000376832 _____ () C:\ProgramData\NFS\protflt.dll 2018-08-21 21:04 - 2018-08-21 21:04 - 000864112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\kpcengine.2.3.dll 2017-04-07 06:42 - 2016-10-31 14:08 - 000249456 _____ () C:\ProgramData\Software\CC\v2\wdrvhook.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData:BDSDRMHK [64] AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64] AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64] AlternateDataStreams: C:\Users\Public\AppData:CSM [232] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arhelger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2519664068-3109547711-38441924-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.0 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{5D361A38-5498-4331-B111-132C538EC5B9}] => (Allow) E:\fsetup.exe FirewallRules: [{A00308AE-8E41-48B4-A796-05F7A7EC7482}] => (Allow) E:\fsetup.exe FirewallRules: [{CE46EE81-7714-42C7-8041-69C83EA8436F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{765D66BE-F09F-4923-A789-38D494A6121A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{DFE9DC56-7B3D-4AAC-B46A-52D0B8A9AF61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{63F90E36-F39A-495D-A93A-C5A52DD66F78}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{FC1FA289-2AA2-4D6F-8F1E-0519695C58F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe FirewallRules: [{B5090DE8-9AF7-49CF-9BC6-822239F6B4D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe FirewallRules: [{7D7A3876-BD96-47E2-87A1-B40AEF6D0FB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe FirewallRules: [{F97EAD12-3756-4A61-A1F5-E03A9F45DD25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{B44A455B-4183-466D-A13C-4E3AB9CB91CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{4B0C2595-2171-435C-BCC2-62C5DF32776D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{5E4AE683-1F68-4FA4-A7F3-F5BDE57F653F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{16B70705-EC2B-4A58-8BDC-21B71DBBEF90}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{36FC00FA-A056-40DC-8E6F-2F5157443BA8}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{64842565-BBC4-4E8B-A5E4-A528247576F0}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{9EE153AF-E7BD-41D5-9FD9-1EA4C886D48C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{16C08C33-DD75-4EAD-86FE-A6AC7F47B91A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{518C6F44-A86C-4DA1-9C2E-DA80D1E33C86}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe FirewallRules: [{D27684F6-43EC-416A-AA16-617A3C6FC155}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe FirewallRules: [{7EA9C506-8B8F-4FA3-899C-7B53B73652D7}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe FirewallRules: [{D4F457AE-F913-44AD-B940-08685D9388AB}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe FirewallRules: [{3A0307A1-6B13-4CF0-BFFE-39FEE3331263}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{1032E88E-BCBA-4B4D-BAA4-BE28ED64843D}] => (Allow) LPort=2869 FirewallRules: [{58FBDCE0-332E-4594-8624-478516053E1F}] => (Allow) LPort=1900 FirewallRules: [{417C6553-2C5E-4570-812F-E8969030A2E2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{BD892735-C166-45B0-806E-20961954A31B}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe FirewallRules: [{ACBA402D-1CE4-42C4-8C4B-A2895D305F5F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe FirewallRules: [{9C39DC11-AF1E-4875-8125-B9531BB85880}] => (Allow) LPort=8743 FirewallRules: [{A956D535-DF15-498C-909B-10A0527A61B0}] => (Allow) LPort=8643 FirewallRules: [{20CBC063-52F8-4F25-90DB-8EF17FE8F5D5}] => (Allow) LPort=7676 FirewallRules: [{29A60709-655D-40F7-8A78-E3375B7F2FA8}] => (Allow) LPort=7679 FirewallRules: [{96144A4C-86AC-473F-8F51-7FE4CF1E1350}] => (Allow) LPort=24234 FirewallRules: [{5CD6ACFA-6713-4F62-B336-36C2AED59855}] => (Allow) LPort=7900 FirewallRules: [{2CCB2DBC-F498-417F-A996-B3ED6D58D53B}] => (Allow) LPort=1900 FirewallRules: [{47FF4180-27FE-4A39-9C9D-71697001C15E}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe FirewallRules: [{F49484E6-540A-42F6-8FC8-7D9C916003ED}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe FirewallRules: [{02474A9C-02D2-4DA8-B3DA-00DA33909D4D}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe FirewallRules: [{52B440E1-C299-4448-AA20-D31560AD999F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe FirewallRules: [{18DD90AA-0FAB-48FD-92BE-B6B59BC6F2F6}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{98C608F0-EF9F-43CF-9762-1CC95025E450}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [TCP Query User{ACB93035-9656-42CF-81D6-4CABF9077D0F}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [UDP Query User{0E59C1ED-2482-4C3F-AFA5-8C7BD65B3B47}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [{A870AFC8-A03C-4D46-A553-14FF7207E1AB}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [{B33558FD-473A-49EB-BC63-F6149C275D5E}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [TCP Query User{E52A09B1-7344-4E4B-A3F2-D203296262D1}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [UDP Query User{54F8861F-374D-4D90-8FAE-82061F8A4AE0}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [TCP Query User{DF63CED5-6898-4B8A-B135-FFE85EB22B82}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [UDP Query User{C1981E0B-04CF-498E-8AAA-F4C64BF8689F}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [{45AD1EAE-E04A-464E-AF72-58D0B56B602B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{F0AD9EB0-A809-49C8-BDAB-C14A9211EE2C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{CD173555-A1AF-47D4-9121-89397355486C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{DE6FA034-B2F9-4186-87C7-E4E4AE83839D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{760E7544-CC9D-4960-A00E-CF8C3A481CE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Microsoft-Teredo-Tunneling-Adapter Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/22/2018 12:45:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm FRST64.exe, Version 19.8.2018.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12f8 Startzeit: 01d43a04c3087782 Endzeit: 0 Anwendungspfad: C:\Users\Arhelger\Desktop\FRST64.exe Berichts-ID: 6e3160ec-a5f8-11e8-8096-e0b9a5d47ad7 Error: (08/22/2018 12:32:57 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/22/2018 06:59:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce85b ID des fehlerhaften Prozesses: 0xf84 Startzeit der fehlerhaften Anwendung: 0x01d439d4e01a51e7 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 36a1799d-a5c8-11e8-bbae-e0b9a5d47ad7 Error: (08/22/2018 06:54:28 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/22/2018 05:38:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce85b ID des fehlerhaften Prozesses: 0x1d74 Startzeit der fehlerhaften Anwendung: 0x01d439c9888cf8f4 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: c9203129-a5bc-11e8-96cf-e0b9a5d47ad7 Error: (08/22/2018 05:33:20 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/21/2018 08:57:31 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/21/2018 08:29:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: ctlsysmgr.exe, Version: 18.0.0.2316, Zeitstempel: 0x5b63fb88 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16 Ausnahmecode: 0xc000000d Fehleroffset: 0x000954b3 ID des fehlerhaften Prozesses: 0x80 Startzeit der fehlerhaften Anwendung: 0x01d4397c4a621571 Pfad der fehlerhaften Anwendung: C:\Windows\cc\ctlsysmgr.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 1577ec42-a570-11e8-bb95-e0b9a5d47ad7 Systemfehler: ============= Error: (08/22/2018 12:40:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (08/22/2018 12:39:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (08/22/2018 12:37:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (08/22/2018 12:35:16 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: Arhelger-PC) Description: Fehler bei der Verarbeitung der Gruppenrichtlinie. Es wurde versucht, registrierungsbasierte Richtlinieneinstellungen für das Gruppenrichtlinienobjekt "LocalGPO-S-1-5-21-2519664068-3109547711-38441924-1001" zu lesen. Die Gruppenrichtlinieneinstellungen dürfen nicht erzwungen werden, bis dieses Ereignis behoben ist. Weitere Informationen über den Dateinamen und -pfad, der den Fehler verursacht hat, können den Ereignisdetails entnommen werden. Error: (08/22/2018 12:33:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: sfdrv01a sfsync04 Error: (08/22/2018 12:33:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (08/22/2018 12:33:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht. Error: (08/22/2018 12:32:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Automatische WLAN-Konfiguration" wurde nicht richtig gestartet. CodeIntegrity: =================================== Date: 2015-02-12 06:03:46.313 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 06:03:46.250 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 05:51:58.542 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 05:51:58.480 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:13:06.691 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:13:06.676 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:11:24.261 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:11:24.246 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: AMD A8-3820 APU with Radeon(tm) HD Graphics Prozentuale Nutzung des RAM: 76% Installierter physikalischer RAM: 3576.13 MB Verfügbarer physikalischer RAM: 840.73 MB Summe virtueller Speicher: 7150.45 MB Verfügbarer virtueller Speicher: 4220.81 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:407.34 GB) NTFS Drive d: (Recover) (Fixed) (Total:50 GB) (Free:48.77 GB) NTFS \\?\Volume{bc107e45-5195-11e1-bc72-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== Ende von Addition.txt ============================ ich habe noch einen zweiten PC mit den selben Problemen, mache aber dafür ein neues Thema auf, da es beim auslesen bestimmt auch andere Aussagen gibt. |
22.08.2018, 18:12 | #5 |
/// TB-Ausbilder | Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Servus, Schritt 1 Lade Dir bitte SpyHunterCleaner herunter und speichere es auf dem Desktop.
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
22.08.2018, 20:03 | #6 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Hallo, fixlog kann ich nicht einfügen, da wohl zu groß Hier die neuen Dateien Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22.08.2018 durchgeführt von Arhelger (Administrator) auf ARHELGER-PC (22-08-2018 20:45:26) Gestartet von C:\Users\Arhelger\Desktop Geladene Profile: Arhelger (Verfügbare Profile: Arhelger) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Salfeld Computer) C:\Windows\cc\WinCtlSvc.exe (Salfeld Computer) C:\Windows\cc\CtlSysMgr.exe (AMD) C:\Windows\System32\atiesrxx.exe (Salfeld Computer GmbH) C:\ProgramData\NFS\NFSccsvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Salfeld Computer) C:\Windows\cc\CtlSysUI.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe () C:\Program Files (x86)\watchmi\TvdService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRIE.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\sdclt.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION) HKLM\...\RunServicesOnce: [WISO Finanz Update] => C:\Users\Arhelger\AppData\Local\Temp\Buhl\WISO Mein Geld 365 Professional\WISOFinanz365Update_24.0.0.100.exe "/Reduced" "/InstallDir=C:\Program Files (x86)\Buhl\WISO Mein Geld 365" "/ProcessID=3916" " (Der Dateneintrag hat 77 mehr Zeichen). <==== ACHTUNG Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ACHTUNG HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-17] (Adobe Systems Incorporated) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-07] (Google Inc.) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1023664 2016-03-25] (Samsung) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {28f75973-3991-11e8-a592-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {2d327e58-f154-11e7-bdac-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe IFEO\sethc.exe: [Debugger] logonui.exe GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{2F1AB9F8-898F-464B-B9F8-BE087F0E4A2C}: [NameServer] 192.168.178.0 Tcpip\..\Interfaces\{E700DAEE-439D-4EE4-962B-7D3507F98C6A}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06 SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {A7521B9F-4CC8-42E7-907C-2085ABD4F486} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-02-13] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => Keine Datei BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-06-07] (Oracle Corporation) BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation) BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default [2018-08-22] FF Homepage: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/ FF NewTab: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/ FF Extension: (Ciuvo Preisvergleich) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\extension@ciuvo.com.xpi [2016-04-19] [Legacy] FF Extension: (Forecastfox (fix version)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\forecastfox@s3_fix_version.xpi [2016-04-19] [Legacy] FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\newtaboverride@agenedia.com.xpi [2016-04-19] [Legacy] FF Extension: (S3.Google Translator) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\s3google@translator.xpi [2016-04-28] [Legacy] FF Extension: (Flagfox) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-04-28] [Legacy] FF Extension: (Adblock Plus) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-19] [Legacy] FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-08-21] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-10-29] [Legacy] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-07-25] [Legacy] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-06-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-06-07] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei] FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: @protectdisc.com/NPPDLicenseHelper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Arhelger\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( ) FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Arhelger\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei] Chrome: ======= CHR HomePage: Default -> hxxp://home.1und1.de/?linkId=hd.nav.themenportal&ucuoId=PUAC:default.EUE.DE-20150617064232-9E49C81A815F50BE9E13B68A1F3A997C.TCpfix111b&ac=OM.PU.PUb48K85425T7073a CHR StartupUrls: Default -> "hxxp://home.1und1.de/" CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html" CHR Profile: C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default [2018-08-22] CHR Extension: (Google Übersetzer) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-08-21] CHR Extension: (Präsentationen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-21] CHR Extension: (Kaspersky Protection) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-08-21] CHR Extension: (Docs) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21] CHR Extension: (Google Drive) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-21] CHR Extension: (YouTube) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21] CHR Extension: (Adobe Acrobat) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-08-21] CHR Extension: (Tabellen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-21] CHR Extension: (Google Docs Offline) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (Google Kalender) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2018-08-21] CHR Extension: (New Tab Redirect) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-08-21] CHR Extension: (Drucken für Google Chrome) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd [2018-08-21] CHR Extension: (Google Play) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-08-21] CHR Extension: (Google Maps) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-08-21] CHR Extension: (Google Mail-Checker) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-08-21] CHR Extension: (IP-Domain-Markierungsfahne) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2018-08-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-21] CHR Extension: (Google Mail) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-21] CHR Extension: (Chrome Media Router) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-21] CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arhelger\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Arhelger\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [245760 2017-02-28] (AVM GmbH) [Datei ist nicht signiert] R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab) R2 CC-Updater; C:\Windows\cc\WinCtlSvc.exe [7022192 2018-02-16] (Salfeld Computer) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation) R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [416560 2018-08-21] (AO Kaspersky Lab) S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation) R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation) R2 SCC-Dienst; C:\Windows\cc\ctlsysmgr.exe [6626464 2018-08-21] (Salfeld Computer) S2 sfrem01; C:\Windows\system32\sfrem01.exe [601208 2006-07-05] (Protection Technology (StarForce)) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert] R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-02-13] (AVM Berlin) R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2016-04-26] (AVM Berlin) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [836288 2018-05-27] (EasyAntiCheat Oy) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72904 2017-12-27] (AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122056 2018-02-02] (AO Kaspersky Lab) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [87752 2018-07-20] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [219328 2018-08-21] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1193160 2018-08-21] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1127104 2018-08-21] (AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-02-12] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [58056 2018-01-15] (AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (AO Kaspersky Lab) R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [161592 2018-07-20] (AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-08-22] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-08-22] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-22] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94328 2018-08-22] (Malwarebytes) R1 netfltcc; C:\Windows\System32\drivers\netfltcc.sys [64680 2017-11-25] (Windows (R) Win 7 DDK provider) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation) S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce)) S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce)) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 cpuz134; \??\C:\Users\Arhelger\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ACHTUNG ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-08-22 20:38 - 2018-08-22 20:38 - 000003288 ____N C:\bootsqm.dat 2018-08-22 20:15 - 2018-08-22 20:21 - 000129528 _____ C:\Users\Arhelger\Desktop\Fixlog.txt 2018-08-22 19:55 - 2018-08-22 19:55 - 000000000 ____D C:\Users\Arhelger\Desktop\FRST-OlderVersion 2018-08-22 19:34 - 2018-08-22 19:34 - 000030060 _____ C:\Users\Arhelger\Desktop\SpyHunterCleaner.bat 2018-08-22 12:47 - 2018-08-22 12:50 - 000066843 _____ C:\Users\Arhelger\Desktop\Addition.txt 2018-08-22 12:42 - 2018-08-22 20:50 - 000034385 _____ C:\Users\Arhelger\Desktop\FRST.txt 2018-08-22 12:42 - 2018-08-22 20:45 - 000000000 ____D C:\FRST 2018-08-22 12:41 - 2018-08-22 19:55 - 002413056 _____ (Farbar) C:\Users\Arhelger\Desktop\FRST64.exe 2018-08-22 06:33 - 2018-08-22 06:35 - 007417040 _____ (Malwarebytes) C:\Users\Arhelger\Desktop\adwcleaner_7.2.2.exe 2018-08-21 21:05 - 2018-08-21 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2018-08-21 21:04 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2018-08-21 21:03 - 2018-08-21 21:03 - 001193160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 001127104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 000219328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 000152360 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll 2018-08-21 21:00 - 2018-08-21 21:00 - 002509880 _____ (Kaspersky Lab) C:\Users\Arhelger\Downloads\kis19.0.0.1088de_14081.exe 2018-08-21 20:36 - 2018-08-21 20:36 - 008896960 _____ C:\Users\Arhelger\Downloads\kpm.exe 2018-08-21 20:25 - 2018-08-21 20:27 - 000484760 _____ C:\Windows\Minidump\082118-50669-01.dmp 2018-08-21 15:21 - 2018-08-21 15:32 - 579815424 _____ C:\Users\Arhelger\Downloads\krd (1).iso 2018-08-21 15:17 - 2018-08-21 15:19 - 147283752 _____ (Kaspersky Lab ZAO) C:\Users\Arhelger\Downloads\KVRT.exe 2018-08-21 14:19 - 2018-08-21 14:19 - 000380928 _____ C:\Users\Arhelger\Downloads\rb3crkqy.exe 2018-08-21 14:11 - 2018-08-21 14:14 - 579815424 _____ C:\Users\Arhelger\Downloads\krd.iso 2018-08-21 06:39 - 2018-08-21 06:39 - 000002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-08-21 05:46 - 2018-08-21 06:01 - 000073318 _____ C:\Windows\ntbtlog.txt 2018-08-21 05:16 - 2018-08-21 13:17 - 000455344 _____ (Microsoft Corporation) C:\msvcp120.dll 2018-08-21 05:16 - 2018-08-21 13:17 - 000000057 _____ C:\dllme.txt 2018-08-20 13:21 - 2018-08-22 20:40 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2018-08-20 13:21 - 2018-08-22 20:40 - 000094328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2018-08-20 13:21 - 2018-08-22 20:40 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2018-08-20 13:21 - 2018-08-22 20:39 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\Program Files\Malwarebytes 2018-08-20 13:20 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2018-08-20 12:53 - 2018-08-20 12:54 - 000000000 ____D C:\KVRT_Data 2018-08-20 12:47 - 2018-08-20 12:52 - 000002604 _____ C:\XoristDecryptor.2.5.3.4_20.08.2018_12.47.54_log.txt 2018-08-18 22:08 - 2018-08-18 22:13 - 000010330 _____ C:\Users\Arhelger\Documents\Toreliste.xlsx 2018-08-16 05:36 - 2018-08-16 05:36 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-08-16 05:36 - 2018-08-16 05:36 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-08-16 05:36 - 2018-08-16 05:36 - 000004378 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-08-15 18:37 - 2018-08-15 18:48 - 000009821 _____ C:\Users\Arhelger\Documents\Waschliste.xlsx 2018-08-05 19:16 - 2018-08-05 19:16 - 000291784 _____ C:\Windows\Minidump\080518-57829-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-08-22 20:48 - 2017-07-26 05:35 - 000000334 __RSH C:\Users\Arhelger\ntuser.pol 2018-08-22 20:48 - 2012-02-07 07:28 - 000000000 ____D C:\Users\Arhelger 2018-08-22 20:45 - 2017-07-25 14:44 - 000000911 _____ C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job 2018-08-22 20:41 - 2012-04-25 13:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2018-08-22 20:39 - 2014-04-09 06:42 - 000000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2018-08-22 20:38 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\dl 2018-08-22 20:38 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-08-22 20:20 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-08-22 20:20 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-08-22 20:17 - 2013-07-04 06:50 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Temp 2018-08-22 15:18 - 2012-02-09 06:43 - 000003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{39A51ED7-4797-424D-AF39-0B9550252DFD} 2018-08-21 21:06 - 2016-09-19 08:04 - 000000000 ____D C:\Program Files\Common Files\AV 2018-08-21 21:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-08-21 21:04 - 2016-09-19 07:57 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2018-08-21 21:01 - 2018-06-06 05:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2018-08-21 20:25 - 2012-05-17 07:21 - 000000000 ____D C:\Windows\Minidump 2018-08-21 20:24 - 2018-07-10 20:11 - 1557671786 _____ C:\Windows\MEMORY.DMP 2018-08-21 13:18 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sabrina 2018-08-21 12:53 - 2014-09-15 12:27 - 000000000 ____D C:\AdwCleaner 2018-08-21 07:03 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sven 2018-08-21 06:39 - 2012-02-07 07:31 - 000000000 ____D C:\Users\Arhelger\AppData\Local\Google 2018-08-21 06:38 - 2012-02-07 07:22 - 000000000 ____D C:\Program Files (x86)\Google 2018-08-20 14:29 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\cc 2018-08-18 21:52 - 2015-04-30 06:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-08-18 16:51 - 2012-11-05 09:37 - 000058051 _____ C:\Users\Arhelger\Documents\Wanderwege Dietzhölztal - Eschenburg.xlsx 2018-08-18 16:29 - 2017-05-12 18:14 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Mozilla 2018-08-18 16:29 - 2016-11-27 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2018-08-18 16:29 - 2015-04-30 06:04 - 000001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2018-08-18 16:29 - 2014-03-25 09:07 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Thunderbird 2018-08-18 16:29 - 2014-02-04 09:04 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Mozilla 2018-08-16 06:12 - 2012-02-08 07:22 - 000000000 ____D C:\Users\Arhelger\Documents\WISO Mein Geld 2018-08-16 06:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2018-08-16 05:36 - 2018-05-21 15:14 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-08-16 05:36 - 2011-10-14 14:15 - 000000000 ____D C:\Windows\system32\Macromed 2018-08-16 05:36 - 2011-07-18 23:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-08-15 05:15 - 2015-06-26 05:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-08-07 05:45 - 2011-05-16 16:04 - 000699884 _____ C:\Windows\system32\perfh007.dat 2018-08-07 05:45 - 2011-05-16 16:04 - 000149766 _____ C:\Windows\system32\perfc007.dat 2018-08-07 05:45 - 2009-07-14 07:13 - 001622300 _____ C:\Windows\system32\PerfStringBackup.INI 2018-08-01 20:07 - 2012-02-08 07:17 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-04-23 06:21 - 2015-04-23 06:21 - 004218880 _____ (Piriform Ltd) C:\Program Files (x86)\ccsetup504_slim.exe 2015-04-06 10:47 - 2015-04-06 10:47 - 000000132 _____ () C:\Users\Arhelger\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format 2015-01-15 08:53 - 2015-01-15 08:53 - 000001456 _____ () C:\Users\Arhelger\AppData\Local\Adobe Für Web speichern 12.0 Prefs 2016-07-16 15:12 - 2016-07-16 15:12 - 000009728 _____ () C:\Users\Arhelger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-20 14:40 - 2015-04-20 14:40 - 000000000 ___SH () C:\Users\Arhelger\AppData\Local\LumaEmu 2013-10-18 03:23 - 2013-10-18 03:23 - 000007605 _____ () C:\Users\Arhelger\AppData\Local\Resmon.ResmonCfg 2012-02-07 09:12 - 2012-02-07 09:12 - 000017408 _____ () C:\Users\Arhelger\AppData\Local\WebpageIcons.db ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2018-08-16 17:16 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22.08.2018 durchgeführt von Arhelger (22-08-2018 20:51:18) Gestartet von C:\Users\Arhelger\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-02-07 05:28:37) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2519664068-3109547711-38441924-500 - Administrator - Disabled) Arhelger (S-1-5-21-2519664068-3109547711-38441924-1001 - Administrator - Enabled) => C:\Users\Arhelger Gast (S-1-5-21-2519664068-3109547711-38441924-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2519664068-3109547711-38441924-1026 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated) Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Premiere Elements 11 (HKLM\...\{66CF1DF9-1715-4325-89BC-76B1CA2EE3BE}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated) Ahnenblatt 2.98 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.98.1.1 - Dirk Böttcher) AMD Catalyst Install Manager (HKLM\...\{0348F1C7-2092-A05D-DC67-8ECA9EA72C20}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.) Apowersoft Online Launcher Version 1.4.6 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED) Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG) Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin) AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden calibre (HKLM-x32\...\{D2DCF339-7EBC-4D88-B515-A504297796EA}) (Version: 3.6.0 - Kovid Goyal) Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - ) Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation) CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation) CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DATA BECKER CD-DVD Druckerei 7 (HKLM-x32\...\CD-DVD Druckerei 7_is1) (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden Druckerdeinstallation für EPSON XP-540 Series (HKLM\...\EPSON XP-540 Series) (Version: - Seiko Epson Corporation) Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation) EG*Headlight 1 e-Workbook (HKLM-x32\...\{94D858E3-1BE9-4D81-94A4-FF1695F61CAB}) (Version: 1.0.7.0 - Cornelsen Verlag) Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Ihr Firmenname) Hidden Epic Games Launcher (HKLM-x32\...\{AF7881ED-41D7-4ECA-8C7C-AE10DFA0E489}) (Version: 1.1.151.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation) Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{29F4F2C2-CB73-418D-BA99-7BB5ECD9F7BF}) (Version: 4.4.6 - Seiko Epson Corporation) EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation) EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA) Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden FRITZ!Powerline (HKLM-x32\...\{EB579783-79C4-461A-9493-B9F19EAA23B2}) (Version: 01.02.00 - AVM GmbH) Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hpg4000 (HKLM-x32\...\{2814D1CB-7038-4EE4-8421-9C18FD571014}) (Version: 13.0.0.0 - Ihr Firmenname) Hidden HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Kindersicherung 2017 (HKLM-x32\...\Salfeld-Kindersicherung_is1) (Version: - ) Landwirtschafts Simulator 2011 (HKLM-x32\...\FarmingSimulator2011_PLATINUMDE_is1) (Version: 1.0 - GIANTS Software) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) MAGIX Foto Manager 10 (HKLM-x32\...\{5F2380C8-5443-40E4-8FD5-DE0AEC16B4BC}) (Version: 8.0.1.136 - MAGIX AG) Hidden MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG) MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\{340912AA-1A68-4D7F-9604-E3520FF69B98}) (Version: 10.5.0.12 - MAGIX AG) Hidden MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx_SE) (Version: 10.5.0.12 - MAGIX AG) MAGIX Online Druck Service (HKLM-x32\...\{A6338038-539C-3896-C692-1D33BBB01D46}) (Version: 1.1.0 - myphotobook GmbH) Hidden MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH) MAGIX Screenshare (HKLM-x32\...\{129D4434-B9AB-4C09-BCE1-110E6C8E10E9}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Speed burnR (MSI) (HKLM\...\{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Video deluxe 2014 (HKLM\...\{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Hidden MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.) Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation) Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5041.1001 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla) Mozilla Thunderbird 60.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 60.0 (x86 de)) (Version: 60.0 - Mozilla) Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH) PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (HKLM-x32\...\{45FF54A4-ECD4-455D-89A2-D209737AD726}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Pošta Windows Live (HKLM-x32\...\{125D677D-7C65-4660-8E1C-68EF9F32F291}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PRE11 STI 64Installer (HKLM-x32\...\{B614E5FA-6DA4-45A1-845C-52F870240A89}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Protect Disc License Helper 1.0.125 (IE) (HKU\.DEFAULT\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc) Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd) Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Hidden SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\InstallShield_{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Sinner Kochbuch-CD (HKLM-x32\...\Sinner Kochbuch-CD) (Version: 1.0 - Computerstudio Lemmer & Ernst GmbH) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden Sounds für Video- und Foto Shows DELUXE (HKLM-x32\...\Sounds für Video- und Foto Shows DELUXE) (Version: - ) Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Versandhelfer (HKLM-x32\...\{7189F66A-1560-1573-05C9-DE53613AEA1A}) (Version: 0.9.511 - Deutsche Post AG) Hidden Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionpc.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH) WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies) WISO Mein Geld 365 Professional (HKLM-x32\...\{36C0BA39-2207-4146-BD4E-3146DF7B9147}) (Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version: - Buhl Data Service GmbH) WISO steuer:Sparbuch 2017 (HKLM-x32\...\{E2049356-A0DB-404A-A8FA-521981BE9736}) (Version: 24.00.1375 - Buhl Data Service GmbH) WISO steuer:Sparbuch 2018 (HKLM-x32\...\{2827FF45-D53F-4E56-B4A7-AB71F58A3945}) (Version: 25.00.1359 - Buhl Data Service GmbH) Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2519664068-3109547711-38441924-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arhelger\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-15] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {27A9B751-54B1-4C34-80FD-671C0D15FDD5} - System32\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE [2013-11-22] (SEIKO EPSON CORPORATION) Task: {33FBFA83-E6EA-43C5-9C4F-C9BE0F7F4440} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {3975816E-C543-4A8E-97CB-45685403F54C} - System32\Tasks\{6A91FDCB-94AF-4D97-9C80-E46395E39257} => C:\Windows\system32\pcalua.exe -a "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster\12400-annihilator-v09.exe" -d "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster" Task: {41867780-87F0-41F4-93CE-27EC26702487} - System32\Tasks\AdobeAAMUpdater-1.0-Arhelger-PC-Arhelger => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated) Task: {69960CA3-BF20-46D1-A185-697EB5E88195} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {C41E458A-066F-4949-988C-ADA1DFB53FC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {C4F77D83-E9BE-4623-93C1-1EA03A7BA6B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {DAF4BB1B-2E9A-4774-9840-7DD25D2DC585} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated) Task: {E0A9F752-14E5-4F98-B6D1-AD7F21DDA114} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-16] (Adobe Systems Incorporated) Task: {E5105AE2-05D1-4016-BFCB-CF159E6BD14C} - System32\Tasks\{B0FE20F0-FF1A-43F8-A424-FE83AB4A359E} => C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe [2016-12-13] (Seiko Epson Corporation) Task: {F0560587-8336-4E42-BB5D-640F637F5D6D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-08-16] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE:/EXE:{43713E83-749E-4B66-AFC6-AA2EF8550266} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9d7ba33b467ddc1\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" --app-id=pjkljhegncpnkpknbcohdijeoejaedia ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\Jannik - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eafae96818e1883\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Sven - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-04-14 06:59 - 2006-02-23 11:35 - 000020480 _____ () C:\Windows\System32\FritzColorPort64.dll 2014-04-14 06:59 - 2006-02-22 10:39 - 000020480 _____ () C:\Windows\System32\FritzPort64.dll 2011-09-15 22:44 - 2011-09-15 22:44 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-10-09 09:30 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2011-10-07 12:23 - 2011-10-07 12:23 - 000070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe 2012-02-07 07:22 - 2012-02-07 07:22 - 000058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000029696 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Config\2.7.0.12__f722db7bec59a14b\Tvd.Config.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000112640 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\ApricoIJW.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 006936576 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\axelspringer.dll 2018-08-20 13:20 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-08-20 13:20 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2012-09-17 06:11 - 2012-09-17 06:11 - 004003408 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\AMocWrapper.dll 2011-09-15 22:44 - 2011-09-15 22:44 - 000103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2011-09-15 23:00 - 2011-09-15 23:00 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2018-08-21 06:39 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll 2018-08-21 06:39 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll 2017-04-07 06:42 - 2016-04-13 13:18 - 000178968 _____ () C:\ProgramData\Software\CC\sse.dll 2017-04-07 06:55 - 2017-11-25 14:40 - 000131072 _____ () C:\ProgramData\NFS\nfccapi.dll 2017-04-07 06:55 - 2017-11-25 14:40 - 000376832 _____ () C:\ProgramData\NFS\protflt.dll 2018-08-21 21:04 - 2018-08-21 21:04 - 000864112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\kpcengine.2.3.dll 2017-04-07 06:42 - 2016-10-31 14:08 - 000249456 _____ () C:\ProgramData\Software\CC\v2\wdrvhook.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData:BDSDRMHK [64] AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64] AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64] AlternateDataStreams: C:\Users\Public\AppData:CSM [232] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arhelger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2519664068-3109547711-38441924-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.0 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{5D361A38-5498-4331-B111-132C538EC5B9}] => (Allow) E:\fsetup.exe FirewallRules: [{A00308AE-8E41-48B4-A796-05F7A7EC7482}] => (Allow) E:\fsetup.exe FirewallRules: [{CE46EE81-7714-42C7-8041-69C83EA8436F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{765D66BE-F09F-4923-A789-38D494A6121A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{DFE9DC56-7B3D-4AAC-B46A-52D0B8A9AF61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{63F90E36-F39A-495D-A93A-C5A52DD66F78}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{FC1FA289-2AA2-4D6F-8F1E-0519695C58F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe FirewallRules: [{B5090DE8-9AF7-49CF-9BC6-822239F6B4D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe FirewallRules: [{7D7A3876-BD96-47E2-87A1-B40AEF6D0FB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe FirewallRules: [{F97EAD12-3756-4A61-A1F5-E03A9F45DD25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{B44A455B-4183-466D-A13C-4E3AB9CB91CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{4B0C2595-2171-435C-BCC2-62C5DF32776D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{5E4AE683-1F68-4FA4-A7F3-F5BDE57F653F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{16B70705-EC2B-4A58-8BDC-21B71DBBEF90}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{36FC00FA-A056-40DC-8E6F-2F5157443BA8}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{64842565-BBC4-4E8B-A5E4-A528247576F0}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{9EE153AF-E7BD-41D5-9FD9-1EA4C886D48C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{16C08C33-DD75-4EAD-86FE-A6AC7F47B91A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{518C6F44-A86C-4DA1-9C2E-DA80D1E33C86}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe FirewallRules: [{D27684F6-43EC-416A-AA16-617A3C6FC155}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe FirewallRules: [{7EA9C506-8B8F-4FA3-899C-7B53B73652D7}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe FirewallRules: [{D4F457AE-F913-44AD-B940-08685D9388AB}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe FirewallRules: [{3A0307A1-6B13-4CF0-BFFE-39FEE3331263}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{1032E88E-BCBA-4B4D-BAA4-BE28ED64843D}] => (Allow) LPort=2869 FirewallRules: [{58FBDCE0-332E-4594-8624-478516053E1F}] => (Allow) LPort=1900 FirewallRules: [{417C6553-2C5E-4570-812F-E8969030A2E2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{BD892735-C166-45B0-806E-20961954A31B}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe FirewallRules: [{ACBA402D-1CE4-42C4-8C4B-A2895D305F5F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe FirewallRules: [{9C39DC11-AF1E-4875-8125-B9531BB85880}] => (Allow) LPort=8743 FirewallRules: [{A956D535-DF15-498C-909B-10A0527A61B0}] => (Allow) LPort=8643 FirewallRules: [{20CBC063-52F8-4F25-90DB-8EF17FE8F5D5}] => (Allow) LPort=7676 FirewallRules: [{29A60709-655D-40F7-8A78-E3375B7F2FA8}] => (Allow) LPort=7679 FirewallRules: [{96144A4C-86AC-473F-8F51-7FE4CF1E1350}] => (Allow) LPort=24234 FirewallRules: [{5CD6ACFA-6713-4F62-B336-36C2AED59855}] => (Allow) LPort=7900 FirewallRules: [{2CCB2DBC-F498-417F-A996-B3ED6D58D53B}] => (Allow) LPort=1900 FirewallRules: [{47FF4180-27FE-4A39-9C9D-71697001C15E}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe FirewallRules: [{F49484E6-540A-42F6-8FC8-7D9C916003ED}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe FirewallRules: [{02474A9C-02D2-4DA8-B3DA-00DA33909D4D}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe FirewallRules: [{52B440E1-C299-4448-AA20-D31560AD999F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe FirewallRules: [{18DD90AA-0FAB-48FD-92BE-B6B59BC6F2F6}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{98C608F0-EF9F-43CF-9762-1CC95025E450}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [TCP Query User{ACB93035-9656-42CF-81D6-4CABF9077D0F}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [UDP Query User{0E59C1ED-2482-4C3F-AFA5-8C7BD65B3B47}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [{A870AFC8-A03C-4D46-A553-14FF7207E1AB}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [{B33558FD-473A-49EB-BC63-F6149C275D5E}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [TCP Query User{E52A09B1-7344-4E4B-A3F2-D203296262D1}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [UDP Query User{54F8861F-374D-4D90-8FAE-82061F8A4AE0}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [TCP Query User{DF63CED5-6898-4B8A-B135-FFE85EB22B82}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [UDP Query User{C1981E0B-04CF-498E-8AAA-F4C64BF8689F}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [{45AD1EAE-E04A-464E-AF72-58D0B56B602B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{F0AD9EB0-A809-49C8-BDAB-C14A9211EE2C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{CD173555-A1AF-47D4-9121-89397355486C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{DE6FA034-B2F9-4186-87C7-E4E4AE83839D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{760E7544-CC9D-4960-A00E-CF8C3A481CE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 22-08-2018 13:34:27 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Microsoft-Teredo-Tunneling-Adapter Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/22/2018 08:39:14 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/22/2018 08:09:24 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/22/2018 07:46:34 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/22/2018 12:45:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm FRST64.exe, Version 19.8.2018.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12f8 Startzeit: 01d43a04c3087782 Endzeit: 0 Anwendungspfad: C:\Users\Arhelger\Desktop\FRST64.exe Berichts-ID: 6e3160ec-a5f8-11e8-8096-e0b9a5d47ad7 Error: (08/22/2018 12:32:57 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/22/2018 06:59:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce85b ID des fehlerhaften Prozesses: 0xf84 Startzeit der fehlerhaften Anwendung: 0x01d439d4e01a51e7 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 36a1799d-a5c8-11e8-bbae-e0b9a5d47ad7 Error: (08/22/2018 06:54:28 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/22/2018 05:38:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce85b ID des fehlerhaften Prozesses: 0x1d74 Startzeit der fehlerhaften Anwendung: 0x01d439c9888cf8f4 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: c9203129-a5bc-11e8-96cf-e0b9a5d47ad7 Systemfehler: ============= Error: (08/22/2018 08:45:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (08/22/2018 08:44:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (08/22/2018 08:44:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (08/22/2018 08:39:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: sfdrv01a sfsync04 Error: (08/22/2018 08:39:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (08/22/2018 08:39:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht. Error: (08/22/2018 08:38:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (08/22/2018 08:38:28 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Treiber sfdrv01a.sys konnte nicht geladen werden. CodeIntegrity: =================================== Date: 2015-02-12 06:03:46.313 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 06:03:46.250 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 05:51:58.542 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 05:51:58.480 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:13:06.691 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:13:06.676 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:11:24.261 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:11:24.246 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: AMD A8-3820 APU with Radeon(tm) HD Graphics Prozentuale Nutzung des RAM: 71% Installierter physikalischer RAM: 3576.13 MB Verfügbarer physikalischer RAM: 1029.71 MB Summe virtueller Speicher: 7150.45 MB Verfügbarer virtueller Speicher: 4321.76 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:410.02 GB) NTFS Drive d: (Recover) (Fixed) (Total:50 GB) (Free:48.77 GB) NTFS \\?\Volume{bc107e45-5195-11e1-bc72-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== Ende von Addition.txt ============================ |
22.08.2018, 20:07 | #7 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System MemoryCode:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22.08.2018 durchgeführt von Arhelger (22-08-2018 20:15:15) Run:1 Gestartet von C:\Users\Arhelger\Desktop Geladene Profile: Arhelger (Verfügbare Profile: Arhelger) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** HKLM-x32\...\Run: [] => [X] HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ACHTUNG HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" IFEO: [Debugger] logonui.exe IFEO\sethc.exe: [Debugger] logonui.exe GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG U3 DfSdkS; kein ImagePath Task: {FBC496D9-5A9C-47A8-9AED-7ACA124821F1} - \{6220CDF8-30A8-45DE-8BC4-E3953F081C4A} -> Keine Datei <==== ACHTUNG Task: {D2D7279E-97E4-49D7-975A-0FF6CF076EDA} - System32\Tasks\{14435DC4-9037-46B0-AC76-63495A072DB3} => C:\Windows\system32\pcalua.exe -a "E:\Flatout Ultimate Carnage\1Setup.exe" -d "E:\Flatout Ultimate Carnage" Task: {2965DD3B-3092-4083-8961-B712E545D4DC} - System32\Tasks\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA} => E:\AutoStarter.exe Task: {3A29FA87-8FFA-4A97-9EAF-D6FF83004861} - System32\Tasks\{84062063-C92A-47A5-8F03-AB3936029012} => E:\AutoStarter.exe Task: {93FF0622-A5E9-42A7-8DC9-EF2D8705766F} - System32\Tasks\{ECEE297A-548D-44AC-83E1-39E190F9CE3D} => C:\Windows\system32\pcalua.exe -a C:\Users\Arhelger\Downloads\KiesSetup.exe -d C:\Users\Arhelger\Downloads Folder: C:\Users\Arhelger\AppData\Local\LumaEmu CMD: dir "%ProgramFiles%" CMD: dir "%ProgramFiles(x86)%" CMD: dir "%ProgramData%" CMD: dir "%Appdata%" CMD: dir "%LocalAppdata%" CMD: dir "%CommonProgramFiles(x86)%" CMD: dir "%CommonProgramW6432%" CMD: dir "%UserProfile%" CMD: dir "C:\" ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions CMD: ipconfig /flushdns CMD: netsh winsock reset RemoveProxy: EmptyTemp: ***************** "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" => erfolgreich entfernt "HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir" => erfolgreich entfernt "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\\Debugger" => erfolgreich entfernt "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sethc.exe" => erfolgreich entfernt C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User => erfolgreich verschoben "HKLM\System\CurrentControlSet\Services\DfSdkS" => erfolgreich entfernt DfSdkS => Dienst erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBC496D9-5A9C-47A8-9AED-7ACA124821F1}" => erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBC496D9-5A9C-47A8-9AED-7ACA124821F1}" => erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6220CDF8-30A8-45DE-8BC4-E3953F081C4A} => nicht gefunden "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2D7279E-97E4-49D7-975A-0FF6CF076EDA}" => erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2D7279E-97E4-49D7-975A-0FF6CF076EDA}" => erfolgreich entfernt C:\Windows\System32\Tasks\{14435DC4-9037-46B0-AC76-63495A072DB3} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{14435DC4-9037-46B0-AC76-63495A072DB3}" => erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2965DD3B-3092-4083-8961-B712E545D4DC}" => erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2965DD3B-3092-4083-8961-B712E545D4DC}" => erfolgreich entfernt C:\Windows\System32\Tasks\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA}" => erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A29FA87-8FFA-4A97-9EAF-D6FF83004861}" => erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A29FA87-8FFA-4A97-9EAF-D6FF83004861}" => erfolgreich entfernt C:\Windows\System32\Tasks\{84062063-C92A-47A5-8F03-AB3936029012} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{84062063-C92A-47A5-8F03-AB3936029012}" => erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93FF0622-A5E9-42A7-8DC9-EF2D8705766F}" => erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93FF0622-A5E9-42A7-8DC9-EF2D8705766F}" => erfolgreich entfernt C:\Windows\System32\Tasks\{ECEE297A-548D-44AC-83E1-39E190F9CE3D} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ECEE297A-548D-44AC-83E1-39E190F9CE3D}" => erfolgreich entfernt ========================= Folder: C:\Users\Arhelger\AppData\Local\LumaEmu ======================== C:\Users\Arhelger\AppData\Local\LumaEmu => Datei ====== Ende von Folder: ====== ========= dir "%ProgramFiles%" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\Program Files 20.08.2018 13:20 <DIR> . 20.08.2018 13:20 <DIR> .. 05.04.2013 15:32 <DIR> Adobe 28.10.2011 01:09 <DIR> ATI 28.10.2011 01:10 <DIR> ATI Technologies 08.07.2017 10:15 <DIR> BeamNG.drive 25.07.2017 14:44 <DIR> Common Files 11.02.2013 13:54 <DIR> DIFX 15.03.2017 15:30 <DIR> DVD Maker 07.02.2012 07:22 <DIR> Google 15.11.2017 07:15 <DIR> Internet Explorer 07.06.2018 05:27 <DIR> Java 29.10.2016 17:57 <DIR> Logitech 20.08.2018 13:20 <DIR> Malwarebytes 12.04.2011 10:28 <DIR> Microsoft Games 07.02.2012 09:13 <DIR> Microsoft Office 28.06.2018 05:48 <DIR> Microsoft Office 15 14.06.2017 04:32 <DIR> Microsoft Silverlight 14.07.2009 07:32 <DIR> MSBuild 07.02.2012 07:24 <DIR> PlayReady 28.10.2011 01:20 <DIR> Realtek 01.02.2017 10:48 <DIR> Recuva 14.07.2009 07:32 <DIR> Reference Assemblies 02.02.2017 07:18 <DIR> SAMSUNG 03.07.2017 05:49 <DIR> VideoLAN 26.07.2013 22:44 <DIR> Windows Defender 28.04.2014 13:15 <DIR> Windows Live 12.02.2012 20:30 <DIR> Windows Mail 15.11.2017 07:15 <DIR> Windows Media Player 14.07.2009 07:32 <DIR> Windows NT 12.02.2012 20:30 <DIR> Windows Photo Viewer 21.11.2010 05:31 <DIR> Windows Portable Devices 12.02.2012 20:30 <DIR> Windows Sidebar 25.04.2016 06:18 <DIR> WinPcap 0 Datei(en), 0 Bytes 34 Verzeichnis(se), 434.953.101.312 Bytes frei ========= Ende von CMD: ========= ========= dir "%ProgramFiles(x86)%" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\Program Files (x86) 21.08.2018 06:39 <DIR> . 21.08.2018 06:39 <DIR> .. 26.06.2015 05:22 <DIR> Adobe 26.03.2014 15:28 <DIR> af0.net 01.02.2017 08:43 <DIR> Aiseesoft Studio 28.10.2011 01:11 <DIR> AMD APP 30.12.2016 06:40 <DIR> Anvsoft 22.03.2017 06:15 <DIR> Areca 28.10.2011 01:09 <DIR> ATI Technologies 15.09.2016 06:22 <DIR> AviSynth 02.01.2013 08:01 <DIR> Brother 16.09.2015 07:03 <DIR> Buhl 18.08.2017 06:15 <DIR> Calibre2 10.11.2017 11:06 <DIR> Canon 23.04.2015 06:21 4.218.880 ccsetup504_slim.exe 07.06.2018 05:31 <DIR> Common Files 07.02.2012 07:22 <DIR> Corel 29.11.2017 14:46 <DIR> Cornelsen 22.03.2017 06:15 <DIR> CyberLink 23.08.2013 18:51 <DIR> DATA BECKER 19.05.2018 12:15 <DIR> EasyAntiCheat 14.07.2018 09:06 <DIR> Epic Games 06.04.2018 07:22 <DIR> epson 06.04.2018 06:45 <DIR> EPSON Software 25.09.2015 06:56 <DIR> Exact Audio Copy 03.03.2014 08:30 <DIR> Foxit Software 10.06.2015 05:02 <DIR> Freemake 14.04.2014 06:59 <DIR> FRITZ! 14.02.2012 14:00 <DIR> FRITZ!Box 14.02.2012 14:00 <DIR> FRITZ!BoxPrint 25.07.2017 05:57 <DIR> FRITZ!Powerline 21.08.2018 06:38 <DIR> Google 28.02.2014 08:02 <DIR> gs 29.09.2015 13:27 <DIR> HERMA 22.10.2015 05:14 <DIR> HP 15.11.2017 07:15 <DIR> Internet Explorer 01.03.2018 15:05 <DIR> ISL 21.08.2015 05:01 <DIR> Kaspersky Internet Security 2012 21.08.2018 21:04 <DIR> Kaspersky Lab 30.08.2014 09:07 <DIR> Kingsoft 27.12.2013 18:30 <DIR> Landwirtschafts Simulator 2011 15.01.2014 16:16 <DIR> MAGIX 24.02.2012 15:46 <DIR> MAGIX-Online-Druck-Service 07.02.2012 07:26 <DIR> MARKEMENT 07.02.2012 07:26 <DIR> Mediathek 29.08.2013 18:09 <DIR> Medion MediaPack 2 07.02.2012 07:26 <DIR> Memeo 13.05.2015 04:07 <DIR> Microsoft Application Virtualization Client 09.10.2014 09:40 <DIR> Microsoft Office 14.06.2017 04:32 <DIR> Microsoft Silverlight 28.11.2013 08:54 <DIR> Microsoft SkyDrive 18.07.2011 22:55 <DIR> Microsoft SQL Server Compact Edition 17.09.2014 06:13 <DIR> Microsoft WSE 16.05.2014 06:19 <DIR> Microsoft.NET 19.09.2016 10:49 <DIR> Mozilla Firefox 18.08.2018 21:52 <DIR> Mozilla Maintenance Service 18.08.2018 16:29 <DIR> Mozilla Thunderbird 14.09.2017 06:05 <DIR> Mp3tag 14.07.2009 07:32 <DIR> MSBuild 10.05.2012 06:11 <DIR> MSECache 15.01.2014 16:15 <DIR> MSXML 4.0 07.02.2012 07:26 <DIR> myMugle 09.06.2015 06:01 <DIR> Opera 08.07.2016 06:27 <DIR> PDF24 10.09.2012 13:13 <DIR> ProtectDisc Driver Installer 28.10.2011 01:20 <DIR> Realtek 14.07.2009 07:32 <DIR> Reference Assemblies 07.11.2016 08:25 <DIR> SaalDesignSoftware 18.10.2017 17:22 <DIR> Salfeld 20.06.2017 12:52 <DIR> Samsung 04.09.2014 15:43 <DIR> Sinner_Kochbuch_CD 25.11.2015 06:44 <DIR> StickRoot 09.10.2015 04:06 <DIR> Ulead PhotoImpact 11 14.09.2016 06:17 <DIR> Universal Media Server 03.06.2015 05:27 <DIR> VideoLAN 07.02.2012 07:22 <DIR> watchmi 16.01.2017 10:56 <DIR> Will Software 26.07.2013 22:44 <DIR> Windows Defender 28.04.2014 13:16 <DIR> Windows Live 12.02.2012 20:30 <DIR> Windows Mail 15.11.2017 07:15 <DIR> Windows Media Player 14.07.2009 07:32 <DIR> Windows NT 12.02.2012 20:30 <DIR> Windows Photo Viewer 21.11.2010 05:31 <DIR> Windows Portable Devices 12.02.2012 20:30 <DIR> Windows Sidebar 14.05.2018 05:56 <DIR> WISO 1 Datei(en), 4.218.880 Bytes 85 Verzeichnis(se), 434.953.023.488 Bytes frei ========= Ende von CMD: ========= ========= dir "%ProgramData%" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\ProgramData 26.06.2015 05:22 <DIR> Adobe 28.10.2011 01:10 <DIR> AMD 18.04.2018 13:17 <DIR> AomeiBR 24.02.2016 13:59 <DIR> Apowersoft 08.03.2017 10:03 <DIR> Ashampoo 28.10.2011 01:15 <DIR> ATI 23.07.2015 13:31 <DIR> AVAST Software 01.08.2018 20:07 <DIR> Buhl Data Service GmbH 25.07.2017 08:18 <DIR> CanonIJWSpt 13.09.2012 06:02 <DIR> CD-DVD Druckerei 7 07.02.2012 07:24 <DIR> Corel 02.11.2011 11:52 <DIR> CyberLink 13.09.2012 06:02 <DIR> DATA BECKER Downloads 19.05.2018 11:40 <DIR> Epic 10.11.2017 07:25 <DIR> Epson 10.06.2015 05:02 <DIR> Freemake 28.02.2014 08:20 <DIR> FreePDF 07.02.2012 07:22 <DIR> Google 20.06.2012 08:16 <DIR> HP 20.06.2012 08:12 <DIR> HP Product Assistant 14.04.2014 06:56 <DIR> ISDNWatch 22.08.2018 19:53 <DIR> Kaspersky Lab 21.08.2018 21:01 <DIR> Kaspersky Lab Setup Files 07.02.2012 07:28 <DIR> Kaspersky Rescue Disk 10 30.08.2014 09:08 <DIR> Kingsoft 29.10.2016 18:00 <DIR> Logishrd 15.01.2014 16:16 <DIR> MAGIX 20.08.2018 13:20 <DIR> Malwarebytes 21.05.2018 15:14 <DIR> McAfee 27.05.2015 14:43 <DIR> Microsoft Help 28.11.2013 08:54 <DIR> Microsoft OneDrive 29.01.2018 07:23 588 Microsoft.SqlServer.Compact.400.32.bc 25.03.2014 08:45 <DIR> Mozilla 25.11.2017 14:40 <DIR> NFS 31.03.2014 12:27 262.144 ntuser.dat 09.05.2017 06:30 <DIR> Oracle 13.05.2018 10:22 <DIR> Package Cache 18.02.2012 09:14 <DIR> Protexis 04.07.2013 07:59 <DIR> regid.1986-12.com.adobe 28.06.2018 05:49 <DIR> regid.1991-06.com.microsoft 20.06.2017 12:53 <DIR> Samsung 02.03.2017 18:21 <DIR> Skype 07.04.2017 06:42 <DIR> Software 25.07.2017 14:58 <DIR> Sony Corporation 18.07.2011 23:13 <DIR> Sun 02.11.2011 11:57 <DIR> Temp 09.06.2015 05:49 <DIR> TuneUp Software 07.02.2012 07:22 <DIR> TvdPersonal 25.07.2017 14:59 <DIR> UDL 14.09.2016 05:18 <DIR> UMS 09.02.2012 10:11 <DIR> VirtualizedApplications 20.06.2012 08:14 <DIR> WEBREG 2 Datei(en), 262.732 Bytes 50 Verzeichnis(se), 434.952.978.432 Bytes frei ========= Ende von CMD: ========= ========= dir "%Appdata%" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\Users\Arhelger\AppData\Roaming 19.05.2018 12:15 <DIR> . 19.05.2018 12:15 <DIR> .. 25.09.2015 06:56 <DIR> AccurateRip 12.12.2017 06:50 <DIR> Adobe 06.04.2015 10:47 132 Adobe CS5-Voreinstellungen fr BMP-Format 31.12.2017 17:23 <DIR> Ahnenblatt 16.09.2016 05:27 <DIR> Anvsoft 02.02.2017 06:57 <DIR> Apowersoft 07.02.2012 07:29 <DIR> ATI 27.09.2015 20:00 <DIR> Avery 29.01.2018 06:53 <DIR> Buhl 08.02.2012 07:22 <DIR> Buhl Data Service 08.12.2015 13:31 <DIR> Buhl Data Service GmbH 18.08.2017 06:20 <DIR> calibre 10.11.2017 07:15 <DIR> Canon 07.01.2013 16:01 <DIR> com.adobe.downloadassistant.AdobeDownloadAssistant 18.02.2012 09:15 <DIR> Corel 29.11.2017 14:45 <DIR> Cornelsen 16.03.2013 18:42 <DIR> DataDesign 11.04.2018 06:29 <DIR> DevExpress 07.05.2015 09:23 <DIR> Dropbox 13.09.2016 11:36 <DIR> dvdcss 28.08.2013 14:24 <DIR> DVDVideoSoft 25.09.2015 06:56 <DIR> EAC 19.05.2018 12:15 <DIR> EasyAntiCheat 10.11.2017 07:25 <DIR> EPSON 22.08.2014 20:32 <DIR> Flo & Seb Engineering 03.03.2014 08:31 <DIR> Foxit Software 14.04.2014 07:00 <DIR> FRITZ! 14.04.2014 06:56 <DIR> FRITZ!fax fr FRITZ!Box 15.02.2013 13:27 <DIR> GARMIN 16.05.2017 22:27 <DIR> Google 20.06.2012 08:15 <DIR> HP 22.10.2015 09:55 <DIR> HpUpdate 07.02.2012 07:28 <DIR> Identities 30.08.2014 09:07 <DIR> Kingsoft 29.10.2016 18:03 <DIR> Logishrd 29.10.2016 18:00 <DIR> Logitech 14.10.2011 13:27 <DIR> Macromedia 15.01.2014 16:25 <DIR> MAGIX 12.04.2011 10:28 <DIR> Media Center Programs 18.08.2018 16:29 <DIR> Mozilla 14.09.2017 06:08 <DIR> Mp3tag 01.04.2014 06:06 <DIR> Mugle 22.09.2015 15:36 <DIR> Nero 16.07.2015 08:08 <DIR> One Click Root 10.12.2013 08:19 <DIR> OpenOffice 09.06.2015 06:01 <DIR> Opera Software 16.05.2014 06:18 <DIR> ProtectDisc 20.06.2013 15:39 <DIR> Rovio 14.05.2018 05:40 <DIR> Rovio Entertainment Ltd 06.10.2015 07:21 <DIR> SaalDesignSoftware 07.04.2017 05:44 <DIR> Salfeld 27.09.2016 05:50 <DIR> Samsung 02.03.2017 18:21 <DIR> Skype 08.10.2014 15:22 <DIR> SoftGrid Client 13.09.2016 08:00 <DIR> Sun 18.08.2018 16:29 <DIR> Thunderbird 07.02.2012 09:14 <DIR> TP 09.06.2015 05:50 <DIR> TuneUp Software 15.12.2017 06:55 <DIR> vlc 11.06.2018 05:19 <DIR> WhatsApp 16.02.2012 20:03 <DIR> Windows Live Writer 14.03.2016 06:54 <DIR> YDP 13.04.2015 17:17 <DIR> {466A0DFA-C85C-4714-8AFE-2F0A00C73020} 1 Datei(en), 132 Bytes 64 Verzeichnis(se), 434.952.916.992 Bytes frei ========= Ende von CMD: ========= |
22.08.2018, 20:09 | #8 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System MemoryCode:
ATTFilter ========= dir "%LocalAppdata%" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\Users\Arhelger\AppData\Local 22.08.2018 12:39 <DIR> . 22.08.2018 12:39 <DIR> .. 25.06.2018 05:04 <DIR> Adobe 15.01.2015 08:53 1.456 Adobe Fr Web speichern 12.0 Prefs 01.02.2017 08:44 <DIR> Aiseesoft Studio 07.02.2012 07:29 <DIR> AMD 02.02.2017 06:57 <DIR> Apowersoft 13.02.2012 14:47 <DIR> Apps 07.02.2012 07:29 <DIR> ATI 05.10.2017 07:42 <DIR> Buhl 08.02.2012 07:22 <DIR> Buhl Data Service 16.09.2015 07:08 <DIR> Buhl Data Service GmbH 18.08.2017 06:19 <DIR> calibre-cache 15.07.2015 19:54 <DIR> CEF 20.04.2015 14:40 <DIR> CrashRpt 27.06.2017 18:18 <DIR> DataDesign 16.07.2016 15:12 9.728 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 15.09.2016 06:21 <DIR> Deployment 16.08.2018 05:22 <DIR> Diagnostics 20.06.2017 12:49 <DIR> Downloaded Installations 13.08.2017 10:57 <DIR> ElevatedDiagnostics 19.05.2018 11:39 <DIR> EpicGamesLauncher 11.09.2013 12:13 <DIR> Evernote 12.11.2014 08:57 <DIR> FlatOut Ultimate Carnage 13.09.2016 08:19 <DIR> fontconfig 19.05.2018 12:16 <DIR> FortniteGame 04.07.2013 06:50 <DIR> FreemakeVideoConverter 14.04.2014 07:00 <DIR> FRITZ! 11.02.2013 16:16 <DIR> GARMIN_Corp 30.08.2017 06:35 162.752 GDIPFONTCACHEV1.DAT 21.08.2018 06:39 <DIR> Google 10.06.2015 10:55 <DIR> GWX 20.06.2012 08:15 <DIR> HP 01.03.2018 15:21 <DIR> ISL 30.08.2014 09:12 <DIR> Kingsoft 22.08.2014 08:08 <DIR> Macromedia 12.09.2016 15:40 <DIR> Mad.Max.Fury.Road.2015 24.02.2012 15:56 <DIR> MAGIX 06.10.2016 11:07 <DIR> Microsoft 28.11.2013 09:19 <DIR> Microsoft Games 13.02.2012 07:00 <DIR> Microsoft Help 25.03.2014 08:45 <DIR> Mozilla 19.05.2018 12:19 <DIR> NVIDIA Corporation 09.06.2015 06:01 <DIR> Opera Software 17.09.2014 06:12 <DIR> PackageAware 28.02.2014 07:56 <DIR> PDF24 14.09.2016 05:53 <DIR> Plex Media Server 07.02.2012 07:29 <DIR> Power2Go 29.08.2013 17:51 <DIR> Program Files 04.07.2013 06:48 <DIR> Programs 18.10.2013 03:23 7.605 Resmon.ResmonCfg 11.03.2018 11:24 <DIR> Roblox 20.06.2017 12:57 <DIR> Samsung 02.03.2017 13:35 <DIR> Skype 07.02.2012 09:14 <DIR> SoftGrid Client 15.05.2018 05:40 <DIR> SquirrelTemp 22.08.2018 20:14 <DIR> Temp 14.09.2014 19:09 <DIR> Tempcf9273a2e904d339f0ed2becfb17781c 14.09.2014 19:09 <DIR> Tempd25b0f1338bfaf6c24348888ed762d79 22.08.2014 06:32 <DIR> Thunderbird 09.06.2015 05:50 <DIR> TuneUp Software 19.05.2018 12:16 <DIR> UnrealEngine 19.05.2018 11:39 <DIR> UnrealEngineLauncher 16.05.2014 06:56 <DIR> VirtualStore 07.02.2012 09:12 17.408 WebpageIcons.db 11.06.2018 05:19 <DIR> WhatsApp 19.09.2017 06:50 <DIR> Windows Live 16.05.2014 10:06 <DIR> Windows Live Writer 10.11.2017 11:20 <DIR> WISO Mein Geld 365 Professional 24.02.2012 15:56 <DIR> Xara 15.07.2015 09:22 <DIR> Xmarks 09.05.2012 19:22 <DIR> {002C1CFA-5AAE-4913-BA60-6A8B1ECD364E} 09.02.2013 19:47 <DIR> {00E74972-6619-47F8-8E27-E5286E812A4F} 09.04.2012 16:31 <DIR> {00F5DB17-1F4D-413E-90BE-25669B118A1F} 08.03.2012 19:38 <DIR> {0137D1E7-C012-4D90-8CD0-5D150B52CBD4} 12.10.2012 09:21 <DIR> {0150FB70-E454-4C31-A030-AA96DCD6C9C6} 16.05.2012 06:12 <DIR> {017B170C-2C45-4779-8D4E-4440CF0E4F60} 17.04.2012 09:28 <DIR> {018D4E23-E2EB-416A-A2BE-9435C2463868} 07.08.2012 05:07 <DIR> {019B08CA-7581-4921-9997-D8AED6E04ACF} 21.03.2012 04:39 <DIR> {01A16155-9B5B-476A-A60D-F4D0751820E8} 29.04.2012 08:39 <DIR> {01D04EB0-209E-419A-9546-9C7A5DD8E8A6} 25.06.2012 19:38 <DIR> {01D7B0A0-B4D9-4C3E-87D2-F07DBD7B6428} 14.02.2012 06:06 <DIR> {01FB58C1-C573-47F0-9A09-938E66442CB3} 11.02.2012 18:58 <DIR> {022D2109-EEF2-4A0F-B503-72F5F71239A1} 04.04.2012 12:22 <DIR> {02E9B60A-A4AF-4433-8C72-EB4F541B2E43} 06.08.2012 16:13 <DIR> {0308EAF2-F216-4EBA-A69C-D0FFA9166D2B} 27.04.2013 08:55 <DIR> {0310851E-4132-439A-82AB-1AA92CBB0D97} 06.04.2013 14:52 <DIR> {032F1954-BDA6-4A2C-B7EB-05ABBB7B51DB} 01.07.2012 20:00 <DIR> {0351D341-9F90-4551-9851-97AF7D2C7E7B} 02.03.2013 09:22 <DIR> {03FACB12-4E40-4818-B12F-F4D8AC0EF9FA} 18.04.2013 04:33 <DIR> {042CBB49-F485-47BB-9593-51A9D250DDA4} 04.01.2013 21:24 <DIR> {047F1154-F2FA-431F-9011-3CF3982723CA} 08.02.2012 07:35 <DIR> {04AAD096-2F97-41F5-B0E6-BB01036C5441} 29.03.2013 18:06 <DIR> {05339E32-2D6E-4138-B46E-F170EDEBBC5F} 02.09.2013 06:10 <DIR> {0540A991-7428-4656-A5D9-B1A35033B1F2} 04.10.2013 11:07 <DIR> {055F6BB1-C800-4160-903B-5DB0F9442CCF} 25.02.2012 20:15 <DIR> {0584050D-C7BD-4127-A2E1-76681B1FAD37} 07.02.2012 08:09 <DIR> {0584C497-8397-4D18-AF28-6895B70D8E56} 14.07.2012 06:48 <DIR> {05926D29-3B4F-42B6-9CCD-C7F46EAFC0E1} 24.02.2012 15:51 <DIR> {067E3751-E97E-47C2-870C-16828A03A5CC} 24.05.2012 16:51 <DIR> {06CCB32F-7E8C-42EA-A8A5-4C9D5DC54893} 25.04.2012 13:51 <DIR> {06DA70AE-E267-46F3-8265-04E00A7BF55D} 05.08.2012 18:01 <DIR> {06E30DCF-42F4-45C3-9DC4-BDB558B77585} 24.11.2013 17:56 <DIR> {07F66236-3C60-436F-8CB6-CF88FBC0B864} 27.10.2012 08:48 <DIR> {07F746AC-DEF4-40EA-BCD7-2C74D042C5B8} 31.03.2013 06:17 <DIR> {0830D1F1-55BA-4A31-BDF0-BEB40F7A9E34} 04.08.2012 06:34 <DIR> {086FD60E-1B2C-4CBE-B798-5937021ED279} 18.11.2012 17:14 <DIR> {08AD3419-5AE3-4276-8C84-DD016B5E66A3} 05.03.2013 05:11 <DIR> {0927C18B-F9DF-42D2-93B8-CF77A8D6353E} 22.03.2013 20:14 <DIR> {09363320-BE52-4ED1-B971-7CA92E819733} 07.05.2012 19:03 <DIR> {0989EA81-EAC7-4A5C-8F8D-B3AB9712087F} 14.07.2012 18:49 <DIR> {09C9ED86-8CC4-4BAF-8CD4-748230E97F2E} 08.05.2013 19:30 <DIR> {09DF4D89-B9A0-42EE-B196-3DBA94C20CB6} 02.09.2013 18:16 <DIR> {09FD5856-50D4-4714-8684-FF102F429C98} 25.04.2013 08:06 <DIR> {0A0C5293-B2E6-4738-AB4C-ABBDD6C63140} 29.04.2013 06:31 <DIR> {0A632511-5DFB-46D7-AE7B-34A601FE8065} 21.06.2012 05:06 <DIR> {0A79257F-03D1-4BF2-922A-DCCEB1536F2D} 11.02.2013 07:37 <DIR> {0AC527A9-3F50-41BA-8576-CC6C53E03DBA} 27.08.2012 05:06 <DIR> {0B260ECB-D75D-49C0-AFC9-858A288E089F} 23.08.2013 17:35 <DIR> {0BD6155A-6484-4CCD-96B2-C961E06174FB} 17.11.2013 18:20 <DIR> {0C9CD967-12C5-4AD6-A9A0-8920EC2A9FA2} 15.08.2012 05:06 <DIR> {0CA9C986-FB21-400C-BEBE-8CEFFFA408DD} 18.04.2012 12:39 <DIR> {0CC0EF6A-9222-4911-8E4C-D45F3C7F6F8E} 05.06.2013 11:27 <DIR> {0D1C6E02-8005-4A2B-9103-023EB405B104} 14.04.2013 07:14 <DIR> {0D3DE20E-9026-4A62-9301-25F3B2DAE8DB} 15.05.2013 13:49 <DIR> {0D5D38A2-DCB7-45A1-B325-A124C041B91B} 28.06.2012 20:45 <DIR> {0D67234A-E52C-4D37-8B7E-FF7F4B65A788} 25.03.2013 21:04 <DIR> {0D6E50DB-EDCB-4AE4-A4E0-766A1207A6FA} 16.08.2012 05:14 <DIR> {0D710532-0F52-4CDA-AFF7-EDAE5B6B1EB9} 11.09.2013 20:17 <DIR> {0D9484F3-01A2-4DFF-9844-DBF9DD50AF54} 05.10.2012 18:46 <DIR> {0DE74300-2928-4FB3-8EBB-992252967D69} 24.08.2013 19:09 <DIR> {0DED5360-109B-4CF3-A851-F53332A4F01A} 20.11.2013 21:16 <DIR> {0E2CB0DD-1034-4D8E-84EB-8578592798F7} 20.11.2012 07:45 <DIR> {0E731AEF-5435-4E1C-86B8-1349FCC26583} 21.06.2012 19:18 <DIR> {0E8D5274-B5E5-4C85-A408-FCBA27BA228A} 25.10.2013 09:11 <DIR> {0EBF782B-AF56-4F1C-B72E-8F5389AD1FD1} 22.06.2013 05:46 <DIR> {0EE61872-2655-43A2-AB9D-9CD661439C2C} 16.09.2012 23:29 <DIR> {0EEDCDC1-CA28-4F69-99B8-4EBE6BC224FE} 18.09.2012 22:14 <DIR> {0F37BB84-F3A8-4E1F-A64A-30837261379E} 02.10.2013 05:35 <DIR> {0F435A1C-A7AA-408C-BB35-1685F8BE7733} 15.02.2012 06:20 <DIR> {0F5702DE-FB41-4CF7-8C55-EBC8B6048752} 16.06.2012 05:45 <DIR> {0FB42BD4-556B-462B-8924-D316E5DD38F0} 19.09.2013 09:12 <DIR> {102D64D1-E729-4B25-9E7A-47C07C902199} 26.02.2012 20:44 <DIR> {1048E5DD-FF13-4F4C-BDC5-98D3D20881A5} 04.09.2013 12:13 <DIR> {10B009D9-8DC3-4109-921D-8448F3A7C790} 01.03.2013 08:21 <DIR> {1113C86B-1BA3-4520-833A-B48B295223C1} 12.07.2012 19:19 <DIR> {113AA0F3-BDD6-4AE6-AF8B-049D35BF4CC3} 23.02.2012 21:05 <DIR> {113F4C60-2582-4B13-B866-48AE87405975} 11.12.2012 17:45 <DIR> {114C5EC0-716F-4C9C-A6FC-2175F67FB098} 14.08.2013 18:26 <DIR> {116921E4-33F8-4D29-90F7-69DB8983553F} 12.07.2012 04:37 <DIR> {11B65749-4640-479E-A698-B839A14CC204} 30.05.2012 04:36 <DIR> {11BC5826-B2ED-4F10-A3AF-C738648D8E17} 17.12.2012 20:02 <DIR> {11C8D0C9-472F-45D2-830D-23DD5D8C8638} 09.03.2012 07:39 <DIR> {11E69806-7BBE-4B99-B77F-69B6558F2E2C} 16.04.2012 18:38 <DIR> {12B06723-7CF6-48E8-9322-C4B541FD28D2} 04.01.2013 07:30 <DIR> {12FBE21F-FEE5-46EE-A025-EE62DA89C651} 19.05.2013 11:04 <DIR> {13646911-132F-49F9-A60D-FD8C81604211} 26.01.2013 09:42 <DIR> {1377A20B-8CF8-4D88-B768-6268A25F79C6} 14.01.2013 11:52 <DIR> {13A6FB2A-8F51-410C-8613-11A479D1D014} 28.10.2013 13:28 <DIR> {13A77F86-4A1E-48B9-9F8B-73700EC814BD} 25.05.2013 08:33 <DIR> {13EADC84-E4D5-4B64-A443-07BB7F82B4C5} 08.06.2012 06:11 <DIR> {143136E5-958A-4F65-A268-B7D825406ACD} 06.08.2013 15:58 <DIR> {14A67526-BEA2-472E-9B3D-8382485FB28C} 08.07.2012 06:00 <DIR> {14C9617D-33F8-4B44-B474-E1FA2723E131} 18.11.2013 19:17 <DIR> {14D3F9C4-4F21-4820-806E-96544C6D0E13} 14.06.2013 06:01 <DIR> {14ED0A09-C94D-4B8A-902A-BFC029AA6AF5} 21.03.2013 19:59 <DIR> {150B08B8-1E31-4DD8-A44A-8C317A79846E} 25.10.2012 00:28 <DIR> {15322F69-37FE-4E3D-9D79-4E1C5AF6A937} 22.10.2012 10:19 <DIR> {1539D73F-411A-4409-B35A-E32E140AD041} 27.06.2012 19:21 <DIR> {1565D206-37FA-4D15-8A69-E0A96EC4A344} 05.04.2013 05:50 <DIR> {156E7634-F17C-4268-8CF2-B6BD8BDE4B6C} 22.06.2012 12:32 <DIR> {16401F97-B7B2-432B-8A77-CA0EA8E88B7A} 29.09.2012 07:18 <DIR> {16609260-2F5F-4BFE-A4BE-5B4A7FA8C70E} 24.10.2012 06:54 <DIR> {16A44FF1-AB01-4505-B5B9-6FD6A0C6C03E} 21.08.2013 06:51 <DIR> {16E9F86C-EDD0-438C-8294-FF882A3A3B79} 22.02.2012 07:43 <DIR> {171365C8-095E-4AD5-BE46-4CA3CE221EF3} 29.04.2012 14:04 <DIR> {172C95A2-B8AA-49E8-8DD0-6254D7A8F558} 15.09.2012 14:28 <DIR> {178B097F-E046-451A-AE4A-798AC9AE055D} 09.04.2013 19:26 <DIR> {179B962F-DE7E-4AE6-B0DC-53FE0A7A92C1} 22.02.2013 05:13 <DIR> {17BC3271-8761-4F16-BB94-14AA1CDA9A9F} 28.02.2012 08:07 <DIR> {17BD69AA-3CFA-49F6-BE39-B661A4EFC2FA} 12.02.2012 09:40 <DIR> {17D05F6A-11AE-4F49-BC7F-6E46AA05FD71} 02.11.2013 08:47 <DIR> {17EA412B-180F-4827-8F19-87E3EF4728D6} 27.01.2013 08:19 <DIR> {184D63D5-2E5D-4E00-94DA-A28F1C9259EA} 23.04.2012 05:05 <DIR> {1886756E-7AB5-458F-BFE1-28A2D0A58040} 16.09.2013 13:27 <DIR> {18B17EFF-7982-42B8-B59F-61C5C4174ABA} 05.08.2012 18:01 <DIR> {18F91A27-985F-4415-9C71-62FA67DC9387} 03.08.2012 11:07 <DIR> {191A15B5-03CA-44AD-A579-8AAE3D8572FD} 12.08.2012 06:28 <DIR> {195224B5-C17B-4F53-AAC4-34AC62919753} 29.06.2012 16:10 <DIR> {19922128-6816-4E92-B1D5-D4DA2519095F} 14.04.2012 07:36 <DIR> {19A26900-EF85-4B41-8615-EA9CDFA284D6} 07.11.2012 08:34 <DIR> {19BA166E-1983-405F-A410-DDC477F026AD} 17.10.2012 06:12 <DIR> {19C3CB81-CA97-4499-8E15-F43C47256F08} 13.10.2013 06:16 <DIR> {1A5D5486-ED41-4984-8BA6-8D4D787DA326} 24.10.2013 20:15 <DIR> {1AD10CC4-8CD7-444F-A03A-3A0E6D73910E} 04.05.2012 22:30 <DIR> {1ADC5F1C-18A0-45C7-886E-D139A24F1E78} 03.03.2013 08:53 <DIR> {1B78507D-AD70-475C-B0B6-8212D4ADC680} 18.10.2012 13:35 <DIR> {1B9190F1-6E53-48D8-8FEE-CF5F52AD82B7} 12.12.2012 06:26 <DIR> {1BB1EF0D-D9E6-4879-9C46-BDE93DB19CA7} 13.11.2012 14:26 <DIR> {1BE6A171-E85B-4510-A46B-18C8D54881D7} 15.04.2012 08:57 <DIR> {1BF0C04A-41D6-4FD1-9063-211167F1BAE8} 19.08.2012 18:20 <DIR> {1C0D0653-1029-4F52-8C0C-559BA7E14D49} 03.09.2012 19:42 <DIR> {1C2C47FE-6A90-4529-BEA1-A60DFF6F18C8} 25.02.2012 20:17 <DIR> {1C87BB5E-E0C2-42F7-9A48-9CE14D511F91} 05.05.2012 11:17 <DIR> {1C891922-C357-41CF-81D6-7C51C41E9033} 01.11.2012 08:39 <DIR> {1CD3CFE3-6FAB-4061-B7B1-79208F3DA71A} 25.06.2013 03:23 <DIR> {1D1E6BD4-53EC-46FE-8BE5-AFF6CCA601AD} 14.02.2012 06:06 <DIR> {1D206422-91E8-4FDF-AFCF-9A1CB4CDD861} 19.06.2012 11:05 <DIR> {1D478C6B-E655-415E-BF9E-27BFD650EE3C} 25.04.2012 13:42 <DIR> {1D86CC90-980E-4B0A-B18E-8E1B0FEB76DD} 11.11.2013 06:12 <DIR> {1D9D6B55-2017-438A-B772-D712E67CB65A} 20.06.2012 06:25 <DIR> {1DC82E47-7B5C-4A28-8CF1-1DE5C2E1C0B6} 20.08.2013 04:31 <DIR> {1DCBABF2-948E-4041-8EBB-8D81A5FC6078} 17.03.2013 05:10 <DIR> {1DDBAECA-0B15-4D25-BA46-B06CFF38BFCE} 09.09.2013 06:26 <DIR> {1E1276E1-4A8D-4472-84E3-4B3FA737A843} 23.08.2013 05:34 <DIR> {1E2C50B9-50AC-479F-A74D-D6D414347AD0} 03.02.2013 19:40 <DIR> {1E7401B9-C265-44D6-9BEE-45C38E8D5FD8} 06.12.2012 22:12 <DIR> {1E779B3F-2580-4132-9EF4-416F623604D4} 06.06.2012 20:11 <DIR> {1E828012-CACB-423D-A6A5-16D27DAF4E25} 17.11.2013 03:49 <DIR> {1E93B060-B95B-4A6A-AA76-80B8146AA64C} 03.04.2013 07:09 <DIR> {1E95550C-042A-4B8B-A66A-8F3DFC8B9808} 15.03.2012 05:30 <DIR> {1EE92966-CC1C-4D37-99A7-BFC14E7D2FB5} 26.08.2012 07:21 <DIR> {1EF2F882-E581-497C-9627-E820A6253D14} 01.11.2013 06:27 <DIR> {1F109866-84CE-41BC-A900-724546382AF9} 05.11.2013 08:07 <DIR> {1F3F60C7-B6D9-4C71-AB3C-B2CD7E9CA09B} 01.05.2013 19:49 <DIR> {1FE3A373-CF2F-403A-9E33-0A6CADBEB4BB} 29.04.2012 09:08 <DIR> {202B2DDA-F0CA-4442-B121-B6806A593154} 20.06.2013 07:04 <DIR> {2039B12B-06F7-4425-BE5C-730A217DEABF} 10.01.2013 07:17 <DIR> {20AF4F31-EC1C-4D22-8D9D-09574015BEE1} 24.11.2013 00:26 <DIR> {20C8B5BD-E495-48D6-9A6B-17E92C39ADFE} 05.01.2013 09:25 <DIR> {20E5AB93-44C9-40E7-A6F6-5163927463BA} 06.10.2013 13:55 <DIR> {212BE281-C025-413B-B7C4-9D42C6E6615A} 21.02.2012 07:14 <DIR> {21492DDB-8C06-4D59-98B8-8251AD6B2545} 15.05.2012 05:07 <DIR> {21F2C307-8AF8-4BEA-916B-B67730673C39} 29.05.2012 09:20 <DIR> {224156D7-2500-4B45-8568-F7B3B3135003} 29.08.2012 04:22 <DIR> {22593610-93B6-47BC-BBD4-F7746C4F189A} 12.12.2012 20:49 <DIR> {2266CA37-D393-49A2-AC5C-F8E1068D8824} 03.07.2012 05:02 <DIR> {22683C9E-4FE6-489A-8D91-186E28A4263D} 02.05.2012 10:16 <DIR> {22AD74A5-0E0A-4B17-89FC-4B43CBB04D0F} 06.06.2013 19:04 <DIR> {22B0DF95-CE51-4655-B304-70A5FA5C80EF} 24.04.2012 05:57 <DIR> {22CEB0D0-ADDC-4E32-A85B-4366CF426D39} 21.11.2012 20:59 <DIR> {22DF7DB7-7A3E-4F43-8072-78D705A8D546} 28.04.2012 06:45 <DIR> {22E0FDA8-0359-40EC-BC97-8F99BD5301CC} 02.05.2012 11:21 <DIR> {23A57C3B-467A-4375-997B-DE88D129D73E} 22.04.2012 06:38 <DIR> {23BAF4AE-E443-4146-B383-B58339E88EFF} 29.05.2012 09:20 <DIR> {241E2F6C-6540-4B4B-A083-7996A6C1095D} 30.05.2012 05:12 <DIR> {2432B39E-CBC3-4C44-A2AC-20AD10A5A9C7} 18.06.2013 18:47 <DIR> {2455C1C1-2DC7-481C-A6E3-1082BAB5C59D} 25.10.2012 15:26 <DIR> {245A7829-779B-4D58-83C7-7C9722F3C870} 24.02.2013 13:15 <DIR> {2487B341-0D25-4577-8767-1745586DF49E} 08.09.2012 06:49 <DIR> {248A3138-A9F6-42EA-B267-A30C326DB0D6} 14.12.2012 16:56 <DIR> {24D20DDD-60E2-4A2B-A11F-C2517DB77038} 26.12.2012 20:31 <DIR> {24D4B1EE-FAB7-4310-B0D9-6A774E1DC4DB} 17.10.2013 18:55 <DIR> {24EF60A0-1E4B-4F1D-90F7-6D0DFC0F93C2} 02.05.2012 05:37 <DIR> {251D40E2-0141-4428-9E93-7B1FBE24ECD8} 11.09.2013 08:17 <DIR> {2521F169-AE34-46DC-82E8-8C26496C5E39} 26.07.2013 22:06 <DIR> {252600FE-102F-4964-9E20-477CE8E80D26} 03.02.2013 19:37 <DIR> {254BEA56-7AE4-4B53-B3EE-8B447A757F31} 28.06.2012 08:30 <DIR> {25729DD2-79F7-436E-AB80-6BF57DC3DE83} 20.04.2013 07:54 <DIR> {25D128C6-7E08-441D-93FE-FDB8BA504DEF} 26.11.2013 07:23 <DIR> {25EDAEC2-1C6B-4CEE-8B83-C88E21067976} 11.08.2012 07:55 <DIR> {25F06543-5AED-4BE1-A899-3BDBCE8613A9} 24.06.2012 08:31 <DIR> {26480B68-C44A-4BB4-802C-334DA22A25F0} 07.09.2013 13:03 <DIR> {265156C0-5915-438A-8FDA-F04039E78F0C} 30.09.2013 18:48 <DIR> {2670F759-FDEB-44D9-9EEE-AA1681EADE62} 08.06.2013 20:01 <DIR> {26743C7E-5CFD-42F6-955F-AB93DBEBC3CF} 21.08.2012 05:08 <DIR> {268BED24-D633-40B7-88D1-8FBC97D54F6D} 21.02.2013 14:43 <DIR> {26AD5EC7-06FD-427B-AA48-8136A74BAA0F} 29.10.2012 05:41 <DIR> {26DE84ED-0CBC-4889-98A3-E9D3F3229AD6} 05.06.2012 05:12 <DIR> {27173C5C-C2C9-4320-BDF0-C4898EE6FE08} 26.02.2012 07:32 <DIR> {27C3A93A-155A-4DE9-A3E3-1788BCC586BF} 29.08.2013 12:16 <DIR> {285D04A1-1799-452C-9810-704046E8A786} 08.03.2013 07:42 <DIR> {286460B7-211E-4C78-A01D-BC26552AFAA1} 06.01.2013 06:38 <DIR> {28664F46-042A-4E47-B2C5-8B2EA95AD0D5} 03.07.2013 19:08 <DIR> {288E9FC7-C413-4DD0-8195-725EED1FC4A3} 08.11.2012 13:33 <DIR> {290C8FF6-7617-4548-BEBD-E319CAD1274A} 15.03.2012 05:30 <DIR> {29EDA13E-AB8D-457F-BBBE-08B7612BFA78} 20.06.2013 22:16 <DIR> {29F2A73F-0516-4538-B992-0061557AB2D2} 13.03.2013 05:15 <DIR> {29FFF575-BFDB-4B5E-A09E-E4AFF4AEE5E6} 14.10.2013 22:05 <DIR> {2A2945F5-036F-4099-9C20-25B63A6B4C7F} 20.06.2012 13:14 <DIR> {2A2CDFE3-C4B8-4677-8993-30043F74063F} 05.11.2012 12:40 <DIR> {2A9CE74F-FF30-41D8-8D93-12E8B2CB97E3} 05.07.2012 13:35 <DIR> {2AF141D8-7A01-4F91-82AF-2ACCC65298A1} 27.11.2013 07:24 <DIR> {2B8AF309-A913-4CA7-BC51-5E00EDF753C8} 29.04.2013 19:49 <DIR> {2B939BAE-AE48-41A0-9ECA-1594433C4475} 08.05.2012 15:01 <DIR> {2BFEE06E-4E38-4703-A7F1-A03BDAB11144} 08.06.2012 06:10 <DIR> {2C368B92-347F-4CF3-8971-43146E5150C1} 28.06.2013 01:11 <DIR> {2CC82253-3688-4878-904D-0F284451E2A3} 17.06.2012 10:19 <DIR> {2CED07F7-A85A-459B-B2CA-E789E7FCA539} 28.12.2012 00:14 <DIR> {2D616445-D39F-4661-88F8-A717574D79FF} 25.04.2012 05:24 <DIR> {2DA1357E-008F-4B27-89C6-06E306CA0D6B} 01.07.2012 07:39 <DIR> {2DCACE38-ADB7-4984-BF9F-8D8EED2EF8AA} 10.10.2012 19:14 <DIR> {2DEBC1F6-069E-4495-8FB5-4BE5840689A4} 04.05.2012 22:30 <DIR> {2E2FAAD8-B18E-4DA8-9732-75D56E16356D} 07.08.2012 17:16 <DIR> {2EA2C82B-7CFB-42FD-B2A5-2355320C5DEB} 10.12.2012 05:27 <DIR> {2EDB6AE9-1A9E-4F40-96D4-3123EE60D0E4} 04.11.2013 19:52 <DIR> {2EEEE716-FA39-4522-973E-DA46F7EAEBD5} 23.05.2012 18:31 <DIR> {2F0B432D-C99D-4DB2-818B-5954DE9A203D} 27.06.2012 06:47 <DIR> {2F139CB0-8630-4335-9202-BAFFA9C2F59E} 14.05.2013 19:58 <DIR> {2F214D10-6C61-4EAE-B188-32B324FF84FB} 29.07.2013 13:04 <DIR> {2F32BF3C-29AE-42C8-A2C6-157DC0DBA9DA} 19.04.2012 09:12 <DIR> {2F82D2F6-6DC1-416E-9675-2CF5D65EEECE} 31.08.2013 12:42 <DIR> {2FD24D45-97C1-427A-8839-164C59AF24D2} 04.03.2013 14:11 <DIR> {2FE5C05C-55E7-4E89-8469-71AC0EDD964A} 27.03.2013 07:47 <DIR> {30185C40-1860-44E2-881D-BA474D26757E} 25.05.2012 18:59 <DIR> {30AD6C07-A89D-4140-B4BB-60FC97AB121E} 07.04.2013 23:11 <DIR> {30C8101B-152A-463A-905D-9A956F6771E6} 12.11.2013 07:05 <DIR> {30F0F5C1-361A-49F7-B909-8BB1122A2ECE} 20.06.2012 06:25 <DIR> {310AC8F0-01C9-43AE-81D8-65E85AAF0A79} 11.02.2012 03:54 <DIR> {315C135D-D306-46C1-B137-F5009B4A47F2} 10.07.2012 19:07 <DIR> {31771E23-2B10-4313-9E5A-1799E27D7E8A} 05.07.2013 18:36 <DIR> {3197652F-1791-4230-9873-57E71C63E711} 13.05.2012 05:51 <DIR> {319B6C35-2540-4132-9771-8A03181EB5A3} 07.07.2013 07:35 <DIR> {31A24935-879C-411F-B1B1-5C9A11D59BBC} 19.01.2013 23:41 <DIR> {31C1FA5B-93B7-4FC7-8F8E-EBF0AEB18C21} 09.08.2013 10:38 <DIR> {3200A828-1471-4DA5-A7E8-B1B4B6F04DF0} 04.06.2013 06:03 <DIR> {3224A251-A755-4E34-9BCE-7BAD4CD5B00E} 10.05.2012 12:15 <DIR> {326A695E-CD14-4C8A-886C-796E718E939F} 01.06.2012 16:33 <DIR> {32757647-4A7E-43CC-A663-358A47C834E5} 08.06.2013 08:01 <DIR> {3275F03A-ACFB-4FFB-A4F3-CEFD2AB1EFBD} 25.05.2012 06:11 <DIR> {328394F3-EDDF-42A5-9916-DB56739C91C9} 24.04.2012 15:22 <DIR> {330215D0-C91E-4B59-8F9D-F6E5F15B94FF} 27.03.2012 08:24 <DIR> {334349A0-B119-4850-915B-3342DBB6B9CD} 31.07.2013 06:35 <DIR> {334E38BF-4EAA-42B3-9FB2-73B184C24F22} 06.07.2013 06:43 <DIR> {33857AD7-F145-4484-8762-B73EA1106139} 27.10.2012 23:00 <DIR> {338B4454-F35B-4BB2-A17C-A7F0E40395D3} 29.02.2012 21:06 <DIR> {33AF8988-59A5-4A48-B67A-88E7ADB24A83} 18.05.2012 06:07 <DIR> {345EE255-5BE1-4EE4-BC91-33CEF99653C1} 29.01.2013 19:53 <DIR> {34752812-045F-46B5-9939-2BCBB6C4924C} 30.08.2013 21:10 <DIR> {34C33518-6F00-4CDD-A677-CB0312AEC118} 30.03.2012 07:04 <DIR> {34FDA26E-CB7D-4DDA-BB84-B273E9A028DA} 04.03.2012 21:15 <DIR> {356D8020-B8CA-4E16-B5CE-BCBC68076FEC} 18.10.2013 08:25 <DIR> {35777D4B-1518-48AC-B67C-EDB1737CA2EE} 19.06.2013 15:08 <DIR> {35876E92-FAFC-4B3F-99B4-C0754DCF5039} 10.05.2012 12:15 <DIR> {3594A6E1-2C28-4E7B-8B11-4BBA4FD1264A} 03.10.2012 06:55 <DIR> {3596827C-F433-434C-9005-C0D2683046E5} 03.06.2012 22:23 <DIR> {35A93C92-AF4C-4775-BB3E-30BAC386944E} 03.05.2012 06:15 <DIR> {35DFA49A-EA9A-43CA-A8AC-CFAF7C470000} 26.06.2012 13:06 <DIR> {35F916BB-CBB2-4BE5-989A-4F3017D6A297} 07.03.2012 17:20 <DIR> {35FD62CD-08B6-49AE-B661-9E8A0C365F82} 06.05.2012 10:30 <DIR> {36544B66-900F-4117-B06D-A4B720D27E0B} 28.02.2013 19:28 <DIR> {3656142E-05EE-41BA-AF1B-5A5E353F0DF7} 16.02.2012 06:10 <DIR> {36744AE7-06AE-45C1-81DD-61BF6CB38F71} 01.02.2013 06:23 <DIR> {36B80766-8EE7-4952-BF77-69D72A7620AB} 17.11.2012 06:34 <DIR> {36C2AC2E-D3D1-4641-A2F6-2A2224A460E3} 11.10.2012 08:02 <DIR> {36F290B0-0D69-4BCC-A03D-71746065FA38} 26.05.2012 22:21 <DIR> {375CF475-C95C-4223-A0D3-2F0923AE5E08} 07.08.2012 05:07 <DIR> {378B1B12-3693-480C-82F4-ABB93EBE78C2} 05.04.2013 19:57 <DIR> {37A696F3-9715-45A7-9142-185983DBDCC7} 12.10.2013 15:18 <DIR> {37E3CB94-5ED0-44FB-9D94-5ECA821BBAC1} 22.04.2012 06:38 <DIR> {37E4802F-66C1-4E22-8EC7-BD39F39E5743} 14.12.2012 04:56 <DIR> {381DFEBF-4E2B-485C-9560-B39028872B2D} 14.11.2013 17:29 <DIR> {3825427C-D53C-4C7B-A29A-D3E592444E94} 13.03.2012 14:41 <DIR> {383486DB-BEC3-4B30-9599-01ACAD76CC90} 30.06.2013 15:39 <DIR> {3836C132-F0D9-446F-BA4E-B334FE1DF48B} 22.11.2012 09:49 <DIR> {3856279C-E2E9-484A-8AA2-651BB760B3D7} 12.05.2012 10:16 <DIR> {388CB9BC-A95D-4DC9-BCE4-4F696FFD2EFB} 17.05.2012 10:41 <DIR> {38EF3653-B6B6-4890-A27B-5E890AA8A1CB} 26.09.2012 17:28 <DIR> {39C4D7B6-05E5-402E-9AF0-B300ED78950E} 06.04.2013 08:34 <DIR> {39F0312D-701F-40EF-B87C-BC050B5506F0} 07.02.2012 08:10 <DIR> {3A11BC4E-8E9E-46F4-B801-A7D1675938EC} 09.10.2013 19:58 <DIR> {3A44C98B-2E03-4AC1-B547-95CB015EA906} 25.02.2012 20:16 <DIR> {3A6AAA86-AE35-4250-9D7F-16F2DC2FAE59} 13.03.2013 18:26 <DIR> {3A6B846B-19F8-46A9-84DF-118245CC56AB} 10.06.2012 06:02 <DIR> {3A6E9C1F-0AD2-4BB0-97E3-F5638FC3C687} 01.08.2013 06:46 <DIR> {3A758628-F8AC-41C2-BE0C-37D40BFEAAD4} 27.05.2013 12:35 <DIR> {3AD26E9B-6A1B-4F5D-AA5D-BE99BDD021D3} 27.09.2012 22:51 <DIR> {3AE62C75-A9D4-48A1-A0E7-4F38E2768F72} 04.08.2013 21:11 <DIR> {3B155D2B-2FD6-489C-A4EC-ACAD20E7F246} 02.02.2013 14:57 <DIR> {3B2AF214-449A-43BA-8E86-9FA75E3AA0B0} 17.05.2013 10:44 <DIR> {3B4BF51D-4E40-4502-B31A-372ECAA298C9} 21.11.2013 16:00 <DIR> {3BA82CCD-57BC-4605-9C10-0F51EADDCD60} 17.03.2012 06:25 <DIR> {3BACC54C-8BE3-4CA1-B8AD-70DD4A98A89B} 08.09.2013 18:03 <DIR> {3BF20D49-D1FA-4795-B812-E2DD72074871} 31.10.2012 05:52 <DIR> {3C3D70CE-8350-41F7-926C-CFCED6F52ECD} 28.02.2012 08:02 <DIR> {3CA94783-1F2C-406D-BDDD-7074CCEED4C7} 20.10.2013 08:20 <DIR> {3D38EB10-4B5A-417D-A97B-0576C2377390} 27.08.2012 20:22 <DIR> {3D5E25CF-97FB-4720-9241-E5757EAF7CE9} 28.11.2012 10:01 <DIR> {3D5E8B7D-4783-4371-AFD7-543F2F3685AB} 22.03.2012 20:05 <DIR> {3D9476B1-71A3-42BA-9987-56868D69DB10} 22.04.2012 18:22 <DIR> {3D9A8839-84F6-44FA-9F3A-0DE0276D3D11} 02.05.2012 10:16 <DIR> {3DF456CC-860B-4F3A-9DEB-4FA6ED58BF67} 17.05.2012 10:41 <DIR> {3E28D4CB-B180-44AE-B3B4-9A86614F1538} 02.05.2012 15:57 <DIR> {3E60D716-186E-4A99-A720-65109D6A856E} 15.03.2013 08:00 <DIR> {3EA578E1-4B27-4FF1-A2EE-7B126AAB2B25} 22.12.2012 01:04 <DIR> {3EAFC226-BAC4-40CE-B3A0-55D203C5E680} 26.02.2013 06:13 <DIR> {3EC23A5E-C5C9-4AE3-B3E5-F3E4F96AB24A} 10.03.2012 17:53 <DIR> {3EC51A63-C671-4FE2-853A-68757F7F1F85} 13.05.2012 05:51 <DIR> {3EE2384D-12EC-4983-BD2C-D683962D886D} 27.04.2012 05:06 <DIR> {3F03D21B-B64A-4E88-811E-637B6F818042} 18.09.2013 07:49 <DIR> {3F1D7FC8-F7EB-4B19-BC9F-CA1356E8A356} 12.06.2012 08:43 <DIR> {3F45F815-38FF-4A46-8B88-3D7A1C192F78} 07.05.2013 11:05 <DIR> {3F578A58-E790-4593-9331-B38DC0F9DDEF} 12.08.2013 04:47 <DIR> {3F70034B-EBAC-49B0-B8CF-3266F1B9C6DE} 14.02.2012 06:07 <DIR> {3F7F6A67-08D1-4A0E-B4F0-5F915325BF09} 20.04.2012 21:26 <DIR> {3FA7A5F8-AA66-4EAF-81B2-C2B199196FF9} 09.10.2013 05:11 <DIR> {3FB0F977-A963-42AB-9FCC-4A3D4398FB7D} 26.04.2012 05:23 <DIR> {3FB227B7-EA54-4A1E-9377-FC75A60AD7F9} 26.08.2013 04:40 <DIR> {3FF05A9F-6A3A-46F4-BB73-DEBDCDF4E668} 22.04.2012 11:56 <DIR> {402982E6-6E9E-42CD-A5A7-061CEFAC5BD9} 04.07.2012 16:53 <DIR> {405E948F-01AE-49DE-8073-FCA025F415DE} 02.02.2013 00:30 <DIR> {4098C66C-EBD0-4B0F-A2BD-6E6DAAB2F308} 17.11.2012 19:21 <DIR> {40E92C36-D35A-4F5B-86B5-62C6FD10F9BF} 29.10.2013 18:45 <DIR> {40F0BCE1-583C-45E1-845F-382AF7881C41} 23.10.2012 06:11 <DIR> {413A3699-7258-4557-BCA4-A1BA3B645CD7} 12.12.2012 18:57 <DIR> {413A6789-5D18-475D-8924-3315FE566304} 03.08.2013 05:01 <DIR> {4157A857-C1BF-4EE7-AC9E-478F7E55B3BC} 28.08.2013 07:16 <DIR> {41AC2BF9-5496-4F9B-9A1C-3909AFC2BF3E} 12.03.2012 05:31 <DIR> {41BFA7D3-F763-42E4-A346-07187817D9D4} 17.08.2013 08:08 <DIR> {41E9F658-F09A-47CC-9F93-88084E9559A2} 01.09.2012 22:39 <DIR> {423763DE-7D1E-40FB-B528-8804698EF473} 23.04.2012 13:50 <DIR> {4240E828-9898-4F56-B81B-4A47A7622210} 29.03.2012 13:01 <DIR> {42CCD161-FFB0-40DF-A88F-3D36B8849AA5} 14.07.2012 18:49 <DIR> {42F725A4-A296-48DC-8B8F-12AE5A304AE9} 05.10.2012 05:54 <DIR> {43BA2C58-1354-4648-AE06-1488D8B91707} 03.03.2012 10:50 <DIR> {448EEA07-97F4-4115-942D-399BB4EF8929} 15.08.2013 06:26 <DIR> {449CAED1-D814-4903-9584-7EFD5FFEF9FD} 14.04.2013 19:14 <DIR> {44BD08FB-5D13-4750-B80D-0BD6ACAC73C1} 23.05.2012 18:31 <DIR> {44CF0CF9-D37E-478E-B9EE-AF172BF32CF4} 25.02.2013 13:39 <DIR> {4509BC37-7A2B-4C34-8A0A-9CDE4E2ED099} 12.06.2013 12:29 <DIR> {45A404CD-D32C-47E6-A196-07B4A2713048} 07.11.2013 08:53 <DIR> {45F428CD-DD62-4677-8F26-6EECB5BA10A0} 25.11.2012 20:45 <DIR> {45F66FF6-3950-4FB5-9646-47BA1309921B} 17.10.2012 23:28 <DIR> {466FFD3B-7E57-4BD5-A009-8851A9F0B171} 11.03.2012 08:48 <DIR> {4692BA29-30AD-4398-A0D4-82A43BCA9CCF} 21.03.2012 21:02 <DIR> {46E60772-0948-4D4F-9802-2D41D1903B69} 16.08.2013 19:39 <DIR> {472E9C7C-B408-4B02-8540-87F841110840} 06.07.2012 05:08 <DIR> {4798FC0A-4009-4E07-A872-B00A4854AA4C} 08.07.2012 16:24 <DIR> {47A66550-B6BF-4FBA-B84D-530B3AC6D3F1} 03.11.2012 09:34 <DIR> {47AB9B93-0391-4342-8B21-210C2C52576C} 05.05.2013 18:17 <DIR> {47AD1B08-D5F3-4390-9127-C12F515B1EC8} 10.03.2013 07:06 <DIR> {47C0834A-202F-4AC4-AE0F-441C015C0323} 20.11.2012 20:09 <DIR> {47C34EB9-810A-43CB-B11B-441BF893A22C} 25.06.2012 19:38 <DIR> {47F3B64F-3FD4-438A-8E87-E856E8F0EA28} 17.09.2012 12:07 <DIR> {484434C9-15AD-4E61-807C-11F3765CEAF2} 24.02.2012 15:51 <DIR> {48616DFC-8BEE-4EEB-95E4-1AA780FC93B0} 24.09.2012 08:32 <DIR> {48711CCF-0E9B-4D00-B13B-787B8AED8881} 16.12.2012 08:16 <DIR> {4884A93F-32D5-4673-877E-B712BBF59CEC} 24.11.2013 17:58 <DIR> {48A950CE-0E51-4C5A-8180-16A45760EA17} 24.02.2013 01:10 <DIR> {48B8F82F-F26D-4944-B9B0-F0742E12724C} 21.10.2012 06:23 <DIR> {48CCFBA2-D6DD-48A8-91AA-512347F4C0B3} 13.06.2012 20:01 <DIR> {48EEA541-E00A-48F7-8B50-5E25CB9B8BBE} 27.05.2012 19:35 <DIR> {495CF215-CC39-4911-8654-95483812175A} 20.02.2012 00:36 <DIR> {49AAB700-1EB8-406B-B02E-C8262DA1658F} 28.06.2013 15:04 <DIR> {4A4546B5-81E2-45DB-971F-6AEB54EB0959} 30.05.2012 04:36 <DIR> {4AD96AD3-093E-4460-A33F-597576E671A7} 28.04.2012 09:26 <DIR> {4B45A86E-BCAB-4655-8559-E67FB4A4EF6B} 17.08.2013 23:37 <DIR> {4BA5DB5F-0D35-4E50-9916-3657B5FAB42A} 23.06.2012 07:20 <DIR> {4BAEB805-8075-4DD6-BAA5-E1199A2E6549} 05.05.2012 11:17 <DIR> {4C300426-4BD9-4F80-9B6E-61BE5029FF25} 26.07.2013 08:45 <DIR> {4C4E5C3E-5919-4FE1-BF70-7237315FA92F} 18.02.2012 09:15 <DIR> {4C53A5E8-C465-4798-A29E-C0AC4C53494A} 05.08.2012 14:52 <DIR> {4C65A1CB-BA68-4684-8676-5CE6F0F4D382} 25.02.2012 21:49 <DIR> {4CC9BB65-CC8D-40F9-9723-07DFF61A55A3} 06.09.2013 06:05 <DIR> {4CCF45A3-3C7C-45DD-B480-2BF1327C8245} 13.11.2013 16:25 <DIR> {4D406809-91F4-48B8-BE8C-A2D76EF727A8} 16.11.2013 07:05 <DIR> {4DBB0BA1-3368-45B5-9D62-4360C0BCEA4C} 02.04.2013 06:05 <DIR> {4DC87C9E-B168-45AE-AF29-B924BF93218E} 16.06.2013 22:52 <DIR> {4DD30565-3907-4A44-A3CB-4A446F63AA06} 16.04.2013 07:06 <DIR> {4DF382C6-68F3-4438-A20B-69C520DFEB1D} 02.11.2012 06:09 <DIR> {4E099573-A215-4185-BEE7-0F6A35BCDF32} 24.03.2013 19:48 <DIR> {4E1E8B61-0D98-4800-918C-09BC7F2FEB14} 11.12.2012 05:44 <DIR> {4E6278C3-E350-412C-9DEB-854BCD9B8911} 19.04.2012 13:29 <DIR> {4E981409-3740-47ED-9FA4-8B9A9F68D1A5} 09.08.2012 06:58 <DIR> {4EC0A60C-B20D-47A0-9E45-9A0821EF53F0} 02.05.2012 05:37 <DIR> {4EDD2C07-F3F9-40C4-B784-4AD10F4122AE} 01.04.2012 10:46 <DIR> {4EF8CF7D-6F84-44BD-B7DC-179E2BDD316B} 19.10.2013 18:41 <DIR> {4F07561B-C550-45A8-B911-C8970CAA7A4C} 04.07.2012 22:33 <DIR> {4F148183-39EE-428C-BAF4-2CE576B54256} 21.02.2012 07:14 <DIR> {4F7805D9-84C5-4F43-B470-A546E848D086} 06.02.2013 16:15 <DIR> {4F998840-FC92-4A93-A667-980595AF6482} 26.08.2012 07:32 <DIR> {4FA5FEDB-D772-45E9-A5A9-B1CF66C0CC34} 14.08.2013 06:05 <DIR> {4FFD02FA-AF4A-4A60-B13C-7851637D5412} 14.05.2012 06:53 <DIR> {5005FD76-4031-49E7-B197-E644B1669080} 14.09.2013 14:44 <DIR> {502B4774-C22C-4223-A3CF-E664E30F5666} 20.05.2012 05:18 <DIR> {504C56F2-F86B-4CE0-A131-EC554ACF9373} 09.10.2012 07:13 <DIR> {5051E737-E97A-4DEC-9903-7EE3E8E6E0EF} 16.05.2013 06:32 <DIR> {5096E7EB-5979-4124-994F-6FF3A405AA76} 27.08.2013 05:52 <DIR> {50E8E6F2-694A-4123-8FBB-17E72EB22F78} 18.11.2013 06:31 <DIR> {50EC7DB5-96D9-4921-BF5A-25F1534D8E55} 06.11.2012 05:51 <DIR> {50EC81F5-ABAD-4B40-B9A6-3BCF9A8AF857} 09.11.2013 22:04 <DIR> {50F081A0-ECD1-4BCE-A2C2-2E428FC7C75B} 10.12.2012 17:34 <DIR> {51E5814A-31F5-41D2-A3AD-0039294F58FB} 01.08.2013 20:14 <DIR> {52A4E983-8AE8-40E2-8FED-CF504269E1C4} 07.04.2012 06:54 <DIR> {52B3E10F-9460-4C4C-880A-E7A8A574E0C7} 18.06.2012 18:09 <DIR> {52E45E8B-F0B9-4D5C-AF7F-ADD44A19159E} 13.01.2013 07:18 <DIR> {531D1277-AB9A-4B85-B11F-972EEA69720C} 29.10.2013 06:02 <DIR> {5370C6FA-483A-4506-AD23-BA3487B42847} 22.02.2013 18:21 <DIR> {53844149-1931-4232-A0B4-03909CE66F0C} 21.08.2013 19:41 <DIR> {53CCE204-8754-44C7-AC3F-B0E47574011A} 30.07.2013 17:47 <DIR> {540C2F4B-1EB9-4472-8985-5D70EF00153D} 07.03.2013 11:38 <DIR> {540EFDFF-F968-4AD0-B906-DB7AC5FDF9B8} 18.09.2013 20:26 <DIR> {5431409A-9BAC-45F2-98A8-8B1E3608C377} 30.08.2012 07:46 <DIR> {5440A586-7793-4E9C-AD6B-720A75123C6A} 17.12.2012 07:27 <DIR> {5491A596-B533-4BC4-8755-5F8FCAB82FB3} 28.02.2012 08:06 <DIR> {551929F1-7840-4658-AA98-D784534D5E81} 12.07.2012 04:36 <DIR> {5524E87F-68C8-4A71-9B39-4392D7906AC6} 12.04.2012 04:54 <DIR> {5529FFAA-F63D-437F-8FE8-47B6BCD95855} 19.11.2013 19:28 <DIR> {55420F8C-BDD1-45EA-A65D-1644F64B7E4D} 13.06.2013 05:30 <DIR> {55488A6B-E459-4F5E-B495-3185A21FD309} 25.11.2012 07:19 <DIR> {55CE638B-90BD-4516-A870-236A3B29DC18} 13.11.2012 00:11 <DIR> {55CEB39F-0500-42E7-8FA1-A34A26F0CA6D} 15.11.2013 19:04 <DIR> {55FEF5E8-7318-482A-99D7-43E139179741} 12.09.2012 08:36 <DIR> {566F675F-E941-42EF-94B9-710D543C3CF7} 16.04.2013 20:03 <DIR> {56C6D73B-F299-4F3F-A19F-AF0B911ECD8B} 01.02.2013 20:37 <DIR> {57163856-CAC0-42B3-863F-CD5B40292C0E} 14.02.2012 18:07 <DIR> {57400A95-3595-4A53-85C8-179F41A557CB} 29.02.2012 11:16 <DIR> {575AA84C-6221-4E22-A80F-89512B0717FB} 10.10.2013 09:19 <DIR> {576804FF-EE25-4980-A1C9-87D398EC1FEB} 03.06.2012 07:08 <DIR> {57B56351-AA73-416E-9C26-ADA10B6D62B9} 12.03.2012 20:34 <DIR> {57BE9C1C-500C-411C-BBE1-A5CD7C3364E8} 01.03.2013 07:29 <DIR> {58141E5A-C081-47C3-AE33-E6898D5F2BE2} 04.10.2013 12:22 <DIR> {583457CE-A96B-4513-B510-4DC1C876B191} 24.08.2013 07:08 <DIR> {58975C8B-DF9D-4FBC-A5D2-9EE34877E2AF} 19.01.2013 09:42 <DIR> {58B27BF7-325A-4C2F-BE03-8D0C6F0D04B6} 20.01.2013 13:35 <DIR> {58D1BB58-C549-4A13-931D-50BC8CF7B681} 21.03.2012 21:02 <DIR> {58F84D70-35CB-41C2-8264-577CE283C8A0} 23.10.2012 18:11 <DIR> {593BF080-FE9E-4683-9381-D301726CDA44} 30.09.2012 03:30 <DIR> {5966EAC6-442C-41A1-9A6D-B24153D4F0CC} 06.08.2012 16:13 <DIR> {59D22E78-5E3E-442B-A500-5783C04029BE} 29.04.2012 11:14 <DIR> {59E42F95-17A5-4889-80AC-9F38D0FBBA0E} 18.04.2012 18:47 <DIR> {59E6F06E-5A6D-442D-A5B6-32695E2FC49B} 04.03.2012 21:14 <DIR> {59FAA2F3-E26E-4DB3-9F71-ACC09188AA3F} 04.10.2012 13:59 <DIR> {5A21F6FC-FE89-4362-9030-149B3D098A72} 16.08.2012 19:55 <DIR> {5A2B1E5B-5E1E-49E1-9E41-7B20A316FDD3} 30.03.2013 10:22 <DIR> {5A8AA442-108E-449F-91E7-A5B44847535A} 07.08.2013 18:50 <DIR> {5A8C498E-ABDD-46D9-8CAA-D73DD673D634} 04.02.2013 08:17 <DIR> {5A905A6E-B599-482B-B56D-D739DD9A5FCC} 23.04.2013 06:03 <DIR> {5ABEA6D5-8C82-4AB0-92C2-C1FEE7E49AE2} 12.01.2013 14:39 <DIR> {5B6C7F56-7B2E-4544-8BDD-617752BCF512} 10.02.2012 13:52 <DIR> {5BB912E5-8B19-4B65-AE1C-DB94D7076341} 25.03.2013 08:49 <DIR> {5BBF322F-B713-4E8A-A109-A2F45FB87EE9} 09.03.2012 07:39 <DIR> {5BED1F4A-55A1-4504-A32E-8E28C95B3BD1} 31.05.2012 09:24 <DIR> {5BFCFD3E-0F62-4D5E-8727-3AD4C81794BF} 26.04.2012 12:27 <DIR> {5C1612AA-9D12-45A5-A1EC-BBB7FA8E94D0} 02.05.2012 19:23 <DIR> {5C9B39DF-F0D6-486E-8EA7-453459E46659} 16.05.2013 18:53 <DIR> {5CDDBB30-8C82-449E-9BCC-D219BF039D92} 11.04.2013 18:58 <DIR> {5CE64DB8-680B-4FE3-85E0-50AED762BF9D} 28.02.2012 21:26 <DIR> {5D2C8799-309F-4100-BA95-5A0EAD064352} 20.03.2013 18:48 <DIR> {5D34EC2E-F94E-4A12-BA63-FD1563F29A06} 30.06.2012 15:49 <DIR> {5D3CB807-352E-42A1-A665-F09917370CD7} 09.04.2013 07:18 <DIR> {5D548C0C-FB9F-47E8-B2DF-3C8803A9E018} 03.11.2013 09:32 <DIR> {5D5A6197-B106-493C-A7C8-4834E5198C2B} 13.10.2012 10:32 <DIR> {5D5D8A25-CA2D-42E1-B5E5-5914789EC02A} 13.03.2013 17:16 <DIR> {5D6D7A54-1271-4A74-9E38-8EDFD5E08821} 19.04.2012 20:29 <DIR> {5D7F2AE5-2008-4980-961C-26A3CC5A7995} 10.09.2013 06:34 <DIR> {5D835E34-0819-44DD-ACF1-BE7CCB056358} 15.01.2013 07:42 <DIR> {5D846800-D75D-41AA-97A8-C8F626F73145} 23.04.2013 19:03 <DIR> {5D90BB21-6C46-4C68-8A45-56E7D1D02B38} 09.09.2013 18:34 <DIR> {5DCBCED4-E16D-4C2B-825B-220F604E9B97} 07.07.2013 22:15 <DIR> {5E703AF4-3791-407E-8D25-56C6EDD031F5} 15.03.2013 20:42 <DIR> {5E903FFA-BD19-432D-B94D-3E5068268652} 23.09.2013 18:19 <DIR> {5F10ABFC-D0B4-4A15-A353-D531825BE428} 01.07.2012 07:39 <DIR> {5F1BB078-C661-49A0-A080-A92A85AE01ED} 01.06.2012 16:33 <DIR> {5F5078F7-B03C-4140-A12B-FCF8430C622C} 17.06.2013 13:07 <DIR> {5FBC0733-9970-45B1-B323-DD1022999F1C} 23.06.2012 20:28 <DIR> {601000AC-C79C-4433-BF33-F0F906419BB3} 16.05.2012 18:32 <DIR> {601794DB-9950-4B7B-8A7F-0D0BF348E1B4} 25.12.2012 09:12 <DIR> {602B43CB-F49F-4D8C-85D6-A79926A9BF08} 30.12.2012 11:55 <DIR> {60406840-C818-4613-B8EB-6D80BE2FD8B5} 03.06.2012 07:08 <DIR> {6052EDB4-E009-4507-826F-DA811B5251DC} 06.01.2013 18:47 <DIR> {618552AB-E438-48CA-8619-41020A64E6CA} 25.03.2012 23:28 <DIR> {619552E5-BEE2-4703-8301-FB66E2A7953E} 28.05.2013 06:17 <DIR> {62213B93-AC0D-4D0F-A805-ED1BF5D7586E} 22.02.2012 07:43 <DIR> {62371CC7-B4D6-4CA6-8DDE-CB7144958E2F} 25.09.2013 12:56 <DIR> {6239676B-22D0-436B-A99C-5C9646D07962} 27.09.2012 03:41 <DIR> {62396C93-3FC3-4F4D-B353-65B31F798623} 09.11.2012 05:29 <DIR> {6241C3A0-C8FC-4666-BFCD-44B2EAA57BC3} 30.06.2012 15:49 <DIR> {6297ADC3-2139-4FE7-9B02-4F793EA6C3B5} 16.11.2012 14:57 <DIR> {62E45271-969C-4A21-AE74-F0681B405E63} 09.02.2012 20:45 <DIR> {63221224-E91D-47F5-82AC-E6CD880AABCB} 02.12.2012 07:53 <DIR> {635A6F8D-6453-473E-8AC4-A4F98EAF2911} 23.02.2012 07:45 <DIR> {638AA037-8996-4C13-8F45-2F9329C131D0} 05.10.2013 09:51 <DIR> {639F2ADA-8391-495C-86FD-4850E139A432} 07.10.2013 18:44 <DIR> {63A048C3-974B-4A3F-A0F2-A43DBB1B9E0F} 13.06.2012 05:20 <DIR> {64124634-D272-4DF8-9F72-A7656444200E} 17.04.2012 07:13 <DIR> {642794F0-5C8F-486C-AE34-D9EB97EB2B94} 04.09.2012 19:30 <DIR> {643AD491-3BE0-4910-A6E8-48C65F4834B4} 14.07.2012 06:48 <DIR> {6466B0E5-059F-4415-ABC3-09DCC9D53438} 25.08.2013 08:44 <DIR> {647A027A-44F8-46DC-8FF1-EAA494741B8B} 16.03.2012 07:49 <DIR> {6482D602-EA1B-4A46-80AB-E5ED45DBE481} 11.10.2013 19:02 <DIR> {64B424F8-CC39-4E91-B0F1-6EF086AD9059} 08.05.2013 06:27 <DIR> {65506506-126D-4502-9C5A-D16F840EB2E6} 07.08.2013 05:23 <DIR> {65629BF7-4EE3-43B4-AE19-60606B247143} 29.04.2012 09:09 <DIR> {65A42D9E-A716-482E-8EF9-BBE57AE831C5} 08.10.2012 09:08 <DIR> {65BC0339-DC5F-44B0-91ED-1106A1E040AD} 30.09.2012 16:47 <DIR> {6624E60D-F8F4-441F-856E-647BC3989832} 16.02.2012 19:37 <DIR> {665EB0B7-4D9E-4BB0-88E7-99333E1A7CEA} 11.10.2012 20:49 <DIR> {66955EED-F874-4F5C-908F-56A133DDF210} 22.02.2012 19:44 <DIR> {669F38DD-8617-4792-9CBD-E00A447526D3} 24.04.2012 09:00 <DIR> {66C6C5BE-F307-42A1-BB38-2A908AA72E13} 16.03.2013 09:23 <DIR> {66DD8639-205D-4FF7-9DBA-482287DEDA99} 13.01.2013 19:35 <DIR> {66DE92A3-3578-4783-9847-6503019204F2} 14.11.2012 20:45 <DIR> {6706F647-4350-484F-B4A7-1468C3E3D934} 27.12.2012 09:07 <DIR> {67788DE7-8515-4A37-A7AE-6A214DCEAB59} 04.03.2012 09:14 <DIR> {67AF3D8B-EAD1-402D-AD07-35D364518188} 01.11.2013 20:04 <DIR> {67D44AAF-4CE8-4106-BD04-521CAD90938B} 23.09.2013 05:44 <DIR> {6824757C-0989-4494-97CC-A556C0BF352D} 09.07.2013 16:45 <DIR> {683138F3-50F8-4462-9E59-89D9A98A2226} 11.09.2012 12:06 <DIR> {6843AD83-AD41-492E-8324-6A3EBA9F1030} 12.08.2013 17:23 <DIR> {688FDD11-8CE2-4605-B511-5F532131B378} 22.09.2013 09:42 <DIR> {68D9CB8D-1920-47B2-A766-48BAAB58F177} 16.07.2012 17:39 <DIR> {68F1AF10-13B1-4898-AFA6-028F66B3CE10} 29.03.2013 05:17 <DIR> {6929E167-CB6E-406B-9812-8F7DC35A81A6} 10.03.2012 17:53 <DIR> {6997873D-645F-47E9-AD15-322B8E2DCFEA} 08.02.2013 07:41 <DIR> {69A7C500-027E-4FEB-A60C-8C0863CFE9CE} 06.02.2013 18:10 <DIR> {69A895EA-A616-42F6-B056-4B471B1D3D1C} 11.08.2013 10:34 <DIR> {69D27CCB-4E9F-40AA-8B96-26D6D722530D} 09.05.2013 07:56 <DIR> {69F736BD-5CA9-46B3-95C8-9C9788E907E8} 27.02.2013 13:09 <DIR> {6A1FCF10-49AA-4924-97E7-869D9A0E614E} 11.06.2012 06:50 <DIR> {6A21750E-2B0F-49CE-9D0A-F7264B58479E} 03.04.2013 19:36 <DIR> {6A9D7D16-95F6-4C61-AE61-F8B2F9F3A071} 29.06.2013 20:22 <DIR> {6AE0650E-C350-4850-B900-697956C15F9B} 02.11.2012 20:19 <DIR> {6AE2B820-A819-44CA-85CC-E0516E64345C} 02.05.2012 15:57 <DIR> {6AF4C43D-EACF-49E8-9053-2EF433300E52} 13.12.2012 13:16 <DIR> {6B1AF319-3139-410B-9E5A-933C29B782B7} 28.07.2013 20:05 <DIR> {6B4AD312-FF43-4321-976F-89A042C8E694} 09.02.2013 05:57 <DIR> {6B96203E-54DC-4DBE-A9E7-C9F7F94FB0A6} 04.11.2013 07:11 <DIR> {6BB0DE03-054C-4194-8974-63DF3D65BC4E} 04.12.2012 07:27 <DIR> {6C69D0F0-2D97-421D-9DF2-506B191D1083} 17.04.2013 08:18 <DIR> {6CF2732D-F7FA-4A53-9E4B-2DFC043191E6} 04.04.2013 09:19 <DIR> {6D5CA8A3-CE3C-4A0E-9C9A-2A4A9CC18D5A} 29.02.2012 21:06 <DIR> {6D77A11E-BC39-4EE7-9CF7-C355DEE0E49D} 08.09.2012 23:11 <DIR> {6D8433EC-DC1B-4146-BB24-5BCCFF5F23E0} 08.07.2013 10:48 <DIR> {6DE4A9AF-8D25-4CED-9542-7CB91354F8E1} 15.03.2012 19:16 <DIR> {6DF594E5-E97C-4413-9A80-F956515D2068} 23.01.2013 20:22 <DIR> {6E35BE88-4C7C-4354-94F5-D5D07968ECA3} 13.02.2013 19:57 <DIR> {6E84B85A-AC24-4DB9-A55E-202CFD96EAF2} 11.10.2013 03:31 <DIR> {6E8B0A2B-13D9-426D-8006-66A72331AAAF} 02.08.2013 11:01 <DIR> {6F20E884-8522-4EC4-B8E8-FC283F29D05E} 03.07.2012 17:36 <DIR> {6F2DCC6C-F811-4117-BC44-1BDE9D44A6A6} 10.09.2012 22:40 <DIR> {6F3BD267-35BA-4B4B-A8E9-8B54458E1924} 25.03.2012 08:48 <DIR> {6F4DA0D5-56B8-4677-9919-DF7B6BF6B84E} 08.03.2013 21:01 <DIR> {6FB52707-7E25-4C09-8E06-76C5EF0C341F} 11.11.2012 07:10 <DIR> {7004A009-A867-4FF1-92AA-EF70C34BC66B} 21.09.2013 06:34 <DIR> {705CA0EA-379F-400A-82F1-3D6A2B954894} 21.09.2013 19:45 <DIR> {7063AF04-A7AF-45E6-845B-DBE1E4C8585E} 21.04.2012 17:18 <DIR> {707D2E34-E32A-4D69-B8AC-12BFBC618088} 01.10.2012 18:31 <DIR> {709527EB-3F9D-4643-8D64-2ECD760D8FB0} 09.09.2012 12:28 <DIR> {70BAB5E0-77EE-41D3-8EC8-605E5DC30224} 26.04.2013 20:48 <DIR> {70EDF966-82B8-4E31-A109-23AAFE5A3845} 13.08.2012 05:07 <DIR> {71498F5E-B5CB-4506-A02B-CFF9F05237C6} 12.09.2013 12:36 <DIR> {714E849C-C614-458B-88E4-2A0313C8A549} 08.12.2012 05:39 <DIR> {717391EA-C4DA-4104-82FF-414E1FE52DC3} 14.02.2012 18:07 <DIR> {71880780-94A7-4261-8D26-0B7BA039EB04} 03.05.2013 18:26 <DIR> {71CBDFB4-66D3-4B27-B3EE-91A04705ED20} 27.03.2012 08:24 <DIR> {71CD6530-BDD2-4C64-ADDC-BF8C98D97A79} 18.05.2013 05:45 <DIR> {72C85FF4-A833-494C-99CC-A45DE26F753E} 10.03.2013 19:48 <DIR> {72DBDDD1-7668-42DB-B334-A4C660282D6D} 26.04.2013 06:26 <DIR> {732CE5AD-1770-413B-9469-CA3B8710BEFB} 13.04.2013 05:38 <DIR> {73761708-D582-44A9-82B2-95F8A3A95F11} 17.03.2012 19:46 <DIR> {7383B979-16BF-45E1-91CF-B4CEBFFBD49F} 03.07.2013 06:18 <DIR> {73A3AB9A-7032-4803-BAFC-6842B0EF9979} 06.03.2012 07:19 <DIR> {73A8B7C5-C710-45CF-BAF7-1E44896609AA} 09.06.2012 20:48 <DIR> {740C3A94-FD71-44EE-864E-4644AC12AF52} 17.02.2012 07:37 <DIR> {74238587-14FF-4887-AD07-376645A834A1} 26.06.2013 06:20 <DIR> {742DF3C8-CEA0-4B99-87DA-3DEB188E65E4} 10.07.2012 05:06 <DIR> {74362AD0-66BA-42C0-AAE5-CB21656044D5} 09.01.2013 13:24 <DIR> {74A7AC4A-CF87-4E20-93F8-C9C25363A43C} 15.04.2013 12:30 <DIR> {74D56685-CA06-4DAF-A81C-749EE33F2609} 15.10.2013 15:05 <DIR> {74D87C96-817C-4B8D-A1A2-B1640D35A1DF} 01.12.2012 06:02 <DIR> {74F2C5F3-A7A0-4000-B0E3-9936D9009C43} 01.05.2013 05:33 <DIR> {751F1820-C008-4161-8EF8-360185A208A5} 19.02.2012 07:25 <DIR> {75413B44-119C-449E-9F99-F5A1512C5877} 13.10.2012 10:26 <DIR> {75A2C6BA-1B9F-402D-91B5-29E7B35D52E3} 08.09.2013 05:24 <DIR> {75CD1F95-86D7-46A1-A8C6-730E7BB3339C} 28.01.2013 17:24 <DIR> {75ED7B87-2AA5-4FE9-BA93-F189E14BB359} 02.09.2012 11:38 <DIR> {75F651DB-ACB4-4DA7-90EB-2E0E15909042} 14.10.2013 08:31 <DIR> {76338339-95CC-45C4-8C17-8D941BD3BC8C} 18.03.2012 09:09 <DIR> {7655B22B-2337-4108-A1B7-3438CF94E1F9} 03.06.2013 07:41 <DIR> {7665E3D1-16CF-4C5F-9FB0-FE4258856631} 21.01.2013 22:53 <DIR> {7670948D-7141-4620-B432-484C521DC6E2} 13.02.2012 06:14 <DIR> {76A674B1-9E17-4A86-889E-A7438C21C211} 20.05.2013 10:39 <DIR> {76F54196-8BC8-4C82-8582-89A4DBE6D6A3} 25.05.2012 19:00 <DIR> {76F7267C-4128-472E-B27D-DA18574DFEE9} 26.05.2013 06:16 <DIR> {776A2F6B-E116-4715-9432-4A9D6DD5E013} 10.04.2013 12:18 <DIR> {778434DD-66C5-4476-9BD7-F25942296222} 06.11.2013 20:07 <DIR> {77A9A594-1499-448C-8F80-DC250C442244} 16.09.2012 04:34 <DIR> {77D679D5-1339-4410-ACC5-3FD8A50D1561} 25.04.2012 05:25 <DIR> {78450CA8-3A6C-4D11-9323-D1D984E99E9A} 20.10.2012 11:02 <DIR> {787AD66F-EB86-44C1-82AD-97EA761AA2B6} 13.05.2013 11:20 <DIR> {78A597F5-2EA6-4B18-8DF0-086377476F2E} 21.01.2013 07:28 <DIR> {78F12400-C374-4434-A986-EE8986EAA6A4} 27.11.2012 19:25 <DIR> {78FC292E-160E-4B48-85BA-3E97F0E196B7} 03.01.2013 07:40 <DIR> {790818E1-9DF1-4075-86FB-0F51B12A91B1} 08.04.2013 13:02 <DIR> {79A0B07A-EDC6-42EF-9D95-13BF3069DA62} 07.02.2013 19:29 <DIR> {79A16CBC-5479-418E-B840-C612C1FA85F4} 22.05.2013 12:25 <DIR> {79C8AD67-8160-4C72-A3C3-8CB591A3B19F} 24.08.2012 09:43 <DIR> {7A37FC92-C083-4C01-B1FC-75B8ED0CCEBC} 12.07.2012 19:19 <DIR> {7A387CC3-DC31-4FBF-8BE7-90D2D1C830FD} 09.02.2012 20:45 <DIR> {7A899E9A-763E-47DF-8798-B60EA37EDCCE} 02.05.2012 11:21 <DIR> {7A9C1DB1-7DCE-4165-B968-693960129C51} 21.10.2013 09:05 <DIR> {7AE7F530-7A65-4D8B-95DA-F5D561DFE1AC} 10.02.2013 11:37 <DIR> {7AEB0616-EB64-4E34-9EBC-17E2CE476C81} 24.06.2012 08:31 <DIR> {7B1C54F0-B8E4-4906-B875-59A4B4C8A8A4} 17.02.2012 21:14 <DIR> {7B3E1770-DB93-477F-A425-B504C8BA6F3D} 06.05.2013 19:13 <DIR> {7B7B4809-53B7-4055-9CDA-F7FA5AEBCE2D} 27.05.2012 06:09 <DIR> {7B89DD32-B6FB-4B18-BB39-2ACE6854F510} 26.02.2012 07:32 <DIR> {7BAFC369-E925-48E1-85F0-9903B6995F9D} 02.07.2012 12:48 <DIR> {7BE8A965-D1B0-4743-8893-81565C3437EB} 20.06.2013 19:26 <DIR> {7BE97FC2-3B6E-4E85-BCEB-98764C70DE59} 26.09.2013 05:29 <DIR> {7C9BA5CC-6B07-4990-B02D-95631F5C94C4} 30.05.2012 17:42 <DIR> {7CDF17C1-AF49-4C1B-A722-522771F80593} 19.02.2012 07:26 <DIR> {7CECC0CA-46FA-4D92-9204-AF59E7DB3D61} 18.04.2012 12:39 <DIR> {7CF5F131-5C3C-4264-87FF-6FDF523DB3BE} 20.12.2012 19:52 <DIR> {7D168C4A-3B4A-485B-8DEB-B6650B23D9FC} 22.05.2012 15:17 <DIR> {7D461B06-0C0A-4562-91F0-B7C63B51ED0E} 26.10.2013 18:47 <DIR> {7D4D1D94-DE7A-4C06-A299-7B3434DA44CE} 10.06.2013 17:42 <DIR> {7D6B333E-AF84-4CB7-869C-047F83D82F72} 27.06.2013 07:32 <DIR> {7D8A771A-1852-417E-9F51-E2D73C1C8F10} 05.12.2012 07:43 <DIR> {7DD16AD1-F8FD-4F6F-906C-361EA62470F6} 03.10.2012 23:29 <DIR> {7DE5A7A0-EEEB-4D77-999E-91A80BEEABA2} 26.10.2012 08:36 <DIR> {7DF2CBF2-689B-472D-BB84-EB5E67C4E204} 15.11.2012 11:07 <DIR> {7E2977B3-9651-48E1-A8CB-0AEF344D9ECB} 22.08.2013 08:49 <DIR> {7E2FE0D8-6AB8-48A3-B8C9-14C09FCFE1CF} 13.10.2013 18:40 <DIR> {7E61E30B-816A-45F6-931C-4C219696FDDE} 23.11.2012 06:27 <DIR> {7ED13480-BEB1-49E1-97CF-0BEB5CFFC7D9} 19.11.2012 19:13 <DIR> {7F055F63-2B9D-4E64-A8F5-70C951EFE039} 18.05.2013 20:20 <DIR> {7F6D5B6B-2C4D-4AF1-8ED3-AC02B8CF9186} 11.06.2012 19:39 <DIR> {7F71FF1A-2F52-4795-9FFE-29BA2036B656} 15.09.2013 19:41 <DIR> {7F91C45B-9D7A-4F95-8C96-077F443E9DD5} 29.01.2013 07:28 <DIR> {7FFE2CA7-0F94-49F5-8094-9C8B8D9A1DF2} 22.04.2012 11:56 <DIR> {80172FC5-CF1F-41D1-8BB6-CE1AC4EEE154} 09.05.2012 19:23 <DIR> {8048579B-8CF7-45A4-9FF8-231AFC5B31BE} 01.10.2012 06:16 <DIR> {8073CB31-6CAD-46EC-9774-C4F696F0C19E} 16.10.2012 13:06 <DIR> {80A5965E-9EBA-47ED-B6F1-4E03F96A1725} 23.05.2012 20:05 <DIR> {80B7F3D3-3368-4D8F-A382-8E9684D32423} 04.08.2013 07:35 <DIR> {80C98003-BDBB-42B2-94BA-25CDDB90F390} 03.05.2012 12:27 <DIR> {80FC9205-A558-457A-A676-F8AFB521C8B4} 24.03.2012 16:39 <DIR> {811D75A2-4A79-4115-B1F8-05EDE47F1733} 28.06.2012 20:45 <DIR> {814376E8-2590-462C-B82C-79810870982B} 01.06.2013 19:12 <DIR> {81509940-2596-475E-8785-0EE61BFDDE59} 21.10.2013 08:59 <DIR> {8186B229-AD44-4962-8050-8AD631BC41B9} 15.06.2012 13:21 <DIR> {81F4990F-7BF3-415C-BCF7-FE0C0D8728EA} 10.06.2012 18:49 <DIR> {82272556-52CE-40A0-8B60-FEF3A1D51A2F} 15.06.2012 05:06 <DIR> {8235ED9C-B33C-4CB5-A63D-1AF8284ADEB4} 24.04.2012 15:22 <DIR> {827A73F6-40D2-4B84-830E-1A6AC30F4798} 22.05.2012 15:18 <DIR> {82A1E4F3-27FA-408C-A96B-C96E9D400266} 04.12.2012 19:36 <DIR> {82CA4DB0-18CB-4705-9954-B73FCB813748} 29.09.2013 16:44 <DIR> {82E17F3D-345F-4857-88EC-34E5C42C65B8} 11.02.2013 21:18 <DIR> {82F2879E-49ED-4CF9-9A19-CCF3383CD06C} 25.03.2012 08:48 <DIR> {839128C8-7FE4-4717-8B49-2DE7E4EAAA64} 28.03.2012 06:19 <DIR> {83F694AA-CB1D-492B-9886-42390E253895} 01.02.2013 21:03 <DIR> {83FC8E0D-22E0-412B-9C3E-430340E35B14} 08.04.2012 08:53 <DIR> {841746B4-A965-4987-B848-1E6779D470BD} 13.09.2012 05:14 <DIR> {84727ED5-74B7-489F-BDBC-0907EC688313} 14.03.2013 20:00 <DIR> {84DF1161-FD01-438C-B8F3-5E8C13D89BF6} 14.10.2012 19:04 <DIR> {84F67BB7-1371-4972-A93C-724DCFA39B04} 15.06.2013 14:59 <DIR> {851B5972-25A8-4B23-937E-D813A695DF16} 03.03.2012 10:49 <DIR> {85649BE5-59B0-4600-B46F-E034DF343FCD} 26.02.2012 20:45 <DIR> {85862D0B-5564-4B00-BA32-0389E9037896} 13.02.2012 06:15 <DIR> {85B4B0B4-6EF9-4752-94ED-EB00D922E256} 11.11.2012 20:39 <DIR> {85C39368-06E3-4811-8A44-C16CA128E0DD} 08.07.2012 16:25 <DIR> {85C4AD0F-85CD-439C-AF48-232169C0A11C} 30.10.2012 01:20 <DIR> {860627AF-BD7C-46EC-873A-6653CEDAADC0} 17.03.2012 06:25 <DIR> {8612457C-5A8C-4176-B756-6955A7A71F31} 26.06.2013 19:32 <DIR> {8628C3E1-B163-48A4-B1A8-DE695E17316A} 21.12.2012 11:12 <DIR> {866CE764-B245-439C-B527-B54F286A52DC} 26.05.2013 18:32 <DIR> {86C0684A-0A34-4A07-AFCF-43AD7C7F4220} 01.09.2013 01:33 <DIR> {870DC35F-B93E-47B4-BDC8-4A7C57F3B4B6} 16.08.2012 04:24 <DIR> {87100FF3-69C2-49B7-9123-3ED49979F26C} 31.12.2012 21:59 <DIR> {873CC83D-8A88-47A2-82B1-3D1411083827} 10.04.2012 08:04 <DIR> {875046A6-93CF-44B8-8865-7CD259836B47} 18.04.2013 18:30 <DIR> {87518533-9F38-4AE9-B1A1-E0882148821B} 10.08.2012 05:07 <DIR> {87D846D2-81CE-4E52-91E3-097EDB812DD5} 20.04.2012 05:05 <DIR> {87EE70DF-7542-416B-BA18-BBA7B5C098C2} 15.11.2013 07:04 <DIR> {880A8353-0353-4F97-9D5A-C86321AD1628} 05.08.2013 13:20 <DIR> {88108D3E-7639-460D-A342-38C8B55CE2FF} 19.11.2013 07:17 <DIR> {8837B2AC-E6B5-4BF1-82A0-4EA3AAD18278} 30.07.2013 04:58 <DIR> {883C912E-6A6C-442B-AEA4-0BAECED3999D} 23.05.2012 06:15 <DIR> {88433DA0-2D20-4FD7-B74F-49A26A361DEB} 01.09.2013 16:29 <DIR> {885E638F-BB05-413A-966E-80082AD7A101} 20.05.2012 19:50 <DIR> {88764BEC-9B01-4FEB-B800-4556B7F35267} 22.02.2012 19:44 <DIR> {889437D5-0B85-48FC-A0DB-FC513241AB08} 31.10.2012 19:12 <DIR> {88CA971F-4435-42FA-B2DD-4120E2E343DA} 02.01.2013 06:32 <DIR> {89033B69-77AF-439C-97BE-37F899C4DB31} 31.07.2013 18:46 <DIR> {892D79FE-DB5F-4E77-B88F-270C2D61ABD1} 10.11.2013 10:49 <DIR> {8A0BAEE0-38D9-49C0-89F0-F6AD20B78F58} 16.05.2012 18:32 <DIR> {8A10B336-CD98-4BC9-B27D-CE7369C65677} 14.06.2012 12:29 <DIR> {8A4F33EF-CF38-453A-9F37-031B87368AA7} 09.11.2012 19:26 <DIR> {8A579260-769A-4924-91D1-C8BEDA390522} 19.05.2012 12:38 <DIR> {8A8875C4-0FB3-4E64-9BF8-F9753A1ACAD1} 12.12.2012 18:48 <DIR> {8ACFD3D5-B1CA-4000-87D6-F697537362E4} 02.03.2012 07:14 <DIR> {8ADBD2C1-BED7-4CCE-BC5A-0B3B850A9E68} 14.09.2012 08:03 <DIR> {8B1EA341-BD21-4C0D-9F56-A81F2864C93D} 23.02.2013 08:13 <DIR> {8B9B3822-45F1-4F95-97E0-74722BC37008} 24.12.2012 19:07 <DIR> {8BFDAC9D-F0EC-48E6-8308-42508FCA98A1} 18.02.2013 18:38 <DIR> {8C168A50-E24C-4A5A-B664-FAFDC3C8E924} 12.11.2013 20:32 <DIR> {8C3C9B20-6838-4BDC-A441-BB6D35C7550C} 25.06.2012 05:07 <DIR> {8C8779B7-E70B-470E-B02C-E311538A72D7} 27.02.2012 13:34 <DIR> {8CA2F0F1-53DB-4353-8A41-BF1076FDF10D} 18.03.2013 07:27 <DIR> {8CC409E9-1FD2-4362-A891-19935C50ADD6} 30.05.2012 17:42 <DIR> {8D366742-27EB-4963-BF58-96BC5C7E15A8} 03.09.2013 06:17 <DIR> {8D49AD90-4D58-449C-89C2-5D5A4659ECFD} 03.08.2013 17:29 <DIR> {8D52E188-AB43-40ED-80A7-3362E0585C26} 23.06.2012 20:28 <DIR> {8D5748A4-655A-43FA-90F3-BA6D919238A8} 11.05.2012 05:36 <DIR> {8D59B2AC-8E33-4B42-B109-1C385DDCB8B2} 29.04.2012 11:12 <DIR> {8D6061B8-F156-4CFF-BF26-FCB34466F925} 23.06.2013 07:55 <DIR> {8E3B38CC-4660-45CB-946F-B76556C9EF46} 07.01.2013 07:29 <DIR> {8E55D082-5007-4AF8-969E-3E6D5B193DDE} 16.07.2012 17:39 <DIR> {8E9EDDB0-0C55-449B-839D-B39A4501B4CA} 26.04.2012 05:23 <DIR> {8EC7704F-A99E-425A-A796-58DD9C3433E5} 19.04.2012 20:29 <DIR> {8EFEEE02-B692-40CB-8AEC-7593B6E28EC3} 03.04.2012 05:06 <DIR> {8F1A2428-6B07-4690-A2EC-D3262CDA8FE2} 08.10.2013 13:05 <DIR> {8F4F68DE-A957-423A-93C2-3B9A78EAD657} 03.05.2013 06:22 <DIR> {8F6B0FA1-12AE-4FC9-A01E-1FCD5FAE4D9D} 22.06.2012 12:32 <DIR> {8F7A68D0-1968-4F6C-BC6E-1BB8368D2B88} 09.03.2013 09:01 <DIR> {8F9374A8-525E-42C7-B76F-746ACC1FF769} 28.02.2012 21:26 <DIR> {8FF44351-C77C-438B-BD97-7BAF86EB276B} 19.04.2012 09:12 <DIR> {9066C07E-6CFC-444A-8A59-980DE411A8AA} 19.03.2012 19:58 <DIR> {9081A97F-056C-4801-9BC3-20CE7AAE50B3} 24.05.2013 10:07 <DIR> {90855546-4871-473D-A0C5-94C17BF20E36} 02.05.2012 19:23 <DIR> {909936BE-EE3E-494D-9956-935866C84AB0} 28.05.2012 20:05 <DIR> {90CF9E1F-142D-4EC4-B7CD-4217D3C3AD7D} 20.03.2012 08:48 <DIR> {90F09FA3-5467-4BDA-82FF-CB63F7E45BB5} 25.02.2012 05:39 <DIR> {91021DBF-80E3-4EF3-A1C2-906771E067F4} 24.10.2013 08:04 <DIR> {911B80BA-C940-4B92-889F-D4C5E3CE61C3} 23.06.2012 07:20 <DIR> {9147788C-9B3D-44F5-A8ED-07D4579CAA90} 12.03.2013 16:14 <DIR> {91759471-932A-4EB6-9518-05AD41703B41} 09.08.2012 09:02 <DIR> {91859221-56BA-4370-B5B4-E1BC91B3C52D} 07.09.2012 09:13 <DIR> {91A4176C-71FA-48E3-AA8A-5CE84C5BB575} 04.07.2012 12:41 <DIR> {91BDB44E-1B1C-4F54-91D0-6F650FD3742C} 24.05.2012 16:51 <DIR> {91CD39C2-A1DB-41C3-B025-8E2C40CB2F58} 11.06.2013 06:19 <DIR> {91D94EA2-05D1-4F7B-9E6F-D9ECA2060FA8} 06.11.2012 19:36 <DIR> {91F7E0BF-A553-4CD4-8C35-38F89B96A619} 16.07.2012 04:57 <DIR> {91FC6DB2-9827-4DA5-BAD3-D9181411E303} 18.05.2012 20:15 <DIR> {921E3514-2C11-44A4-9667-01924263C21E} 16.03.2013 10:08 <DIR> {92A447F8-8881-43EE-9512-585C9CDA6B11} 02.10.2012 07:18 <DIR> {92B6554C-7AB9-476E-B098-00D5585A72F7} 06.08.2013 02:40 <DIR> {935B8071-5783-484E-A326-DB7E16F4C701} 20.03.2012 08:48 <DIR> {936FE1A3-654E-4EE3-90B2-6B1057B7A8EF} 06.10.2013 01:07 <DIR> {93957C3F-0C25-4C88-B988-05FBB892D924} 20.09.2013 02:03 <DIR> {93A73910-813A-49E0-9DF6-0433F856DDC6} 20.12.2012 07:26 <DIR> {94825BEF-3DA5-4059-88B5-EEDA2E5806C1} 19.04.2012 05:06 <DIR> {94A99DF0-5F2E-4D37-8602-CEA1BAFEBB98} 25.06.2012 05:07 <DIR> {94B6BEBC-3E99-4B5C-B4F9-7484FD77433F} 20.05.2012 05:18 <DIR> {94DCC2B7-8B5D-4A69-A20D-8F81299AC4F4} 31.05.2012 09:24 <DIR> {950F7409-CEA5-4252-8CF4-B9D5484F54DB} 23.05.2013 06:26 <DIR> {952CFD0C-9500-4603-B87C-E55ACC98D5C2} 29.06.2012 16:10 <DIR> {952D9FBE-01BD-4727-86E0-FFA90A5C212D} 17.07.2012 09:33 <DIR> {9553F53E-E486-46A8-9D49-42A4A4410EB8} 31.10.2013 08:55 <DIR> {958A8BDF-8A65-49C4-9D74-6B205382CE6B} 09.11.2013 03:56 <DIR> {95B2266A-5D9A-42D9-9CF7-B2B5C82A08D5} 09.07.2012 05:06 <DIR> {95BA2915-2D0B-4439-B2AA-8049EF87291F} 08.01.2013 21:08 <DIR> {95C8FC7F-8495-4F96-AD2F-9A0A5870F9E6} 03.03.2013 21:31 <DIR> {96131794-DA5D-4521-9A7E-2D606E21FBB3} 06.06.2013 06:03 <DIR> {962BB619-1BCC-4382-A5E4-E329B2B4FACE} 18.12.2012 08:09 <DIR> {963ECDBA-1284-45FB-B0E4-B151A2DEF1AF} 21.04.2012 17:18 <DIR> {96964C6D-CDB8-498F-AC84-85183DFCBA2B} 07.10.2012 04:51 <DIR> {96A8BF7B-DC07-4884-A5B0-012EF0574CD9} 09.05.2012 05:09 <DIR> {977D7065-E886-4995-BF25-556BE214B03D} 19.06.2012 11:05 <DIR> {9783B27D-E03D-4360-9EC8-7A82BE539803} 14.06.2012 12:29 <DIR> {978F315A-9EE9-4A58-BCE7-9F8F4CE5B4AE} 27.06.2012 19:21 <DIR> {97BCE9F9-8A83-4F73-B517-F1C64D8B54F2} 26.12.2012 08:31 <DIR> {982E7E4D-AA59-4F49-9C57-06539A09FF6A} 17.02.2013 09:28 <DIR> {982F0A82-8E83-47A9-84F9-3D5D52F9D219} 28.09.2013 16:48 <DIR> {98A85031-2173-4342-8035-0FDB5038DE87} 16.06.2013 08:00 <DIR> {98B46117-1DEC-4621-9989-35E5F2CB3F18} 18.08.2013 12:18 <DIR> {98B7961A-3D69-4939-9E63-0BBF96033484} 20.10.2013 08:23 <DIR> {98FAC5AB-B185-49EE-994F-64D45F1E5829} 23.10.2013 06:08 <DIR> {990C7BB8-530E-42A4-972E-4F2DE640626C} 14.08.2012 05:07 <DIR> {991C7045-6465-4593-86ED-1EED62F2E003} 23.08.2012 07:21 <DIR> {992939CA-B342-4FFA-9245-0DEE47CD4A54} 04.06.2012 14:00 <DIR> {992D0F76-7FC7-4FBE-ACB1-BDC466509C08} 03.10.2012 19:34 <DIR> {99721697-7A7F-4D40-A155-1AF2B4DBE064} 15.02.2013 08:35 <DIR> {99A9BFBF-9A98-42B1-BED9-4665CBC2439F} 21.01.2013 08:26 <DIR> {99AB6493-B0E3-4243-9C49-573CFF7D5BDD} 28.07.2013 06:54 <DIR> {99F51E58-784D-4E9C-BD24-6A75DD317CBD} 04.02.2013 20:28 <DIR> {9A1133CF-2B41-4E1A-8E21-ECEC413BE5A2} 23.03.2012 08:35 <DIR> {9A142F1D-D066-4B02-91CA-96F35D5B2CD2} 05.09.2012 08:33 <DIR> {9A5645B8-5558-4F49-A36A-DFA565EFB423} 17.10.2013 06:16 <DIR> {9AB68C72-7EE1-489C-8562-A049A9C6680F} 17.10.2012 18:37 <DIR> {9B768336-1D27-4ECF-9DC7-F9F46D65CFBD} 20.04.2013 19:54 <DIR> {9C6152C3-5460-4FF4-A4FA-6DA850E93AB8} 14.03.2012 05:33 <DIR> {9C800A02-A9CD-4DA7-BED2-E3E7095FE30E} 26.02.2013 20:55 <DIR> {9C9AEC57-A12B-48A5-A51A-E78633025303} 05.08.2012 00:00 <DIR> {9CDB88BA-A415-4412-B9C5-1EBAB4164474} 23.02.2012 21:05 <DIR> {9D3479EA-71C4-4BE0-8060-632E6737D8A4} 16.08.2013 06:54 <DIR> {9D584A2B-EF00-4AD5-825F-D3BD24D2220B} 09.02.2012 06:26 <DIR> {9D91991F-ACC6-4298-BBB0-7504FC67736F} 22.04.2013 18:01 <DIR> {9D9D8AAF-980A-4E11-8E1C-33D392004E32} 26.03.2012 12:44 <DIR> {9D9DEA2B-4DFD-4BF2-8E7F-86DEBF4F0666} 13.08.2013 18:05 <DIR> {9DBFBA6A-1DE3-47E6-BD1D-1A58E07D4BF3} 06.12.2012 05:47 <DIR> {9DC2BA86-F146-40A4-80B1-A0F493499B68} 20.02.2012 14:42 <DIR> {9E46B3AB-A3D0-4473-8575-768AA8215A3C} 06.06.2012 05:22 <DIR> {9E6A21F6-376A-4854-AA44-1B5EA7E3206D} 07.08.2012 17:15 <DIR> {9F09A891-D1A6-4C65-93DF-95AE01EF172F} 29.04.2012 08:39 <DIR> {9F88E3F2-BD0E-4553-86D6-BD79BD814055} 15.08.2012 05:06 <DIR> {9FA307DB-2DBB-4909-B4A6-458605880F70} 09.05.2012 05:09 <DIR> {9FA53D1E-0596-4CFB-972D-F94751061354} 26.08.2013 16:55 <DIR> {9FD54D03-6321-4E8B-AE99-A651EE58C1E3} 04.07.2012 22:34 <DIR> {9FF93B04-ADC2-475C-A489-7DCC2ACA7DA3} 12.05.2013 19:15 <DIR> {A04CFAD4-AA55-433D-A6FD-160B0C14892A} 10.01.2013 19:44 <DIR> {A0682DF6-152E-4843-B715-FBB3EE6D3D81} 15.06.2013 01:17 <DIR> {A08581E1-3D25-49F1-AF1C-A50FE44FD14A} 24.04.2012 05:57 <DIR> {A0A0E329-582A-4F2C-A1F9-91D6859EF7F6} 04.06.2012 14:00 <DIR> {A0ACA8D5-0F34-425D-AC2D-5C7BB318EE4C} 14.03.2013 07:26 <DIR> {A0C0FE72-6156-4E54-9035-44C2996F43E3} 24.03.2012 16:39 <DIR> {A0FB4901-8C82-44C5-9A1C-FDBB60AC60D6} 03.05.2012 11:56 <DIR> {A0FDED46-530D-4FAE-AC01-D390DAB14815} 06.03.2013 08:21 <DIR> {A120F615-D4B3-46A7-BA97-4493C4BE8E43} 23.01.2013 08:21 <DIR> {A1A29A5C-F37F-48F9-A188-2274665138E7} 08.03.2012 07:17 <DIR> {A1B652BB-B399-43C8-8D8F-96C87417972F} 07.03.2013 09:13 <DIR> {A1CF9212-EC7D-40C9-9F9F-CB97AAF82030} 01.01.2013 11:10 <DIR> {A1DC9227-CBD6-49F9-A995-30F0A1766F24} 21.09.2012 03:59 <DIR> {A1E4205A-E0F4-4D27-9841-FA2049E4BA7B} 20.08.2013 16:55 <DIR> {A20F147E-7047-409D-B888-AE63D6632B80} 09.03.2012 22:36 <DIR> {A22D3B51-5F26-4274-8A88-F375521A8149} 15.10.2012 23:28 <DIR> {A2859051-E944-404E-B3DD-5A6CFF056688} 27.11.2012 07:25 <DIR> {A2EAE6A7-B4BA-402D-8B89-032DA631F2D9} 28.12.2012 16:37 <DIR> {A32657FB-B04D-40AB-BBB7-3B837B6A5B6B} 30.10.2013 20:25 <DIR> {A366A1C4-BF48-4E9A-AD64-52C553D26DA9} 24.09.2013 19:43 <DIR> {A39BD5EF-5DE1-4D4C-B788-64E018FBEB61} 26.04.2012 12:27 <DIR> {A40EA21B-8F1E-4981-AB78-8B6E01D78506} 05.02.2013 10:24 <DIR> {A41DF9F5-2721-467B-AFDF-4245DF3BA000} 01.07.2013 06:02 <DIR> {A4B700BA-2E6C-4CDF-92B4-7545F2866699} 21.11.2012 08:10 <DIR> {A4FCBD25-8CF7-4106-9089-E4E41A1A7C46} 09.08.2012 09:02 <DIR> {A54CF6EE-7D60-454E-83C2-38E65A0B7DA8} 07.05.2012 05:34 <DIR> {A551F121-427E-4367-B563-6307FD9B9627} 27.11.2013 20:16 <DIR> {A57863EE-1891-456E-983D-069E6D060F66} 18.02.2012 09:15 <DIR> {A57FEF0B-110B-4C7D-B349-EB874B547A8D} 19.12.2012 13:18 <DIR> {A58037C5-07B8-494D-B3EE-CB6654A1347D} 02.05.2012 11:13 <DIR> {A5ECF0C4-70F3-458F-AF86-BB2F6FF0D082} 19.03.2013 13:27 <DIR> {A6A5ADD7-E243-4999-A004-F8B886F44EC2} 20.10.2013 20:47 <DIR> {A6D8F89B-55DE-4C8E-A50D-DD19735E479E} 24.10.2013 08:14 <DIR> {A7288CBC-3ABD-4596-94A7-F8E0158299A9} 07.02.2013 06:18 <DIR> {A75DCF39-FE35-4D46-ACDA-F0D251BB16E0} 25.01.2013 20:23 <DIR> {A77E502B-3949-4EC1-94F3-0A492D33B853} 24.11.2012 21:08 <DIR> {A7C148BC-F246-40F9-98C2-D47F008E0C24} 20.02.2012 14:42 <DIR> {A7FF0AEC-4122-4227-9FBF-D5FD15F020FF} 05.07.2012 13:35 <DIR> {A80DABB4-BE0F-4D7C-96FB-1DFB1289C08F} 01.03.2012 07:18 <DIR> {A8476507-196A-479E-A936-0B50F274E063} 21.03.2012 04:39 <DIR> {A859F1E1-EFDF-4194-8921-33DF689AE2A8} 17.03.2012 19:46 <DIR> {A8818461-6124-4F8C-9D71-F90F9A6ABB47} 12.03.2012 20:34 <DIR> {A8B1AE99-4646-4EF7-923B-1F6DC228B958} 22.10.2013 04:34 <DIR> {A8BD5399-A4D3-4D32-A768-EFC13449CAFF} 06.04.2012 12:48 <DIR> {A9233947-6983-45EC-82A1-23AF8C05FFBE} 13.06.2012 20:01 <DIR> {A9786A7B-DFB8-49BD-81BE-F90B9848551D} 24.05.2013 16:15 <DIR> {A9B4EC65-1D53-46E2-B872-EA3C4601152D} 30.10.2012 13:57 <DIR> {AA2F53AC-C557-4733-9408-D97A6B2E7E4C} 26.10.2013 06:09 <DIR> {AA746728-3BB7-4297-9082-BE06B4D08198} 13.04.2012 09:40 <DIR> {AA77C2AA-3202-4D34-AA04-10ACCDF6DB03} 10.07.2012 19:07 <DIR> {AA7A7232-C2E4-4B54-BEC1-8C969D0C3875} 28.08.2013 20:12 <DIR> {AA88E5C0-C7D6-4B3C-9CFD-13A39AAC1FF2} 12.05.2012 11:46 <DIR> {AAB88B6D-AC5C-4D05-88E8-C76761756C2E} 23.10.2013 19:15 <DIR> {AB4DE2AD-F924-4246-84BE-B43E9A09B654} 15.10.2012 08:17 <DIR> {ABC0372C-57D4-44B6-9997-15D211162F56} 18.12.2012 23:07 <DIR> {ABCCA976-6DEA-4F95-A34D-067776B0079D} 09.02.2012 06:26 <DIR> {ABD66E2E-8949-4DE1-BE68-CFAA20BA5245} 16.01.2013 18:41 <DIR> {AC5DC05B-7BE3-42C1-997C-4FC01796390F} 12.10.2012 22:05 <DIR> {AC81868F-6B5C-4DD3-A35E-3CDC738FD987} 26.06.2012 11:25 <DIR> {ACBD242D-D26D-40A0-A396-6335B488F245} 13.05.2012 18:52 <DIR> {ACC82C58-BF42-4491-B902-23D4EA847F46} 16.09.2012 18:20 <DIR> {ACD4FC9F-E416-4DE5-B882-78334EDBA66B} 29.04.2012 11:14 <DIR> {AD41363B-0EBA-417E-969E-41F2F41C74BA} 05.09.2013 18:04 <DIR> {AD5922FA-316C-4152-8686-104F5DD7CE7B} 18.09.2012 04:58 <DIR> {AD7B6971-2765-4572-9408-93AE9EBB0643} 16.02.2013 06:58 <DIR> {ADAD6F6C-BC11-488A-85C2-CCB2A34599C1} 12.05.2013 04:46 <DIR> {ADB255F9-C889-4DEB-B772-6A50FE0FE68D} 28.05.2012 20:06 <DIR> {AE0A1290-6AE0-4B4F-A025-EFEC7CA27DBC} 13.03.2012 14:41 <DIR> {AE216EB4-6173-45FE-869B-7EDA32972DF9} 26.09.2012 11:57 <DIR> {AE2E85D3-8773-43BB-989F-0D2D595CD4F9} 17.03.2013 17:10 <DIR> {AE8AB222-25F1-4E0A-B10B-D2D7BC53FB4E} 20.03.2013 06:47 <DIR> {AE8EA0BF-CB5A-4495-9DF1-DC0CF1ACE165} 18.05.2012 06:07 <DIR> {AE8F0398-7988-40C7-A72D-0642D71A7366} 10.08.2012 05:07 <DIR> {AE9E6C05-8CD5-475B-88F8-0E1D8EBED4ED} 30.01.2013 13:55 <DIR> {AEC767B9-AAF9-453A-A3B2-DAA1747385DE} 07.12.2012 12:07 <DIR> {AF09F085-BE7D-4192-8A9C-C4B1B6F7DE2D} 05.08.2012 14:52 <DIR> {AF8E3918-0A1F-4CBF-BB5B-8DA23110C58F} 02.01.2013 18:52 <DIR> {AF8FB281-7EFF-4DD4-9678-B9E095043A0D} 22.11.2013 05:49 <DIR> {AFF5A888-F09A-4CB0-A18D-7E016D869954} 18.04.2012 06:08 <DIR> {B0372699-1875-4032-89EE-F595BFBA23E3} 17.02.2012 21:14 <DIR> {B0419BCA-EC0D-4B2E-B7F1-B4F493840C98} 13.08.2013 05:24 <DIR> {B06189EB-0282-4045-88DB-F125FBDF1FE7} 27.04.2012 05:06 <DIR> {B079AED1-D934-4F30-89E3-F35C153025C3} 22.12.2012 14:38 <DIR> {B0B9F15F-05AF-44A7-8F19-7B74AD1DAEDC} 28.04.2013 10:04 <DIR> {B0C5F2A3-6EC7-463D-8661-BB0CFA3A2ED3} 26.11.2013 19:24 <DIR> {B0D1ECFF-E6ED-4FF6-8B8C-B6D1C7C426AD} 24.11.2012 07:13 <DIR> {B0F798DE-F026-4200-8DE5-0546C2C8059D} 20.04.2012 05:06 <DIR> {B1174DF4-838F-4FCD-9BB2-0C197CD54FDE} 27.08.2013 19:16 <DIR> {B18080E7-74B5-4DBF-AB9F-4A21C006380E} 02.11.2013 20:55 <DIR> {B191E054-0E84-437F-A1ED-463EA44E0095} 06.07.2012 05:08 <DIR> {B1941D68-D788-485B-891B-0AE0C5EE39CD} 22.01.2013 11:54 <DIR> {B1F44F8C-B6F3-4FD1-960D-885A353FA35C} 25.09.2012 05:33 <DIR> {B22480A2-1BB1-47E3-AD5B-73A9EBDBFB14} 08.11.2013 11:43 <DIR> {B283D118-FD20-4DF2-8ED9-CD58274B0E16} 11.06.2012 19:39 <DIR> {B287C47E-92A7-4E4C-B69B-C3AEA9200E56} 05.07.2013 06:01 <DIR> {B2A8589B-866D-4302-80DB-F62490909D3C} 18.01.2013 20:48 <DIR> {B2BBEA28-CCEE-44F2-9D99-CA070A40180E} 22.05.2012 02:39 <DIR> {B3A33D36-4A9B-493D-BDA9-59BA54B85FF1} 10.08.2013 06:19 <DIR> {B3AF4AB9-5C7D-4100-B71B-DACE573DB803} 19.08.2013 12:51 <DIR> {B3BA7C1D-6E73-4360-AFD6-1AF512B276D9} 28.09.2012 12:46 <DIR> {B402850F-B7CD-4747-900D-546856248D82} 28.05.2012 07:35 <DIR> {B4211EF3-6BD4-4D3E-8612-358C284207A1} 15.09.2012 01:55 <DIR> {B49157BE-D28B-41EA-ABD8-DD918D8A19B2} 14.11.2012 07:02 <DIR> {B4AD3C8C-BFF0-4C39-A6AD-49DEBC684DDE} 08.08.2012 18:36 <DIR> {B4B9E2CC-C29A-413D-ADAA-E29370175D42} 28.03.2013 15:42 <DIR> {B4DE8212-B5A8-4B7D-AB02-8EF57FC3BA92} 10.08.2012 17:18 <DIR> {B4F6AB52-35F3-4252-AAFC-B8D22400A6AA} 22.03.2013 08:07 <DIR> {B4FBC0ED-BC9A-4411-A0F8-1809BFB66FF5} 11.03.2013 07:48 <DIR> {B511FEE9-4FC4-4E0E-AD89-23DAF2631D25} 29.05.2013 07:00 <DIR> {B5193055-753E-483C-9B53-EA02BBB8AB4A} 03.12.2012 18:21 <DIR> {B52E1E3C-9FAF-449D-82BD-5B0B84845DA3} 23.04.2012 05:05 <DIR> {B580A8D9-FE95-44D2-B558-89B70638DBA0} 02.05.2013 12:21 <DIR> {B5A834E6-8A01-4BEA-B914-C4689EC3C055} 25.04.2012 13:42 <DIR> {B6294EB1-4D7E-4648-8972-577621D8EF03} 30.05.2012 05:12 <DIR> {B68F7A31-E85A-4900-AC49-B7A75707D399} 30.11.2012 04:16 <DIR> {B6EA667E-5EB3-417E-960F-A56DE33FE17F} 18.06.2013 06:02 <DIR> {B73DAC7A-84F2-4A11-B105-AF0FF2D121B0} 28.05.2013 18:17 <DIR> {B7474827-F4B5-4DC1-9974-770E2F4DDF0B} 13.07.2012 12:38 <DIR> {B76C4B70-6BA8-4BA6-B406-B4FA19243CC9} 07.05.2012 05:34 <DIR> {B77A7A7D-02CC-4DCD-8170-F72377849224} 19.08.2012 04:59 <DIR> {B794D9F4-7EC8-48C9-8602-786551BB2B04} 15.03.2012 19:16 <DIR> {B7D7907B-85F9-4C4B-BB9D-AB481CC5C029} 02.03.2013 22:57 <DIR> {B91D84D3-0D4F-45CA-BC96-5DE0A23677E1} 15.12.2012 07:27 <DIR> {B92FDBD2-624C-47C5-A615-5C74F6733384} 06.05.2012 10:30 <DIR> {B9312A20-3FDC-4EA6-A429-682F88564189} 17.04.2012 12:58 <DIR> {B9BED59F-6557-4054-ABE9-6AA0B335B6E1} 13.09.2013 05:17 <DIR> {B9D0D7E7-6F1B-49DE-BC5F-2BFB9D994EE1} 07.05.2012 19:04 <DIR> {BA2CE65D-825A-4D55-A671-4DE451F12C71} 11.02.2012 18:58 <DIR> {BA407EDE-4ECD-4000-83E5-BEABB3A47536} 21.05.2013 18:51 <DIR> {BA45769B-433D-4CA5-8D0C-005A4F0AB779} 29.12.2012 20:32 <DIR> {BA8D4B3A-BC63-4894-BBEE-467B6BC5D80F} 09.07.2012 05:06 <DIR> {BABF887F-C5C8-4A2C-B382-50A23ABD0C28} 03.12.2012 06:20 <DIR> {BACED136-34DC-4BD0-BD3E-4B5630972F2E} 11.04.2013 06:28 <DIR> {BB03C2CF-3F02-4353-8A3E-129C5176F028} 14.10.2013 20:35 <DIR> {BB4E3EFF-8728-45D7-8E47-6747907D7979} 07.04.2013 10:09 <DIR> {BB90A368-B6C7-435F-BD1D-B3B0E3906308} 20.04.2012 21:26 <DIR> {BB98AA9E-24E6-4E7E-906B-C246B8056C64} 10.08.2013 20:21 <DIR> {BB99A914-CA87-484E-9835-4848974B04ED} 03.09.2012 07:53 <DIR> {BBAA1E71-92EE-4055-AC18-A704DB62E2C4} 30.03.2013 09:48 <DIR> {BC113D6C-0EA2-4235-9E08-1C50BFD85B86} 18.03.2013 20:11 <DIR> {BC1ECF18-89A1-49E6-A99F-A336F6431317} 16.07.2012 20:41 <DIR> {BC90A204-26E2-48E6-BEE2-ADAE45983D3F} 04.11.2012 06:29 <DIR> {BCA2A64D-C731-4A00-9B67-FBD1B68CF9C2} 02.07.2012 12:48 <DIR> {BD1D9C94-6C7B-4A44-A74C-B2752E0FED2B} 03.07.2012 05:02 <DIR> {BD24991D-C882-4651-8D43-41E1A156F3BF} 06.09.2013 20:22 <DIR> {BD37A452-CB0A-4F31-B2BC-6BD9458B4CB1} 22.09.2012 06:05 <DIR> {BD6E6828-93E4-45A4-81A5-42AD0375F341} 03.05.2012 11:56 <DIR> {BD8127D4-B99B-4617-BB04-FF2276018D39} 05.09.2013 05:31 <DIR> {BDD5F93E-FDCF-4E7A-A3DC-D4F0E3560B75} 01.01.2013 11:07 <DIR> {BDDC7BBE-B8B3-4D0F-A38E-CDD514FD168A} 30.04.2013 13:00 <DIR> {BDF7BBE3-E38D-487C-BC00-DED78351DE2C} 05.11.2012 14:00 <DIR> {BE175A24-3A0E-4BFE-A1D7-E9EB5A62ECE8} 08.08.2012 18:36 <DIR> {BE264B2D-D724-4912-83E3-87BB9FCBBD30} 30.05.2013 08:25 <DIR> {BE5E8A70-E188-4169-AA16-D627FDD9A9A8} 26.06.2012 13:06 <DIR> {BE711FE6-B581-4FE7-84EE-C0E445E89CD8} 23.06.2013 19:56 <DIR> {BE9DCB1B-9FA6-4A9F-BDB8-8E8C5E3877A8} 22.04.2012 18:21 <DIR> {BF026668-0594-47AC-94CF-D936437FC02A} 18.01.2013 07:36 <DIR> {BF39F883-92DE-48E6-BF62-B0805A6548D0} 04.08.2012 06:33 <DIR> {BF3FBC1D-8283-4D80-AD37-3683B64B4C47} 16.05.2012 06:11 <DIR> {BF7662C8-A24C-4EDA-9EE9-FAA9911634BE} 10.06.2012 18:49 <DIR> {BFAEB07D-7A11-4ACC-9A00-0D7C7D6A5F24} 27.05.2012 19:34 <DIR> {BFCFCE4E-96CD-42D2-8D60-447D2037AD04} 19.10.2012 08:38 <DIR> {BFDA933A-9350-46B3-BFAE-0D4C6C49D13A} 10.09.2012 08:07 <DIR> {BFF5264A-71DE-4C4A-BC7F-C887DC4AA57F} 11.07.2012 12:49 <DIR> {C0C9083B-B870-4304-809D-E2BAEC59D563} 27.03.2013 20:26 <DIR> {C0E24250-2B2E-43EE-996A-8CED6B03E6DE} 15.05.2012 17:14 <DIR> {C0F5E243-66BD-46E8-9B19-C30A2F8A6730} 12.04.2013 09:36 <DIR> {C1C9666F-1F0C-4517-BE36-974D25B35461} 23.09.2012 05:56 <DIR> {C1FE8DE2-7D6A-4E86-BEF9-1B3965ACF3CD} 07.07.2012 17:54 <DIR> {C2045AB7-2F21-4ECA-A35C-1228042387FF} 01.06.2013 20:46 <DIR> {C270C08E-B34D-4220-BF77-C600CC9A18C2} 21.10.2012 19:50 <DIR> {C2AC4C3C-50F8-405A-ABEE-92551DE168DB} 23.04.2012 13:50 <DIR> {C2FFF347-DA0E-4A11-87B4-3E09442AB4C7} 01.07.2012 20:00 <DIR> {C317208A-1702-4D02-99EF-6821F7BFD077} 11.05.2012 05:35 <DIR> {C369A504-F998-4C6D-A8B7-EAB17F8EF757} 18.03.2012 09:09 <DIR> {C36E261F-F8B0-4133-A87F-939062073650} 29.12.2012 06:09 <DIR> {C3D1EE54-1811-4999-908E-2E157E01B713} 13.06.2012 05:20 <DIR> {C3EF3FD3-C4F5-433B-A3D7-BE76F903E35C} 31.01.2013 05:11 <DIR> {C405F3D9-1B89-44A0-ABD3-C229C8F01B16} 16.02.2012 06:10 <DIR> {C428761D-BA65-436C-8A31-F90BE7F37ED7} 23.03.2012 08:36 <DIR> {C46A08CF-F2D4-4864-96D1-8AB64CBA4F7D} 26.12.2012 01:26 <DIR> {C4A97BD5-1C61-4506-BC58-243B026596F9} 30.04.2012 05:08 <DIR> {C4B08EEE-FA17-42E1-B872-4D5E3A11D24E} 07.06.2013 08:07 <DIR> {C58707DC-9D33-4CFB-AA14-68F296A6EA82} 13.02.2013 05:18 <DIR> {C5A64EC5-1FA9-489D-9410-0028CD6F373B} 13.08.2012 05:07 <DIR> {C5A7D551-58BB-4CAB-8D86-C83BF8679917} 03.07.2012 17:36 <DIR> {C5A9DE16-D490-45BB-BA35-1DCD94EFE8C2} 20.08.2012 13:04 <DIR> {C5D8B184-A508-4A7F-A2DD-35A4DF9636E1} 26.05.2012 09:44 <DIR> {C614675B-C54B-43F1-BD16-789C3D93C855} 24.03.2013 06:55 <DIR> {C6351A86-5737-4817-A09A-F8D74A5092AE} 22.05.2012 02:39 <DIR> {C63841E5-D6F8-4C3C-B969-B50CFCB14457} 01.05.2013 17:40 <DIR> {C6453F63-237E-4784-B484-E625C1E37385} 21.11.2013 13:26 <DIR> {C669B471-471E-48AA-AD7D-93BFE15C5D5F} 25.01.2013 05:51 <DIR> {C6743065-1F4F-495D-A382-FE30D69E5831} 23.05.2012 06:14 <DIR> {C6780832-8140-4293-8C9A-23AF621F1184} 12.08.2012 06:28 <DIR> {C6B9AE2C-EFEC-4733-B6F4-88555C40C8B2} 26.03.2012 12:44 <DIR> {C7097E7E-8263-452F-9A05-FD0A056E59C0} 14.05.2012 06:53 <DIR> {C709EBE4-BDD8-4527-A4F4-4607586CBF27} 17.07.2012 09:32 <DIR> {C729984C-A0C8-4E9A-BC21-FF1C49133BA8} 25.12.2012 08:19 <DIR> {C77CD7D2-5664-4578-92BA-161F1D2A64D0} 27.05.2012 06:09 <DIR> {C78F5E78-E2E0-4CDC-908F-5FE64FBEE8DE} 16.02.2012 19:36 <DIR> {C7ED6BCD-6657-44BD-A87C-8520DABF7D8D} 23.11.2013 09:20 <DIR> {C80C88B4-83E9-46D3-844F-20EE1419611C} 15.08.2013 18:53 <DIR> {C85B8906-4071-4A85-82AA-262A873F44D2} 09.12.2012 12:55 <DIR> {C8918093-095D-432F-995D-CEC768DCCD1E} 17.01.2013 19:35 <DIR> {C8AA0637-08A8-426B-A46C-85C5055327A5} 30.09.2013 20:23 <DIR> {C8C86BD3-5B07-4D87-96BD-C67844322DF0} 03.10.2013 22:10 <DIR> {C908D04B-96AE-4B49-8002-F14B8B825C28} 21.06.2013 11:40 <DIR> {C9096DFA-AA73-4135-AED5-0AF95AA97FB4} 13.04.2013 17:57 <DIR> {C97BF2E3-9969-48F4-AC41-52D50BFE12B0} 26.03.2013 19:41 <DIR> {C995FBE8-74D4-41DC-911C-D261C350F929} 27.09.2013 08:00 <DIR> {C99B6897-6CDC-4272-A733-A1CC712ABED6} 10.10.2012 04:40 <DIR> {C9AF62E2-BCC5-433F-ABC7-DFBEB2957E5D} 13.06.2013 17:58 <DIR> {C9B87C0C-BAF7-4733-9848-6F98231D8E2C} 31.12.2012 06:28 <DIR> {C9C08444-FB3B-4944-9C5C-829D45D65415} 01.03.2013 20:59 <DIR> {CA3CAF59-C2FE-48BB-AF12-8A00D68EEE23} 07.03.2012 05:19 <DIR> {CA8E795B-B095-416D-B516-A607AA926535} 08.02.2012 07:35 <DIR> {CA9BE16A-D1AB-4CEF-80AD-A993278B3E70} 16.11.2012 02:33 <DIR> {CAB25399-22BE-4608-9C7E-E3B697F8C1A4} 06.09.2012 06:24 <DIR> {CAB8EB2A-9186-44A2-9E53-492647F5599A} 24.05.2013 07:43 <DIR> {CAF526C2-44F6-489D-9ADE-938CFFCEB039} 20.02.2013 08:07 <DIR> {CB30B75C-BE7D-41D4-8C7C-BC9F8F1E849F} 19.03.2012 19:58 <DIR> {CB3CF2B9-E2B1-4A8A-A640-4A795CC92443} 04.07.2013 09:52 <DIR> {CB733B7C-6C80-4862-855F-8ADDAA06D625} 06.11.2013 07:14 <DIR> {CBDE437B-21C7-432C-9A7B-3A5C6E84A054} 13.07.2012 12:38 <DIR> {CBEFEDB9-0AFB-44B8-9D50-088EC0A0F81E} 27.08.2013 18:42 <DIR> {CC1B79AA-A95F-4603-AC14-E7BA5BF46E10} 15.07.2012 09:44 <DIR> {CC1EB39E-CCAA-4645-AC95-3183A106DE4A} 07.07.2012 05:53 <DIR> {CC75F20C-CCED-4041-924F-4B10085882A8} 07.01.2013 20:59 <DIR> {CC9363D3-90A2-45B6-92FE-652D132BD819} 16.01.2013 19:34 <DIR> {CCA4D62B-024E-43B8-8C51-6A931FD555D5} 12.06.2012 08:08 <DIR> {CD4534EA-53B9-4A4A-B44A-ED48A79C2FD0} 08.08.2012 05:16 <DIR> {CD4B0848-5685-4F40-9935-02EABE47DD12} 28.11.2013 08:17 <DIR> {CD7AFBE6-59E3-4192-B8A4-77B379E5A9B5} 02.04.2013 18:47 <DIR> {CD8914B1-08FC-4E53-A7BE-B15A319F543B} 22.08.2012 04:24 <DIR> {CD8BD308-4071-49A7-B1BD-E7FD90CF98ED} 13.05.2012 18:52 <DIR> {CDB1098D-1510-4061-8BED-B1B22DF9A2ED} 04.06.2013 18:46 <DIR> {CDC56622-D7AF-4D98-8906-5D227C5957C7} 06.07.2013 19:23 <DIR> {CE0E63EA-CF41-48D8-BBD3-3AD1CD8C04AE} 14.10.2012 06:29 <DIR> {CE326849-85BA-4A89-BB1A-D56B4A134C47} 09.03.2012 22:36 <DIR> {CE510DCE-859F-4751-B849-AE5F622479F6} 08.10.2012 22:49 <DIR> {CE51DEBD-642E-49DF-BFDC-6AE9E33430CF} 12.03.2012 05:31 <DIR> {CE6C8C69-EDC9-492F-82B9-341FB1A944C1} 05.06.2012 05:12 <DIR> {CE7E765F-B89D-4769-81D7-2167CA136B29} 10.02.2012 09:00 <DIR> {CE873E05-7B33-483C-BBEC-780B27F7CAD2} 25.04.2012 19:40 <DIR> {CE89F292-1A8D-4322-8138-746FDD915CAF} 02.06.2012 09:57 <DIR> {CEA92EE4-D628-4AC7-A4E3-3F8FED2B51A3} 21.02.2012 19:22 <DIR> {CEC13644-DF96-406E-8872-D5F720D6DEA1} 10.02.2012 13:52 <DIR> {CEEAA9D4-4F08-456D-BF48-04D61A6ED4F1} 14.05.2013 07:06 <DIR> {CF1CD0C4-684D-4ED9-96DF-142BDEACF590} 04.05.2012 05:10 <DIR> {CF3279D6-5B08-444C-BC50-A3A25EFD728E} 23.11.2012 18:53 <DIR> {CF7DF754-30A5-442D-B3D5-88D52F7834C7} 27.07.2013 14:53 <DIR> {CF9CDCCE-2190-4012-B0A4-32B35CD51C97} 08.12.2012 22:10 <DIR> {CFAFC56B-8D4C-4220-A1D7-B3E76DF0C73A} 19.04.2012 05:06 <DIR> {CFCD3BDA-DEC9-4691-8392-CFD0F85FD3B8} 25.04.2012 19:40 <DIR> {D009249E-93FC-4047-8335-3D21EA229465} 07.06.2012 17:49 <DIR> {D02065D1-905C-4E16-9424-2DFA0BA237ED} 21.04.2012 09:10 <DIR> {D03F9217-42E4-47F6-A893-2462673CE2A0} 29.04.2012 11:12 <DIR> {D04FFD05-90D5-49CB-9B1A-B7F4C514EED3} 12.06.2012 08:43 <DIR> {D06463D9-D471-47D1-A55C-5E8799C3EFA1} 31.03.2012 07:56 <DIR> {D0889BAB-90FA-473E-B49A-2843867219E3} 03.09.2013 19:11 <DIR> {D0986E5F-153B-448F-8F06-72CB651584A8} 22.03.2012 20:05 <DIR> {D0E2DF4C-FC8D-4401-9381-C6234656FE30} 28.04.2012 06:45 <DIR> {D0E43309-EA2B-478E-8E79-15E726CEEE23} 28.05.2012 07:35 <DIR> {D1733CD4-BA92-4E5E-8931-226EA13F3C7B} 25.04.2012 13:51 <DIR> {D19285BA-2D25-4C5D-A409-EF55DEF6CE67} 20.09.2012 09:16 <DIR> {D1A82EA5-F2C5-4B88-B48A-7B1DCF7C6445} 15.02.2012 06:20 <DIR> {D1B44DBC-FFFA-49A0-BB29-5B2583E6434C} 18.04.2012 18:47 <DIR> {D1D71390-5DDB-4016-B5B9-59073DC65002} 27.06.2012 06:46 <DIR> {D1F1A94A-6956-4665-8A6D-05212700B59B} 09.05.2013 20:05 <DIR> {D21C70AD-1174-4183-BB33-91601A18C1C8} 20.02.2012 00:36 <DIR> {D2AAD7AD-9133-4835-996B-748E5BB92E1D} 27.10.2013 20:45 <DIR> {D2B94F98-21AD-4A8F-9B61-72EAFA3D0F02} 24.09.2013 07:20 <DIR> {D3127351-C15D-49C5-9BF8-46790FD4916D} 30.08.2013 05:06 <DIR> {D33DC486-0D8F-4E25-B1B3-18CBAFC906AB} 09.07.2013 04:26 <DIR> {D35A1D0D-890D-4914-8905-F8D4917F0E97} 30.04.2012 05:08 <DIR> {D35BCFF4-6B75-434D-8BD6-8AAC7E650CF4} 07.10.2012 19:16 <DIR> {D3C4FEEB-0BC0-41A4-AC3B-E93703794F57} 28.06.2012 08:30 <DIR> {D3C61D9D-620E-4ED0-912E-192A7D6605E2} 13.09.2012 17:18 <DIR> {D4009FAF-F7BB-4722-A300-0A399E11F58D} 30.10.2013 07:12 <DIR> {D41EF1A9-4B4F-4441-829C-1836C5FA5385} 05.05.2013 04:17 <DIR> {D4AAC0CB-A342-419B-AE93-4A812BE88DA5} 07.11.2012 23:20 <DIR> {D4E7CCE0-D1CA-47DA-A981-43FA759F2F96} 12.02.2012 09:40 <DIR> {D4FC3574-DF8E-42D2-9BB1-634F0C554FA8} 25.11.2013 07:22 <DIR> {D5018F94-B4C2-4127-A676-48525918606F} 12.11.2012 11:33 <DIR> {D5B87480-59C1-4CCB-8256-63C73220B086} 06.09.2013 19:00 <DIR> {D68CCF75-6FAF-4DD4-A40E-579F989046B7} 20.06.2012 13:14 <DIR> {D699CC8C-17A0-45A0-81BD-47325C0C9F73} 08.01.2013 09:00 <DIR> {D6C6464D-5E75-4FF1-BD62-77954EF1005E} 16.10.2013 03:52 <DIR> {D74A66BF-1F82-4A2F-9A82-9E13F8E04221} 16.10.2013 16:01 <DIR> {D759E13B-0637-4AC7-9F58-C72C9ADCEA7B} 26.05.2012 09:44 <DIR> {D7779F26-5D16-4F0A-B4EC-9DF2E260E926} 03.06.2013 12:09 <DIR> {D83F87D1-F519-4E16-9C82-778846E39C8A} 23.05.2012 20:05 <DIR> {D8E3E17F-47B6-4128-8EF0-5C6638335CA0} 11.06.2013 18:54 <DIR> {D920B16C-4811-4C51-8936-6E4E892A3674} 21.02.2012 19:21 <DIR> {D95472F5-0E7D-44E4-8243-016514531BCA} 18.02.2013 06:12 <DIR> {D97CC457-0218-4955-94D2-BEB821A87530} 18.04.2012 06:08 <DIR> {D9B23DFE-D65A-4ACF-A743-AC2E3ADB0B0D} 27.02.2012 13:33 <DIR> {DABD54BE-1BC9-4A3E-8188-14105269F69F} 07.03.2012 05:19 <DIR> {DAC2934E-3600-4475-A987-B1DE91F80207} 21.06.2012 19:18 <DIR> {DADE6F94-AD22-4D26-B8B7-6C560FE215D2} 14.06.2013 19:53 <DIR> {DB6D9124-B9EA-41CA-BF6A-73093D914F89} 19.09.2012 23:16 <DIR> {DBC4369F-FBB4-44AB-8927-0A0D7C52E0F7} 11.03.2012 08:48 <DIR> {DBC9CD6F-60EE-453D-B6E0-6E6AEDF76470} 25.06.2013 17:14 <DIR> {DC3DE102-E6BE-4519-8DDA-357116EB3EBF} 02.06.2012 09:57 <DIR> {DC54357D-A48C-4EF2-80F0-2A23DEBEC1D1} 10.08.2012 17:18 <DIR> {DCC1FFD8-E639-4B61-80FD-47D7974B7AA5} 01.09.2012 09:08 <DIR> {DCC402EA-9443-43CA-82FA-5984EB1A97C4} 03.05.2012 15:52 <DIR> {DCEA52C5-D0F7-4684-809E-921044689E6D} 09.06.2012 06:12 <DIR> {DD0E0EE8-0D8F-4415-8C72-4EA5D460CCCE} 22.06.2013 18:37 <DIR> {DD6F36DA-B952-4FC9-B6E2-B110591C59A9} 14.11.2013 05:27 <DIR> {DDBDB58F-F93C-408C-85CF-805F077EA6B5} 01.04.2013 08:52 <DIR> {DDE86B9D-3E29-4173-B031-784BE26D376C} 28.02.2013 07:28 <DIR> {DDFCE4FD-1F34-4A8B-838B-5A86A62D0CCC} 16.08.2012 04:24 <DIR> {DE08E59D-D464-495F-BBB8-01C66E292BDC} 05.04.2012 07:26 <DIR> {DE0B9D39-93FA-4EEA-887C-B4F4621A6A69} 11.06.2012 06:50 <DIR> {DE11A832-1DF1-42E1-97F2-CC86B7DFFF73} 04.05.2012 05:10 <DIR> {DE3D6C15-CB70-461B-A94E-AD77521423FC} 26.09.2012 14:38 <DIR> {DE418D2B-EE8A-449E-BFE3-6B86361F0EB1} 01.06.2012 04:32 <DIR> {DE96E62C-8EA9-4700-BB62-47A90B81C08A} 03.08.2012 11:08 <DIR> {DEABF35B-3697-44D9-9F53-59509FFDFE73} 07.07.2012 17:54 <DIR> {DEB4567C-628A-479C-A85F-6D7AD588761C} 15.05.2012 05:07 <DIR> {DF0785CF-5F86-4930-A403-E7E228E29AC3} 28.04.2012 09:27 <DIR> {DF51A7AD-3836-4279-A298-05BB5666ECFC} 22.04.2013 04:51 <DIR> {DFA46489-A0E1-4581-A9F2-8F8D10766382} 05.08.2012 00:00 <DIR> {DFEB02E2-68DE-4093-ABCF-4C621620FC10} 16.02.2013 19:30 <DIR> {E009447B-1C35-4E80-B033-46D00D968F92} 21.06.2012 05:06 <DIR> {E013A170-5300-4952-AEC1-4DE285936553} 19.09.2013 11:02 <DIR> {E09778A1-1567-4B08-BB73-65C52722C1EF} 07.06.2012 17:49 <DIR> {E1716CBC-9C43-4988-8517-1EA8211C7E23} 21.04.2012 09:10 <DIR> {E17ADE43-EA4B-4E74-BCAA-7773321964FA} 09.06.2013 12:04 <DIR> {E1914E72-6CAF-4AD3-B217-B04E4FAF2308} 19.09.2012 10:38 <DIR> {E24B6ECE-DE3E-417B-AA94-0FBDAE1039D5} 26.09.2013 19:47 <DIR> {E279A642-0F83-495C-AC30-2DAEFF19232F} 22.11.2013 19:52 <DIR> {E2CE2208-A9AB-4D26-98AC-4D37841617BA} 01.05.2012 06:21 <DIR> {E2D31673-E4A2-47E9-AC13-BB073A486D28} 08.05.2012 15:01 <DIR> {E3E435EB-F3FB-42D1-BB4C-A0BD48BFF481} 08.08.2012 05:16 <DIR> {E4440130-D998-4CD9-A68F-FE2C63F3E02F} 26.11.2012 14:31 <DIR> {E44ED5FD-0AA3-4310-B298-BCB1FF8D643D} 24.01.2013 10:29 <DIR> {E4BE7FAF-B0C7-43B2-BE23-7A7C3BA7B7C8} 11.08.2012 07:55 <DIR> {E4BF4F19-7A62-4CEF-A470-16E5A303B934} 10.05.2013 11:24 <DIR> {E4F7E3B6-AEA6-4037-AB70-C9A2480F2D35} 16.07.2012 20:42 <DIR> {E50AF594-07B8-40B2-8CB0-7AB3BF0C4CE9} 03.02.2013 06:19 <DIR> {E51BC355-064E-4487-AF5C-70F9F9C798EC} 07.03.2012 17:20 <DIR> {E5A71DFE-A3D9-41B6-ACD3-F240739519E9} 28.08.2012 11:14 <DIR> {E5BF9CD1-0811-42EC-B08E-20FFB7ED02C2} 25.03.2012 23:29 <DIR> {E5D5FA4D-B5B8-4334-B14D-26434C307B2A} 02.04.2012 05:53 <DIR> {E5E51CED-D69F-4D33-928D-69E250A71199} 21.04.2012 07:41 <DIR> {E6325B7E-2CDC-4A01-BB75-57EA99FAD21C} 24.08.2013 19:51 <DIR> {E657D871-E987-4D80-A17C-18A9E24066A3} 16.03.2012 07:49 <DIR> {E6F88570-8D9B-41FD-AC5A-712A439287F2} 17.09.2013 18:43 <DIR> {E704173D-98D4-47A8-B4C1-DD66292B4A61} 17.02.2012 07:38 <DIR> {E7FFF482-83D1-4A5D-A345-063943639A22} 10.09.2013 19:22 <DIR> {E8059FAC-A786-4C23-A1E7-9C1A89E1F183} 15.07.2012 09:44 <DIR> {E8153392-D889-4B94-82C3-AC60FEF0C302} 11.03.2013 20:36 <DIR> {E81B7E45-3A6A-49B0-969D-2919F972EFD2} 16.01.2013 05:55 <DIR> {E81C1737-DDC4-40F7-8A7B-67A92BF1E25B} 16.08.2012 05:14 <DIR> {E825528C-DA68-4BD7-B2CC-A78BD2C91373} 10.11.2012 09:10 <DIR> {E835C682-DA02-4F6B-B821-D7CAE6840A0F} 14.08.2012 05:06 <DIR> {E849AE25-72A0-48F8-B492-3C20B25A1B87} 08.07.2012 06:00 <DIR> {E85FD390-50A6-4C76-9F81-AE11371F4483} 23.12.2012 08:42 <DIR> {E89739E4-D6DB-4008-893A-7A26EF5898E1} 02.07.2013 15:20 <DIR> {E89A30D6-8330-4FC4-98F6-96DB7F1317A6} 03.04.2012 19:06 <DIR> {E8AEE3FA-D75E-4CAF-A2E1-1BDC00EBDE8D} 06.10.2012 08:39 <DIR> {E8AF23B8-1356-4C4F-AD6F-CFFE5A5D7317} 23.09.2012 19:36 <DIR> {E8C7B39B-EE77-466F-86A2-7F6434A0F5E3} 11.05.2013 05:06 <DIR> {E9319120-9B31-447A-8878-B9FA8F8FD452} 25.02.2012 20:15 <DIR> {E9475F44-DEA1-4821-8AD8-714E7F9EE329} 19.10.2013 06:24 <DIR> {E94E483D-D3B9-45C5-8039-20473F87DB9B} 21.04.2012 07:41 <DIR> {E972900F-8CD1-424B-B049-1E8766FC614E} 11.11.2013 18:23 <DIR> {E9809EAA-FBE9-4CD8-9277-5C342EDC9C40} 06.06.2012 20:11 <DIR> {E9BE451F-FF38-43A7-AA66-156C04629981} 20.11.2013 23:26 <DIR> {E9F3DEB7-5C11-4DEA-9C1B-D491A8908F52} 08.04.2012 23:44 <DIR> {EA065FB9-A643-4219-A6BF-C5DC3BFF5811} 30.05.2013 21:56 <DIR> {EA21B388-DB41-4BAB-8C2D-C0F57EF5A870} 01.06.2012 04:32 <DIR> {EABBD213-D32F-4B91-94EA-0F17A058F115} 04.04.2012 08:09 <DIR> {EABEDEDE-1E9E-4379-ABCE-74D147398E8A} 29.11.2012 09:07 <DIR> {EAD9EFB0-92F5-4959-8CF5-3873ABA25367} 31.01.2013 17:11 <DIR> {EB19A7B1-4A9A-4A24-AB40-E95471F3E568} 05.03.2013 17:29 <DIR> {EB90E13E-A3E4-4A55-83C2-D97B8CEE4C89} 12.01.2013 02:16 <DIR> {EB9857A4-ECC2-41B2-8E49-8F672C9E922C} 20.11.2013 07:28 <DIR> {EB9DABB0-95C3-4759-A27D-D6EB879A99C7} 09.06.2012 06:12 <DIR> {EBD03E2D-ACBD-4C56-9D84-9524EC99C083} 11.01.2013 08:02 <DIR> {EBEB9EF4-F2FE-4C4B-B379-7FEFC1677B30} 06.06.2012 05:21 <DIR> {EBEDD855-EC99-41D4-9EEB-30AFC250E229} 07.10.2013 06:03 <DIR> {EC325BD9-DF50-42AE-8F64-ECA2943DAADC} 19.11.2012 06:45 <DIR> {EC394034-C189-4C31-AE3C-529F2616C61A} 12.05.2012 11:46 <DIR> {EC993BC4-DA47-4AF0-8FBD-2EE5B6678D08} 27.01.2013 20:19 <DIR> {ECA17545-A0A9-479B-9158-C827894562D0} 25.11.2013 19:23 <DIR> {ECA66C83-66C7-4627-88CA-FCE3544D6A1A} 17.01.2013 07:35 <DIR> {ECC4A222-90C8-448D-876A-85053F488FFA} 01.05.2012 06:21 <DIR> {ECF69F28-6DAC-4BCE-B19E-43A4ECA6A254} 25.11.2012 20:47 <DIR> {ED512337-23CE-47B1-AA2A-A3D871A127B2} 29.06.2013 06:20 <DIR> {ED8B0EF8-4D31-46D3-837F-8FBBB4E7B4B0} 11.07.2012 12:49 <DIR> {ED9FAA20-DCC5-4AD1-89F0-1EADF0B05570} 12.02.2013 14:06 <DIR> {EDC6A50E-786D-481A-BC9F-F48FBD44BD1D} 25.02.2012 20:15 <DIR> {EE12C8ED-AD40-4CBB-B015-93EFDEB6EF9A} 09.07.2012 20:30 <DIR> {EEEBF028-D648-46EE-B09F-44C6AD8DFBBC} 10.06.2012 06:02 <DIR> {EEF05AE9-5382-4988-82AC-99EB48AF4FD6} 28.03.2012 06:19 <DIR> {EF01C4C8-A21F-447D-A893-63055AA609B8} 31.05.2013 13:43 <DIR> {EF4501C0-EF22-42F2-86F5-F80188FB5937} 11.04.2012 05:26 <DIR> {EF5869E6-D53C-46F5-96BF-1E93A4D9845E} 23.05.2013 18:51 <DIR> {EF79559E-A296-47ED-98EB-A933DC3A13D0} 07.07.2012 05:53 <DIR> {EF930443-AB84-4C82-B2BA-2A57C2A282BD} 13.10.2013 19:37 <DIR> {EFEB7229-20A3-41CA-A8B7-4B5FF9D6EFAC} 21.09.2012 16:27 <DIR> {F021F404-0572-4711-9022-D859B80E0B16} 18.05.2012 20:16 <DIR> {F0A336F7-5834-43F1-8114-D76E02681E27} 21.03.2013 07:29 <DIR> {F0E7EF8A-2B5D-4BCA-9866-DB3BC7EB76CF} 25.05.2012 06:11 <DIR> {F11C9771-2620-41D7-AB4B-269C381BEDAF} 27.10.2013 08:43 <DIR> {F11DFABD-04E6-489C-A50F-132013F09BED} 01.07.2013 19:06 <DIR> {F1204CB5-572A-4987-A74C-8F0CA397ED6B} 20.05.2012 19:50 <DIR> {F1BC76E7-6F05-4C0B-9115-CC32AD22193F} 08.08.2013 20:19 <DIR> {F1BD401D-CB51-4171-B970-A2159BAB6AB7} 25.02.2012 05:39 <DIR> {F1C15A0C-13B6-48C3-879D-11BAC316A60A} 19.10.2013 19:20 <DIR> {F22E6469-C3C8-40B8-810F-A6DE27B5337C} 02.03.2012 07:13 <DIR> {F2330A91-7B74-4D29-B1C1-287EFC3B96FD} 02.10.2013 17:36 <DIR> {F2626A4C-4641-4B0D-BD6F-FDABF9A816A7} 03.06.2012 22:23 <DIR> {F281EA76-26EB-4FB7-99EA-A6253A8822FD} 07.10.2012 17:27 <DIR> {F2A0E1BA-2DF5-4612-BB52-2E0C5FAFAC7D} 06.05.2013 06:20 <DIR> {F39ADAD8-E1A8-4920-9A70-9D2CCDD4843E} 31.08.2012 07:46 <DIR> {F3BD0913-8E6B-400D-BD21-7FB35D022168} 01.03.2012 07:18 <DIR> {F3DBEA21-9F1F-45DF-BD04-4CE6FA1F1FE0} 08.08.2013 07:11 <DIR> {F3FCA6F0-E33F-4693-9D6E-56023C04C01E} 16.07.2012 04:57 <DIR> {F4542D8A-B502-43BF-8B9E-BEAA08610A2F} 16.06.2012 20:05 <DIR> {F4B47DD1-511E-47F8-ACEB-47836D02DCEE} 30.09.2013 05:32 <DIR> {F54A3BFC-0DA1-4248-A02D-A5A4E982C2AB} 11.02.2012 03:54 <DIR> {F55B6F2B-8FC4-47F1-A6AF-075C5D28C778} 21.04.2013 07:55 <DIR> {F5645E70-CD47-4076-9193-CF9A44A27B9D} 03.05.2012 06:15 <DIR> {F5671BF2-06C4-4F5C-BE98-F89EC3FA52BE} 29.05.2013 20:03 <DIR> {F585A049-8EC7-407D-B80E-70E63513C0AC} 24.12.2012 05:47 <DIR> {F588C6D5-DA0B-4078-8E46-0EA7C5965FCD} 17.09.2013 03:57 <DIR> {F5CE14FF-3BAF-4AF5-A95B-A5FE1CCAD7CC} 24.04.2013 19:22 <DIR> {F612DEFB-A37B-4DCB-AF3F-8BDC6FDF1D10} 14.02.2013 13:20 <DIR> {F6268A65-5726-4EDB-89EF-6D1F283FE958} 15.04.2012 10:26 <DIR> {F635F7A6-0A78-439A-8E96-5E6F00A6ACFB} 26.03.2013 06:46 <DIR> {F642CBAA-385A-44A8-93FD-4729FC064B0E} 22.10.2013 16:37 <DIR> {F6B2E4FA-2B5F-4887-B09B-5573BFE1413D} 02.02.2013 00:00 <DIR> {F6EAE12C-0C28-4696-A6FF-08FECAC242E6} 08.03.2012 07:16 <DIR> {F7427B63-43DF-49A5-B7EC-5B6ACF84F50C} 25.09.2012 23:46 <DIR> {F75529FF-983D-453C-98CC-96B2260F1F37} 19.04.2013 10:27 <DIR> {F771C3DF-26E7-44DA-8942-FE15E90B4909} 16.08.2012 19:54 <DIR> {F794ABDD-19F7-41AF-88D6-AE8821DA1DA6} 03.05.2012 15:52 <DIR> {F82D7EAF-3C35-48EC-99DC-DFD0A566A6BB} 18.06.2012 05:08 <DIR> {F844F2C9-4881-4B79-BA7A-EA65064FCDBF} 04.05.2013 08:54 <DIR> {F88FD4C7-6B0C-4F2C-A460-4AEFF373E508} 28.10.2012 11:00 <DIR> {F8B5EAD0-9728-4FD9-8087-8965E848C0C3} 10.06.2013 03:58 <DIR> {F8D14EAC-D8D6-40EB-BF78-8D355D3AFC70} 01.12.2012 19:52 <DIR> {F8E40020-21A0-428A-85A4-3BE733FC0CE2} 25.08.2012 07:15 <DIR> {F904B19A-C74F-426C-982D-FE12477093C4} 19.03.2012 07:10 <DIR> {F9AE40DA-E911-41AD-8C94-1B6DC0893F98} 06.03.2013 20:34 <DIR> {FA10DACB-19BB-4BCC-BCE9-989E8F0AFC7D} 19.05.2012 12:37 <DIR> {FA5BC753-02BD-4BE0-9785-6F7EB81D9115} 24.06.2013 12:02 <DIR> {FA6AD2CD-8300-4263-A177-EF17B811A090} 23.04.2012 14:58 <DIR> {FAFD925D-23F9-457C-A1DF-AF5E71EC6D02} 06.02.2013 02:50 <DIR> {FB169C39-9463-4729-BE04-A6DE6819F0C4} 10.07.2012 05:06 <DIR> {FB2AA211-20CD-4D91-AC5E-5BD1CB18EA52} 19.02.2013 13:56 <DIR> {FB5E29BD-A7DF-4826-88A1-8CA94E728352} 07.11.2013 20:58 <DIR> {FB6BB124-90E3-4F77-9405-AFD63BBE4F81} 03.10.2013 08:34 <DIR> {FB6D2877-B555-4548-B931-1A285537B90F} 01.10.2013 11:06 <DIR> {FB78A5A3-72E8-4074-AA02-7D21CBFAEC0D} 13.09.2013 20:40 <DIR> {FBA4BE54-D5D6-4ED9-83CE-FD56CB1797B3} 04.11.2012 23:34 <DIR> {FBC148AF-E2EB-4BB2-875E-2866A58FC6C0} 01.06.2013 07:09 <DIR> {FC1561AC-1BF2-435F-B9FD-FC7DCEAA8617} 08.03.2012 19:38 <DIR> {FC68BADB-187A-463B-872D-46241866E014} 31.03.2013 19:04 <DIR> {FCA82E4D-1628-4F10-B298-A41E66E41935} 24.04.2013 07:15 <DIR> {FD3E5ED8-4309-4DE7-95C9-99B295B3CDE2} 01.05.2012 08:57 <DIR> {FD7BA78B-1094-485E-8073-638F2490E1FE} 23.03.2013 09:01 <DIR> {FD7D8ECC-3DC8-4AA2-9F03-763FC016DC0F} 23.02.2012 07:45 <DIR> {FD8A09FE-4616-4F5D-8199-AC49D2A96962} 26.05.2012 21:46 <DIR> {FE2BB4D0-542F-43A4-8469-3280E35FBF57} 18.10.2012 15:49 <DIR> {FE5CF527-5756-4615-B75A-D63A4C4F29CF} 14.03.2012 05:33 <DIR> {FE678A49-A065-4201-BCDC-1F90C1471FD8} 19.03.2012 07:10 <DIR> {FE838F5C-E106-4937-BAD1-579DDA7CD2B9} 04.03.2012 09:13 <DIR> {FE9F46B4-61CF-45B3-8B9C-0524C1DB2ABA} 06.03.2012 07:19 <DIR> {FEAFBF1E-5A6F-4BEB-A94A-B87086CF4B24} 11.05.2012 20:48 <DIR> {FEC50974-D91B-4424-A6F0-BC01E2A0ED56} 20.09.2013 14:03 <DIR> {FF467D5C-E1BD-4D35-A786-4019C0D512AF} 02.06.2013 09:52 <DIR> {FF474FDD-8782-4E15-9BB4-C30EEC861AB5} 11.05.2012 20:48 <DIR> {FF7277EE-4ABC-4A20-83F3-0850A50D9671} 15.09.2013 06:10 <DIR> {FF8F9273-EF1C-4A07-9ABE-615A095F2440} 21.05.2013 05:01 <DIR> {FF9076A5-6B26-4982-B16B-3D359A5E3D9E} 23.06.2012 09:47 <DIR> {FFBEB7B7-11FD-4A77-AE4C-F775EF72B348} 5 Datei(en), 198.949 Bytes 1369 Verzeichnis(se), 434.952.183.808 Bytes frei ========= Ende von CMD: ========= ========= dir "%CommonProgramFiles(x86)%" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\Program Files (x86)\Common Files 07.06.2018 05:31 <DIR> . 07.06.2018 05:31 <DIR> .. 26.06.2015 05:22 <DIR> Adobe 19.07.2017 07:53 <DIR> Adobe AIR 28.10.2011 01:10 <DIR> ATI Technologies 07.02.2012 07:25 <DIR> Corel 13.09.2012 06:02 <DIR> DATA BECKER Shared 21.07.2015 22:42 <DIR> DESIGNER 29.09.2015 13:27 <DIR> HERMA 20.06.2012 08:11 <DIR> Hewlett-Packard 20.06.2012 08:11 <DIR> HP 11.11.2014 19:38 <DIR> InstallShield 15.01.2014 16:15 <DIR> MAGIX Services 15.01.2014 16:18 <DIR> MAGIX Shared 07.02.2012 07:26 <DIR> Memeo 11.05.2018 19:55 <DIR> microsoft shared 07.06.2018 05:29 <DIR> Oracle 07.02.2012 07:24 <DIR> Protexis 05.04.2013 15:33 <DIR> PX Storage Engine 14.07.2009 05:20 <DIR> Services 05.04.2013 15:27 <DIR> Sonic Shared 14.07.2009 05:20 <DIR> SpeechEngines 11.11.2014 19:17 <DIR> Steam 27.10.2011 03:12 <DIR> SWF Studio 12.02.2012 20:30 <DIR> System 18.07.2011 22:49 <DIR> Windows Live 13.11.2017 08:13 <DIR> Wise Installation Wizard 0 Datei(en), 0 Bytes 27 Verzeichnis(se), 434.952.155.136 Bytes frei ========= Ende von CMD: ========= ========= dir "%CommonProgramW6432%" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\Program Files\Common Files 25.07.2017 14:44 <DIR> . 25.07.2017 14:44 <DIR> .. 05.04.2013 15:35 <DIR> Adobe 28.10.2011 01:10 <DIR> ATI Technologies 21.08.2018 21:06 <DIR> AV 25.07.2017 14:44 <DIR> EPSON 29.10.2016 18:00 <DIR> Logishrd 12.02.2015 07:39 <DIR> Microsoft Shared 14.07.2009 05:20 <DIR> Services 14.07.2009 05:20 <DIR> SpeechEngines 12.02.2012 20:30 <DIR> System 0 Datei(en), 0 Bytes 11 Verzeichnis(se), 434.952.093.696 Bytes frei ========= Ende von CMD: ========= ========= dir "%UserProfile%" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\Users\Arhelger 22.08.2018 20:10 <DIR> . 22.08.2018 20:10 <DIR> .. 18.04.2018 05:52 <DIR> Bcher 14.09.2017 02:28 <DIR> Contacts 22.08.2018 20:15 <DIR> Desktop 18.08.2018 22:13 <DIR> Documents 03.04.2018 06:42 <DIR> Dokumente 22.08.2018 19:34 <DIR> Downloads 14.09.2017 02:28 <DIR> Favorites 03.07.2017 05:35 <DIR> Filme 04.06.2018 14:14 <DIR> Jannik Noah 14.09.2017 02:28 <DIR> Links 14.07.2018 09:08 <DIR> Louis 14.09.2017 02:28 <DIR> Music 19.05.2018 11:34 <DIR> My Games 06.12.2014 16:07 10.381 Nikolaus.xlsx 16.04.2018 06:19 <DIR> Pictures 21.08.2018 13:18 <DIR> Sabrina 27.09.2016 06:02 <DIR> Samsung Link 14.09.2017 02:28 <DIR> Saved Games 06.04.2018 07:30 <DIR> Scanner 14.09.2017 02:28 <DIR> Searches 10.11.2017 07:30 364 Sti_Trace.log 21.08.2018 07:03 <DIR> Sven 14.09.2017 02:28 <DIR> Videos 2 Datei(en), 10.745 Bytes 23 Verzeichnis(se), 434.952.024.064 Bytes frei ========= Ende von CMD: ========= ========= dir "C:\" ========= Datentr„ger in Laufwerk C: ist Boot Volumeseriennummer: 204C-3CC0 Verzeichnis von C:\ 21.08.2018 12:53 <DIR> AdwCleaner 11.06.2018 05:14 <DIR> AeriaGames 21.08.2015 05:05 <DIR> CorelDRAW Essentials X5 21.08.2018 13:17 57 dllme.txt 22.08.2018 20:15 <DIR> FRST 07.11.2007 09:00 1.110 globdata.ini 15.04.2014 12:51 <DIR> history 07.11.2007 09:03 562.688 install.exe 07.11.2007 09:00 843 install.ini 07.11.2007 09:03 76.304 install.res.1028.dll 07.11.2007 09:03 96.272 install.res.1031.dll 07.11.2007 09:03 91.152 install.res.1033.dll 07.11.2007 09:03 97.296 install.res.1036.dll 07.11.2007 09:03 95.248 install.res.1040.dll 07.11.2007 09:03 81.424 install.res.1041.dll 07.11.2007 09:03 79.888 install.res.1042.dll 07.11.2007 09:03 75.792 install.res.2052.dll 07.11.2007 09:03 96.272 install.res.3082.dll 20.08.2018 12:54 <DIR> KVRT_Data 23.09.2005 00:39 894.976 msdia80.dll 21.08.2018 13:17 455.344 msvcp120.dll 18.10.2017 17:22 0 NET.INI 20.08.2018 13:20 <DIR> Program Files 21.08.2018 06:39 <DIR> Program Files (x86) 22.03.2017 06:15 32 PS.log 27.09.2016 05:51 <DIR> Upload 15.07.2015 11:30 <DIR> Users 07.11.2007 09:00 5.686 vcredist.bmp 07.11.2007 09:09 1.442.522 VC_RED.cab 07.11.2007 09:12 232.960 VC_RED.MSI 22.08.2018 12:49 <DIR> Windows 20.08.2018 12:52 2.604 XoristDecryptor.2.5.3.4_20.08.2018_12.47.54_log.txt 21 Datei(en), 4.388.470 Bytes 11 Verzeichnis(se), 434.951.962.624 Bytes frei ========= Ende von CMD: ========= ================== ExportKey: =================== [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes] === Ende von ExportKey === ========= ipconfig /flushdns ========= Windows-IP-Konfiguration Der DNS-Aufl”sungscache wurde geleert. ========= Ende von CMD: ========= ========= netsh winsock reset ========= Der Winsock-Katalog wurde zurckgesetzt. Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen. ========= Ende von CMD: ========= ========= RemoveProxy: ========= "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => erfolgreich entfernt "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt "HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt "HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt ========= Ende von RemoveProxy: ========= =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22100761 B Java, Flash, Steam htmlcache => 590 B Windows/system/drivers => 692878876 B Edge => 0 B Chrome => 207975672 B Firefox => 15453907 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 66228 B Public => 0 B ProgramData => 0 B systemprofile => 42320605 B systemprofile32 => 404820 B LocalService => 0 B NetworkService => 0 B Arhelger => 4483613587 B Kids => 134297 B RecycleBin => 627709594 B EmptyTemp: => 5.7 GB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 20:21:28 ==== |
23.08.2018, 11:04 | #9 |
/// TB-Ausbilder | Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Servus, AdwCleaner bitte nochmal zur Kontrolle ausführen und die Logdatei posten:
|
23.08.2018, 11:55 | #10 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Hallo, hier die aktuelle Log-Datei: Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 7.2.2.0 # ------------------------------- # Build: 07-17-2018 # Database: 2018-08-23.3 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 08-23-2018 # Duration: 00:00:02 # OS: Windows 7 Home Premium # Cleaned: 0 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Prefetch [+] Delete Tracing Keys [+] Reset Chromium Policies [+] Reset IE Policies [+] Reset Proxy Settings [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1705 octets] - [21/08/2018 12:53:11] AdwCleaner[C00].txt - [1795 octets] - [21/08/2018 12:53:51] AdwCleaner[S01].txt - [1371 octets] - [22/08/2018 06:39:55] AdwCleaner[C01].txt - [1656 octets] - [22/08/2018 06:44:57] AdwCleaner[S02].txt - [1493 octets] - [23/08/2018 12:40:31] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ########## |
23.08.2018, 19:41 | #11 |
/// TB-Ausbilder | Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Servus, zeigt Kaspersky immer noch diese Malware an? Gibt es dazu noch mehr Infos deinsereits?
|
24.08.2018, 05:06 | #12 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Hallo, Kaspersky zeigt immer noch die Malware an und lässt sich auch nicht desinfizieren. Code:
ATTFilter 21.08.2018 21.23.32 Vollständige Untersuchung des Computers (angehalten) Zeitpunkt: 21.08.2018 21:23 21.08.2018 21.17.45 Das Objekt (Systemspeicher) wurde nicht verarbeitet. System Memory Systemspeicher: System Memory Objektname: Trojan.Multi.GenAutorunReg.a Grund: Zurückgestellt 21.08.2018 21.17.45 Ein Objekt (Systemspeicher) wurde gefunden. System Memory Systemspeicher: System Memory Objektname: Trojan.Multi.GenAutorunReg.a 21.08.2018 21.17.28 Vollständige Untersuchung des Computers Die Aufgabe wurde gestartet. Zeitpunkt: 21.08.2018 21:17 Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018 durchgeführt von Arhelger (Administrator) auf ARHELGER-PC (24-08-2018 05:56:08) Gestartet von C:\Users\Arhelger\Desktop Geladene Profile: Arhelger & (Verfügbare Profile: Arhelger) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Salfeld Computer) C:\Windows\cc\WinCtlSvc.exe (Salfeld Computer) C:\Windows\cc\CtlSysMgr.exe (Salfeld Computer GmbH) C:\ProgramData\NFS\NFSccsvc.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Salfeld Computer) C:\Windows\cc\CtlSysUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe (Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe () C:\Program Files (x86)\watchmi\TvdService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION) HKLM\...\RunServicesOnce: [WISO Finanz Update] => C:\Users\Arhelger\AppData\Local\Temp\Buhl\WISO Mein Geld 365 Professional\WISOFinanz365Update_24.0.0.100.exe "/Reduced" "/InstallDir=C:\Program Files (x86)\Buhl\WISO Mein Geld 365" "/ProcessID=3916" " (Der Dateneintrag hat 77 mehr Zeichen). <==== ACHTUNG Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ACHTUNG HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-17] (Adobe Systems Incorporated) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-07] (Google Inc.) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1023664 2016-03-25] (Samsung) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {28f75973-3991-11e8-a592-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {2d327e58-f154-11e7-bdac-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-17] (Adobe Systems Incorporated) HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-07] (Google Inc.) HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1023664 2016-03-25] (Samsung) HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung) HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64" HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\MountPoints2: {28f75973-3991-11e8-a592-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\MountPoints2: {2d327e58-f154-11e7-bdac-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe IFEO\sethc.exe: [Debugger] logonui.exe GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{2F1AB9F8-898F-464B-B9F8-BE087F0E4A2C}: [NameServer] 192.168.178.0 Tcpip\..\Interfaces\{E700DAEE-439D-4EE4-962B-7D3507F98C6A}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06 HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06 SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {A7521B9F-4CC8-42E7-907C-2085ABD4F486} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446 -> {A7521B9F-4CC8-42E7-907C-2085ABD4F486} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-02-13] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => Keine Datei BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-06-07] (Oracle Corporation) BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation) BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab) DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default [2018-08-22] FF Homepage: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/ FF NewTab: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/ FF Extension: (Ciuvo Preisvergleich) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\extension@ciuvo.com.xpi [2016-04-19] [Legacy] FF Extension: (Forecastfox (fix version)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\forecastfox@s3_fix_version.xpi [2016-04-19] [Legacy] FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\newtaboverride@agenedia.com.xpi [2016-04-19] [Legacy] FF Extension: (S3.Google Translator) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\s3google@translator.xpi [2016-04-28] [Legacy] FF Extension: (Flagfox) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-04-28] [Legacy] FF Extension: (Adblock Plus) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-19] [Legacy] FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-08-21] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-10-29] [Legacy] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-07-25] [Legacy] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-06-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-06-07] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei] FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: @protectdisc.com/NPPDLicenseHelper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Arhelger\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( ) FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Arhelger\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Arhelger\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( ) FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Arhelger\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei] Chrome: ======= CHR HomePage: Default -> hxxp://home.1und1.de/?linkId=hd.nav.themenportal&ucuoId=PUAC:default.EUE.DE-20150617064232-9E49C81A815F50BE9E13B68A1F3A997C.TCpfix111b&ac=OM.PU.PUb48K85425T7073a CHR StartupUrls: Default -> "hxxp://home.1und1.de/" CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html" CHR Profile: C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default [2018-08-24] CHR Extension: (Google Übersetzer) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-08-21] CHR Extension: (Präsentationen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-21] CHR Extension: (Kaspersky Protection) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-08-21] CHR Extension: (Docs) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21] CHR Extension: (Google Drive) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-21] CHR Extension: (YouTube) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21] CHR Extension: (Adobe Acrobat) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-08-21] CHR Extension: (Tabellen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-21] CHR Extension: (Google Docs Offline) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (Google Kalender) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2018-08-21] CHR Extension: (New Tab Redirect) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-08-21] CHR Extension: (Drucken für Google Chrome) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd [2018-08-21] CHR Extension: (Google Play) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-08-21] CHR Extension: (Google Maps) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-08-21] CHR Extension: (Google Mail-Checker) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-08-21] CHR Extension: (IP-Domain-Markierungsfahne) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2018-08-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-21] CHR Extension: (Google Mail) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-21] CHR Extension: (Chrome Media Router) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-21] CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arhelger\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden> CHR HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arhelger\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Arhelger\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [245760 2017-02-28] (AVM GmbH) [Datei ist nicht signiert] R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab) R2 CC-Updater; C:\Windows\cc\WinCtlSvc.exe [7022192 2018-02-16] (Salfeld Computer) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation) R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [416560 2018-08-21] (AO Kaspersky Lab) S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation) R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation) R2 SCC-Dienst; C:\Windows\cc\ctlsysmgr.exe [6626464 2018-08-21] (Salfeld Computer) S2 sfrem01; C:\Windows\system32\sfrem01.exe [601208 2006-07-05] (Protection Technology (StarForce)) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert] R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare) R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-02-13] (AVM Berlin) R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2016-04-26] (AVM Berlin) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [836288 2018-05-27] (EasyAntiCheat Oy) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72904 2017-12-27] (AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122056 2018-02-02] (AO Kaspersky Lab) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [87752 2018-07-20] (AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [219328 2018-08-21] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1193160 2018-08-21] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1127104 2018-08-21] (AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-02-12] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [58056 2018-01-15] (AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (AO Kaspersky Lab) R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [161592 2018-07-20] (AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-08-24] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-08-24] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-24] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94328 2018-08-24] (Malwarebytes) R1 netfltcc; C:\Windows\System32\drivers\netfltcc.sys [64680 2017-11-25] (Windows (R) Win 7 DDK provider) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation) S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce)) S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce)) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 cpuz134; \??\C:\Users\Arhelger\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ACHTUNG ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-08-24 05:53 - 2018-08-24 05:53 - 000000558 _____ C:\Users\Arhelger\Downloads\Bericht Kaspersky.txt 2018-08-22 20:38 - 2018-08-22 20:38 - 000003288 ____N C:\bootsqm.dat 2018-08-22 20:15 - 2018-08-22 20:21 - 000129528 _____ C:\Users\Arhelger\Desktop\Fixlog.txt 2018-08-22 19:55 - 2018-08-24 05:55 - 000000000 ____D C:\Users\Arhelger\Desktop\FRST-OlderVersion 2018-08-22 19:34 - 2018-08-22 19:34 - 000030060 _____ C:\Users\Arhelger\Desktop\SpyHunterCleaner.bat 2018-08-22 12:47 - 2018-08-22 20:52 - 000067426 _____ C:\Users\Arhelger\Desktop\Addition.txt 2018-08-22 12:42 - 2018-08-24 05:58 - 000039086 _____ C:\Users\Arhelger\Desktop\FRST.txt 2018-08-22 12:42 - 2018-08-24 05:56 - 000000000 ____D C:\FRST 2018-08-22 12:41 - 2018-08-24 05:55 - 002413056 _____ (Farbar) C:\Users\Arhelger\Desktop\FRST64.exe 2018-08-22 06:33 - 2018-08-22 06:35 - 007417040 _____ (Malwarebytes) C:\Users\Arhelger\Desktop\adwcleaner_7.2.2.exe 2018-08-21 21:05 - 2018-08-21 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2018-08-21 21:04 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2018-08-21 21:03 - 2018-08-21 21:03 - 001193160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 001127104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 000219328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2018-08-21 21:03 - 2018-08-21 21:03 - 000152360 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll 2018-08-21 21:00 - 2018-08-21 21:00 - 002509880 _____ (Kaspersky Lab) C:\Users\Arhelger\Downloads\kis19.0.0.1088de_14081.exe 2018-08-21 20:36 - 2018-08-21 20:36 - 008896960 _____ C:\Users\Arhelger\Downloads\kpm.exe 2018-08-21 20:25 - 2018-08-21 20:27 - 000484760 _____ C:\Windows\Minidump\082118-50669-01.dmp 2018-08-21 15:21 - 2018-08-21 15:32 - 579815424 _____ C:\Users\Arhelger\Downloads\krd (1).iso 2018-08-21 15:17 - 2018-08-21 15:19 - 147283752 _____ (Kaspersky Lab ZAO) C:\Users\Arhelger\Downloads\KVRT.exe 2018-08-21 14:19 - 2018-08-21 14:19 - 000380928 _____ C:\Users\Arhelger\Downloads\rb3crkqy.exe 2018-08-21 14:11 - 2018-08-21 14:14 - 579815424 _____ C:\Users\Arhelger\Downloads\krd.iso 2018-08-21 06:39 - 2018-08-21 06:39 - 000002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-08-21 05:46 - 2018-08-21 06:01 - 000073318 _____ C:\Windows\ntbtlog.txt 2018-08-21 05:16 - 2018-08-21 13:17 - 000455344 _____ (Microsoft Corporation) C:\msvcp120.dll 2018-08-21 05:16 - 2018-08-21 13:17 - 000000057 _____ C:\dllme.txt 2018-08-20 13:21 - 2018-08-24 05:48 - 000094328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2018-08-20 13:21 - 2018-08-24 05:46 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-08-20 13:21 - 2018-08-24 05:46 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2018-08-20 13:21 - 2018-08-24 05:46 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\Program Files\Malwarebytes 2018-08-20 13:20 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2018-08-20 12:53 - 2018-08-20 12:54 - 000000000 ____D C:\KVRT_Data 2018-08-20 12:47 - 2018-08-20 12:52 - 000002604 _____ C:\XoristDecryptor.2.5.3.4_20.08.2018_12.47.54_log.txt 2018-08-18 22:08 - 2018-08-18 22:13 - 000010330 _____ C:\Users\Arhelger\Documents\Toreliste.xlsx 2018-08-16 05:36 - 2018-08-16 05:36 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-08-16 05:36 - 2018-08-16 05:36 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-08-16 05:36 - 2018-08-16 05:36 - 000004378 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-08-15 18:37 - 2018-08-15 18:48 - 000009821 _____ C:\Users\Arhelger\Documents\Waschliste.xlsx 2018-08-05 19:16 - 2018-08-05 19:16 - 000291784 _____ C:\Windows\Minidump\080518-57829-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-08-24 05:58 - 2017-07-26 05:35 - 000000334 __RSH C:\Users\Arhelger\ntuser.pol 2018-08-24 05:58 - 2012-02-07 07:28 - 000000000 ____D C:\Users\Arhelger 2018-08-24 05:52 - 2012-02-09 06:43 - 000003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{39A51ED7-4797-424D-AF39-0B9550252DFD} 2018-08-24 05:46 - 2014-04-09 06:42 - 000000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2018-08-24 05:46 - 2012-04-25 13:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2018-08-24 05:44 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-08-24 05:40 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\dl 2018-08-23 16:15 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-08-23 16:15 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-08-23 13:44 - 2017-07-25 14:44 - 000000911 _____ C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job 2018-08-22 20:17 - 2013-07-04 06:50 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Temp 2018-08-21 21:06 - 2016-09-19 08:04 - 000000000 ____D C:\Program Files\Common Files\AV 2018-08-21 21:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-08-21 21:04 - 2016-09-19 07:57 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2018-08-21 21:01 - 2018-06-06 05:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2018-08-21 20:25 - 2012-05-17 07:21 - 000000000 ____D C:\Windows\Minidump 2018-08-21 20:24 - 2018-07-10 20:11 - 1557671786 _____ C:\Windows\MEMORY.DMP 2018-08-21 13:18 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sabrina 2018-08-21 12:53 - 2014-09-15 12:27 - 000000000 ____D C:\AdwCleaner 2018-08-21 07:03 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sven 2018-08-21 06:39 - 2012-02-07 07:31 - 000000000 ____D C:\Users\Arhelger\AppData\Local\Google 2018-08-21 06:38 - 2012-02-07 07:22 - 000000000 ____D C:\Program Files (x86)\Google 2018-08-20 14:29 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\cc 2018-08-18 21:52 - 2015-04-30 06:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-08-18 16:51 - 2012-11-05 09:37 - 000058051 _____ C:\Users\Arhelger\Documents\Wanderwege Dietzhölztal - Eschenburg.xlsx 2018-08-18 16:29 - 2017-05-12 18:14 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Mozilla 2018-08-18 16:29 - 2016-11-27 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2018-08-18 16:29 - 2015-04-30 06:04 - 000001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2018-08-18 16:29 - 2014-03-25 09:07 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Thunderbird 2018-08-18 16:29 - 2014-02-04 09:04 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Mozilla 2018-08-16 06:12 - 2012-02-08 07:22 - 000000000 ____D C:\Users\Arhelger\Documents\WISO Mein Geld 2018-08-16 06:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2018-08-16 05:36 - 2018-05-21 15:14 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-08-16 05:36 - 2011-10-14 14:15 - 000000000 ____D C:\Windows\system32\Macromed 2018-08-16 05:36 - 2011-07-18 23:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-08-15 05:15 - 2015-06-26 05:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-08-07 05:45 - 2011-05-16 16:04 - 000699884 _____ C:\Windows\system32\perfh007.dat 2018-08-07 05:45 - 2011-05-16 16:04 - 000149766 _____ C:\Windows\system32\perfc007.dat 2018-08-07 05:45 - 2009-07-14 07:13 - 001622300 _____ C:\Windows\system32\PerfStringBackup.INI 2018-08-01 20:07 - 2012-02-08 07:17 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-04-23 06:21 - 2015-04-23 06:21 - 004218880 _____ (Piriform Ltd) C:\Program Files (x86)\ccsetup504_slim.exe 2015-04-06 10:47 - 2015-04-06 10:47 - 000000132 _____ () C:\Users\Arhelger\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format 2015-01-15 08:53 - 2015-01-15 08:53 - 000001456 _____ () C:\Users\Arhelger\AppData\Local\Adobe Für Web speichern 12.0 Prefs 2016-07-16 15:12 - 2016-07-16 15:12 - 000009728 _____ () C:\Users\Arhelger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-20 14:40 - 2015-04-20 14:40 - 000000000 ___SH () C:\Users\Arhelger\AppData\Local\LumaEmu 2013-10-18 03:23 - 2013-10-18 03:23 - 000007605 _____ () C:\Users\Arhelger\AppData\Local\Resmon.ResmonCfg 2012-02-07 09:12 - 2012-02-07 09:12 - 000017408 _____ () C:\Users\Arhelger\AppData\Local\WebpageIcons.db ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2018-08-16 17:16 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23.08.2018 durchgeführt von Arhelger (24-08-2018 05:59:18) Gestartet von C:\Users\Arhelger\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-02-07 05:28:37) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2519664068-3109547711-38441924-500 - Administrator - Disabled) Arhelger (S-1-5-21-2519664068-3109547711-38441924-1001 - Administrator - Enabled) => C:\Users\Arhelger Gast (S-1-5-21-2519664068-3109547711-38441924-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2519664068-3109547711-38441924-1026 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated) Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Premiere Elements 11 (HKLM\...\{66CF1DF9-1715-4325-89BC-76B1CA2EE3BE}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated) Ahnenblatt 2.98 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.98.1.1 - Dirk Böttcher) AMD Catalyst Install Manager (HKLM\...\{0348F1C7-2092-A05D-DC67-8ECA9EA72C20}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.) Apowersoft Online Launcher Version 1.4.6 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED) Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG) Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin) AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden calibre (HKLM-x32\...\{D2DCF339-7EBC-4D88-B515-A504297796EA}) (Version: 3.6.0 - Kovid Goyal) Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - ) Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation) CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation) CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DATA BECKER CD-DVD Druckerei 7 (HKLM-x32\...\CD-DVD Druckerei 7_is1) (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden Druckerdeinstallation für EPSON XP-540 Series (HKLM\...\EPSON XP-540 Series) (Version: - Seiko Epson Corporation) Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation) EG*Headlight 1 e-Workbook (HKLM-x32\...\{94D858E3-1BE9-4D81-94A4-FF1695F61CAB}) (Version: 1.0.7.0 - Cornelsen Verlag) Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Ihr Firmenname) Hidden Epic Games Launcher (HKLM-x32\...\{AF7881ED-41D7-4ECA-8C7C-AE10DFA0E489}) (Version: 1.1.151.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation) Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{29F4F2C2-CB73-418D-BA99-7BB5ECD9F7BF}) (Version: 4.4.6 - Seiko Epson Corporation) EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation) EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA) Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden FRITZ!Powerline (HKLM-x32\...\{EB579783-79C4-461A-9493-B9F19EAA23B2}) (Version: 01.02.00 - AVM GmbH) Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hpg4000 (HKLM-x32\...\{2814D1CB-7038-4EE4-8421-9C18FD571014}) (Version: 13.0.0.0 - Ihr Firmenname) Hidden HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Kindersicherung 2017 (HKLM-x32\...\Salfeld-Kindersicherung_is1) (Version: - ) Landwirtschafts Simulator 2011 (HKLM-x32\...\FarmingSimulator2011_PLATINUMDE_is1) (Version: 1.0 - GIANTS Software) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) MAGIX Foto Manager 10 (HKLM-x32\...\{5F2380C8-5443-40E4-8FD5-DE0AEC16B4BC}) (Version: 8.0.1.136 - MAGIX AG) Hidden MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG) MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\{340912AA-1A68-4D7F-9604-E3520FF69B98}) (Version: 10.5.0.12 - MAGIX AG) Hidden MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx_SE) (Version: 10.5.0.12 - MAGIX AG) MAGIX Online Druck Service (HKLM-x32\...\{A6338038-539C-3896-C692-1D33BBB01D46}) (Version: 1.1.0 - myphotobook GmbH) Hidden MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH) MAGIX Screenshare (HKLM-x32\...\{129D4434-B9AB-4C09-BCE1-110E6C8E10E9}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Speed burnR (MSI) (HKLM\...\{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) Hidden MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) MAGIX Video deluxe 2014 (HKLM\...\{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Hidden MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.) Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation) Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5041.1001 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla) Mozilla Thunderbird 60.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 60.0 (x86 de)) (Version: 60.0 - Mozilla) Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH) PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (HKLM-x32\...\{45FF54A4-ECD4-455D-89A2-D209737AD726}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Pošta Windows Live (HKLM-x32\...\{125D677D-7C65-4660-8E1C-68EF9F32F291}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PRE11 STI 64Installer (HKLM-x32\...\{B614E5FA-6DA4-45A1-845C-52F870240A89}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Protect Disc License Helper 1.0.125 (IE) (HKU\.DEFAULT\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc) Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc) Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd) Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Hidden SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\InstallShield_{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Sinner Kochbuch-CD (HKLM-x32\...\Sinner Kochbuch-CD) (Version: 1.0 - Computerstudio Lemmer & Ernst GmbH) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden Sounds für Video- und Foto Shows DELUXE (HKLM-x32\...\Sounds für Video- und Foto Shows DELUXE) (Version: - ) Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Versandhelfer (HKLM-x32\...\{7189F66A-1560-1573-05C9-DE53613AEA1A}) (Version: 0.9.511 - Deutsche Post AG) Hidden Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionpc.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH) WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies) WISO Mein Geld 365 Professional (HKLM-x32\...\{36C0BA39-2207-4146-BD4E-3146DF7B9147}) (Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version: - Buhl Data Service GmbH) WISO steuer:Sparbuch 2017 (HKLM-x32\...\{E2049356-A0DB-404A-A8FA-521981BE9736}) (Version: 24.00.1375 - Buhl Data Service GmbH) WISO steuer:Sparbuch 2018 (HKLM-x32\...\{2827FF45-D53F-4E56-B4A7-AB71F58A3945}) (Version: 25.00.1359 - Buhl Data Service GmbH) Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arhelger\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei CustomCLSID: HKU\S-1-5-21-2519664068-3109547711-38441924-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arhelger\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-15] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {27A9B751-54B1-4C34-80FD-671C0D15FDD5} - System32\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE [2013-11-22] (SEIKO EPSON CORPORATION) Task: {33FBFA83-E6EA-43C5-9C4F-C9BE0F7F4440} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {3975816E-C543-4A8E-97CB-45685403F54C} - System32\Tasks\{6A91FDCB-94AF-4D97-9C80-E46395E39257} => C:\Windows\system32\pcalua.exe -a "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster\12400-annihilator-v09.exe" -d "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster" Task: {41867780-87F0-41F4-93CE-27EC26702487} - System32\Tasks\AdobeAAMUpdater-1.0-Arhelger-PC-Arhelger => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated) Task: {69960CA3-BF20-46D1-A185-697EB5E88195} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {C41E458A-066F-4949-988C-ADA1DFB53FC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {C4F77D83-E9BE-4623-93C1-1EA03A7BA6B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {DAF4BB1B-2E9A-4774-9840-7DD25D2DC585} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated) Task: {E0A9F752-14E5-4F98-B6D1-AD7F21DDA114} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-16] (Adobe Systems Incorporated) Task: {E5105AE2-05D1-4016-BFCB-CF159E6BD14C} - System32\Tasks\{B0FE20F0-FF1A-43F8-A424-FE83AB4A359E} => C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe [2016-12-13] (Seiko Epson Corporation) Task: {F0560587-8336-4E42-BB5D-640F637F5D6D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-08-16] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE:/EXE:{43713E83-749E-4B66-AFC6-AA2EF8550266} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9d7ba33b467ddc1\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" --app-id=pjkljhegncpnkpknbcohdijeoejaedia ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\Jannik - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eafae96818e1883\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Sven - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-04-14 06:59 - 2006-02-23 11:35 - 000020480 _____ () C:\Windows\System32\FritzColorPort64.dll 2014-04-14 06:59 - 2006-02-22 10:39 - 000020480 _____ () C:\Windows\System32\FritzPort64.dll 2011-09-15 22:44 - 2011-09-15 22:44 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-10-09 09:30 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2011-10-07 12:23 - 2011-10-07 12:23 - 000070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe 2012-02-07 07:22 - 2012-02-07 07:22 - 000058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000029696 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Config\2.7.0.12__f722db7bec59a14b\Tvd.Config.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 000112640 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\ApricoIJW.dll 2012-02-07 07:22 - 2012-02-07 07:22 - 006936576 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\axelspringer.dll 2011-09-15 22:44 - 2011-09-15 22:44 - 000103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2011-09-15 23:00 - 2011-09-15 23:00 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2018-08-20 13:20 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-08-20 13:20 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-04-07 06:42 - 2016-04-13 13:18 - 000178968 _____ () C:\ProgramData\Software\CC\sse.dll 2017-04-07 06:55 - 2017-11-25 14:40 - 000131072 _____ () C:\ProgramData\NFS\nfccapi.dll 2017-04-07 06:55 - 2017-11-25 14:40 - 000376832 _____ () C:\ProgramData\NFS\protflt.dll 2017-04-07 06:42 - 2016-10-31 14:08 - 000249456 _____ () C:\ProgramData\Software\CC\v2\wdrvhook.dll 2018-08-21 21:04 - 2018-08-21 21:04 - 000864112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\kpcengine.2.3.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData:BDSDRMHK [64] AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64] AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64] AlternateDataStreams: C:\Users\Public\AppData:CSM [232] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arhelger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\Control Panel\Desktop\\Wallpaper -> C:\Users\Arhelger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2519664068-3109547711-38441924-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2519664068-3109547711-38441924-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054854389\Control Panel\Desktop\\Wallpaper -> C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.0 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{5D361A38-5498-4331-B111-132C538EC5B9}] => (Allow) E:\fsetup.exe FirewallRules: [{A00308AE-8E41-48B4-A796-05F7A7EC7482}] => (Allow) E:\fsetup.exe FirewallRules: [{CE46EE81-7714-42C7-8041-69C83EA8436F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{765D66BE-F09F-4923-A789-38D494A6121A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{DFE9DC56-7B3D-4AAC-B46A-52D0B8A9AF61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{63F90E36-F39A-495D-A93A-C5A52DD66F78}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{FC1FA289-2AA2-4D6F-8F1E-0519695C58F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe FirewallRules: [{B5090DE8-9AF7-49CF-9BC6-822239F6B4D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe FirewallRules: [{7D7A3876-BD96-47E2-87A1-B40AEF6D0FB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe FirewallRules: [{F97EAD12-3756-4A61-A1F5-E03A9F45DD25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{B44A455B-4183-466D-A13C-4E3AB9CB91CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{4B0C2595-2171-435C-BCC2-62C5DF32776D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{5E4AE683-1F68-4FA4-A7F3-F5BDE57F653F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{16B70705-EC2B-4A58-8BDC-21B71DBBEF90}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{36FC00FA-A056-40DC-8E6F-2F5157443BA8}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{64842565-BBC4-4E8B-A5E4-A528247576F0}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe FirewallRules: [{9EE153AF-E7BD-41D5-9FD9-1EA4C886D48C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{16C08C33-DD75-4EAD-86FE-A6AC7F47B91A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe FirewallRules: [{518C6F44-A86C-4DA1-9C2E-DA80D1E33C86}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe FirewallRules: [{D27684F6-43EC-416A-AA16-617A3C6FC155}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe FirewallRules: [{7EA9C506-8B8F-4FA3-899C-7B53B73652D7}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe FirewallRules: [{D4F457AE-F913-44AD-B940-08685D9388AB}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe FirewallRules: [{3A0307A1-6B13-4CF0-BFFE-39FEE3331263}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{1032E88E-BCBA-4B4D-BAA4-BE28ED64843D}] => (Allow) LPort=2869 FirewallRules: [{58FBDCE0-332E-4594-8624-478516053E1F}] => (Allow) LPort=1900 FirewallRules: [{417C6553-2C5E-4570-812F-E8969030A2E2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{BD892735-C166-45B0-806E-20961954A31B}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe FirewallRules: [{ACBA402D-1CE4-42C4-8C4B-A2895D305F5F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe FirewallRules: [{9C39DC11-AF1E-4875-8125-B9531BB85880}] => (Allow) LPort=8743 FirewallRules: [{A956D535-DF15-498C-909B-10A0527A61B0}] => (Allow) LPort=8643 FirewallRules: [{20CBC063-52F8-4F25-90DB-8EF17FE8F5D5}] => (Allow) LPort=7676 FirewallRules: [{29A60709-655D-40F7-8A78-E3375B7F2FA8}] => (Allow) LPort=7679 FirewallRules: [{96144A4C-86AC-473F-8F51-7FE4CF1E1350}] => (Allow) LPort=24234 FirewallRules: [{5CD6ACFA-6713-4F62-B336-36C2AED59855}] => (Allow) LPort=7900 FirewallRules: [{2CCB2DBC-F498-417F-A996-B3ED6D58D53B}] => (Allow) LPort=1900 FirewallRules: [{47FF4180-27FE-4A39-9C9D-71697001C15E}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe FirewallRules: [{F49484E6-540A-42F6-8FC8-7D9C916003ED}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe FirewallRules: [{02474A9C-02D2-4DA8-B3DA-00DA33909D4D}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe FirewallRules: [{52B440E1-C299-4448-AA20-D31560AD999F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe FirewallRules: [{18DD90AA-0FAB-48FD-92BE-B6B59BC6F2F6}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{98C608F0-EF9F-43CF-9762-1CC95025E450}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [TCP Query User{ACB93035-9656-42CF-81D6-4CABF9077D0F}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [UDP Query User{0E59C1ED-2482-4C3F-AFA5-8C7BD65B3B47}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [{A870AFC8-A03C-4D46-A553-14FF7207E1AB}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [{B33558FD-473A-49EB-BC63-F6149C275D5E}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe FirewallRules: [TCP Query User{E52A09B1-7344-4E4B-A3F2-D203296262D1}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [UDP Query User{54F8861F-374D-4D90-8FAE-82061F8A4AE0}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [TCP Query User{DF63CED5-6898-4B8A-B135-FFE85EB22B82}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [UDP Query User{C1981E0B-04CF-498E-8AAA-F4C64BF8689F}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe FirewallRules: [{45AD1EAE-E04A-464E-AF72-58D0B56B602B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{F0AD9EB0-A809-49C8-BDAB-C14A9211EE2C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{CD173555-A1AF-47D4-9121-89397355486C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{DE6FA034-B2F9-4186-87C7-E4E4AE83839D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{760E7544-CC9D-4960-A00E-CF8C3A481CE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 22-08-2018 13:34:27 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Microsoft-Teredo-Tunneling-Adapter Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/24/2018 05:50:05 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce85b ID des fehlerhaften Prozesses: 0x1ba0 Startzeit der fehlerhaften Anwendung: 0x01d43b5d88610ddf Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: c8b911cf-a750-11e8-93f0-e0b9a5d47ad7 Error: (08/24/2018 05:45:08 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/23/2018 12:50:16 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/23/2018 12:38:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce85b ID des fehlerhaften Prozesses: 0x1ea0 Startzeit der fehlerhaften Anwendung: 0x01d43acd7799a6f5 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: b684b998-a6c0-11e8-a1bd-e0b9a5d47ad7 Error: (08/23/2018 12:33:56 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/23/2018 05:37:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce85b ID des fehlerhaften Prozesses: 0x1070 Startzeit der fehlerhaften Anwendung: 0x01d43a92926aca26 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: e58f24fc-a685-11e8-9e63-e0b9a5d47ad7 Error: (08/23/2018 05:32:34 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (08/22/2018 08:39:14 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Systemfehler: ============= Error: (08/24/2018 05:50:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error: (08/24/2018 05:46:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: sfdrv01a sfsync04 Error: (08/24/2018 05:46:06 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: Arhelger-PC) Description: Fehler bei der Verarbeitung der Gruppenrichtlinie. Es wurde versucht, registrierungsbasierte Richtlinieneinstellungen für das Gruppenrichtlinienobjekt "LocalGPO-S-1-5-21-2519664068-3109547711-38441924-1001" zu lesen. Die Gruppenrichtlinieneinstellungen dürfen nicht erzwungen werden, bis dieses Ereignis behoben ist. Weitere Informationen über den Dateinamen und -pfad, der den Fehler verursacht hat, können den Ereignisdetails entnommen werden. Error: (08/24/2018 05:45:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (08/24/2018 05:45:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht. Error: (08/24/2018 05:43:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Automatische WLAN-Konfiguration" wurde nicht richtig gestartet. Error: (08/24/2018 05:43:40 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Automatische Konfiguration (verkabelt)" wurde nicht richtig gestartet. Error: (08/24/2018 05:43:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioEndpointBuilder erreicht. CodeIntegrity: =================================== Date: 2015-02-12 06:03:46.313 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 06:03:46.250 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 05:51:58.542 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-12 05:51:58.480 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:13:06.691 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:13:06.676 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:11:24.261 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-12 18:11:24.246 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: AMD A8-3820 APU with Radeon(tm) HD Graphics Prozentuale Nutzung des RAM: 70% Installierter physikalischer RAM: 3576.13 MB Verfügbarer physikalischer RAM: 1071.23 MB Summe virtueller Speicher: 7150.45 MB Verfügbarer virtueller Speicher: 4195.21 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:409.76 GB) NTFS Drive d: (Recover) (Fixed) (Total:50 GB) (Free:48.77 GB) NTFS \\?\Volume{bc107e45-5195-11e1-bc72-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== Ende von Addition.txt ============================ |
24.08.2018, 19:47 | #13 |
/// TB-Ausbilder | Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Servus, Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
24.08.2018, 20:07 | #14 |
| Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Hallo, hier das Ergebnis von TDSSKiller: Code:
ATTFilter 21:02:12.0531 0x23f0 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17 21:02:30.0884 0x23f0 ============================================================ 21:02:30.0884 0x23f0 Current date / time: 2018/08/24 21:02:30.0884 21:02:30.0884 0x23f0 SystemInfo: 21:02:30.0884 0x23f0 21:02:30.0884 0x23f0 OS Version: 6.1.7601 ServicePack: 1.0 21:02:30.0884 0x23f0 Product type: Workstation 21:02:30.0900 0x23f0 ComputerName: ARHELGER-PC 21:02:30.0900 0x23f0 UserName: Arhelger 21:02:30.0900 0x23f0 Windows directory: C:\Windows 21:02:30.0900 0x23f0 System windows directory: C:\Windows 21:02:30.0900 0x23f0 Running under WOW64 21:02:30.0900 0x23f0 Processor architecture: Intel x64 21:02:30.0900 0x23f0 Number of processors: 4 21:02:30.0900 0x23f0 Page size: 0x1000 21:02:30.0900 0x23f0 Boot type: Normal boot 21:02:30.0900 0x23f0 CodeIntegrityOptions = 0x00000001 21:02:30.0900 0x23f0 ============================================================ 21:02:36.0969 0x23f0 KLMD registered as C:\Windows\system32\drivers\22701369.sys 21:02:36.0969 0x23f0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23915, osProperties = 0x1 21:02:39.0169 0x23f0 System UUID: {8F458E77-B195-5AC9-FDBC-9D9E21085F9A} 21:02:40.0183 0x23f0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 21:02:40.0230 0x23f0 ============================================================ 21:02:40.0230 0x23f0 \Device\Harddisk0\DR0: 21:02:40.0261 0x23f0 MBR partitions: 21:02:40.0261 0x23f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 21:02:40.0261 0x23f0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6E0D3800 21:02:40.0261 0x23f0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6E106000, BlocksNum 0x6400000 21:02:40.0261 0x23f0 ============================================================ 21:02:40.0354 0x23f0 C: <-> \Device\Harddisk0\DR0\Partition2 21:02:40.0432 0x23f0 D: <-> \Device\Harddisk0\DR0\Partition3 21:02:40.0432 0x23f0 ============================================================ 21:02:40.0432 0x23f0 Initialize success 21:02:40.0432 0x23f0 ============================================================ 21:04:06.0226 0x23a4 ============================================================ 21:04:06.0226 0x23a4 Scan started 21:04:06.0226 0x23a4 Mode: Manual; SigCheck; TDLFS; 21:04:06.0226 0x23a4 ============================================================ 21:04:06.0226 0x23a4 KSN ping started 21:04:27.0269 0x23a4 KSN ping finished: true 21:04:31.0013 0x23a4 ================ Scan system memory ======================== 21:04:31.0013 0x23a4 System memory - ok 21:04:31.0013 0x23a4 ================ Scan services ============================= 21:04:31.0153 0x23a4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:04:31.0278 0x23a4 1394ohci - ok 21:04:31.0356 0x23a4 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys 21:04:31.0418 0x23a4 acedrv11 - ok 21:04:31.0434 0x23a4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:04:31.0465 0x23a4 ACPI - ok 21:04:31.0496 0x23a4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:04:31.0559 0x23a4 AcpiPmi - ok 21:04:31.0777 0x23a4 [ BF3818B441955E4D438EC72F06F1FE61, 091A80D6A8887B4B5AFF8D12CB5A96AF4A04B125C13BED815B3A776778CD3190 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe 21:04:31.0793 0x23a4 AdobeActiveFileMonitor11.0 - ok 21:04:31.0871 0x23a4 [ AE86FE2A70C377C0F1AD5B20E66F4C2F, EE5BABAA9AFF720DE6599A4F33A44A01D291F642F1FFBD428E273CB06CEABE50 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:04:31.0918 0x23a4 AdobeARMservice - ok 21:04:32.0042 0x23a4 [ 0D826CA15244F7916FADC73B4A3BF52F, 490BF7633D37D3DADDF5E00F53C3FB382DDD4437A0F40D5EFDDF87474BDA200E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:04:32.0089 0x23a4 AdobeFlashPlayerUpdateSvc - ok 21:04:32.0136 0x23a4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:04:32.0167 0x23a4 adp94xx - ok 21:04:32.0214 0x23a4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:04:32.0230 0x23a4 adpahci - ok 21:04:32.0261 0x23a4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:04:32.0276 0x23a4 adpu320 - ok 21:04:32.0354 0x23a4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:04:32.0386 0x23a4 AeLookupSvc - ok 21:04:32.0464 0x23a4 [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys 21:04:32.0526 0x23a4 AFD - ok 21:04:32.0573 0x23a4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 21:04:32.0588 0x23a4 agp440 - ok 21:04:32.0620 0x23a4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 21:04:32.0651 0x23a4 ALG - ok 21:04:32.0682 0x23a4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 21:04:32.0698 0x23a4 aliide - ok 21:04:32.0776 0x23a4 [ 3349F39F53993CEE03A6EDCC1F7B8242, 6B87590C9FF76F2252E99F554C7C3B813E3F1D2003EA7CE1D6A8B2F33932A161 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 21:04:32.0822 0x23a4 AMD External Events Utility - ok 21:04:32.0900 0x23a4 AMD FUEL Service - ok 21:04:32.0932 0x23a4 [ F1A84D67A03F7536EBDA9DB426EF0E00, 616F34041CA837706B0EC566C75AB28C9426998E049CE8EE8E628880422F3ABB ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys 21:04:32.0947 0x23a4 amdhub30 - ok 21:04:32.0963 0x23a4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 21:04:32.0978 0x23a4 amdide - ok 21:04:33.0025 0x23a4 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\drivers\amdiox64.sys 21:04:33.0041 0x23a4 amdiox64 - ok 21:04:33.0072 0x23a4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:04:33.0088 0x23a4 AmdK8 - ok 21:04:33.0478 0x23a4 [ 579B3E8C7B599815A4E615FD21E651F0, BD0E9DACC8E22BB4FB2527FAD807271E29AC1F8CC23B21902F6F380D8CDC1A88 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 21:04:33.0852 0x23a4 amdkmdag - ok 21:04:34.0070 0x23a4 [ 77E54953A21E9E7CC316006E3DBAA7B9, D6D9CCD7D1932FBBAE1E23B37A87F8B430F7A000FC8F5C389B00EFDD78064C3F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 21:04:34.0133 0x23a4 amdkmdap - ok 21:04:34.0180 0x23a4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 21:04:34.0196 0x23a4 AmdPPM - ok 21:04:34.0243 0x23a4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:04:34.0259 0x23a4 amdsata - ok 21:04:34.0290 0x23a4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:04:34.0305 0x23a4 amdsbs - ok 21:04:34.0321 0x23a4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:04:34.0337 0x23a4 amdxata - ok 21:04:34.0399 0x23a4 [ D8C25FF90E2E8FC7CBE26E2203EC4757, D1F52DEE2A799E526818A683BCB0DA5B5A3A0B119334D5988888E319719C4943 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys 21:04:34.0415 0x23a4 amdxhc - ok 21:04:34.0430 0x23a4 [ BB4FE7889DB9CBBE61A308E99697F53C, 0B6B301EC8C2B9CBDBAEEBC54E3D3E6FE6A3A51F71E75FFE71AE30ADF8FC5E23 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys 21:04:34.0446 0x23a4 amd_sata - ok 21:04:34.0539 0x23a4 [ 5631CBA53F1CBEA3F9E88348E6723391, 5F20FF4F651733A097990DDC3748CD00F3310B0B55BC975FA3654CDA740E0A3D ] amd_xata C:\Windows\system32\drivers\amd_xata.sys 21:04:34.0555 0x23a4 amd_xata - ok 21:04:34.0602 0x23a4 [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys 21:04:34.0617 0x23a4 Apowersoft_AudioDevice - ok 21:04:34.0680 0x23a4 [ C16B5B379A2A79702CC5FF923EAAE3FD, FD6A1E3C46282CF77AFA9FB4B4ACE2DB6295DFB0C69EA07BE7160538041CDB2F ] AppID C:\Windows\system32\drivers\appid.sys 21:04:34.0758 0x23a4 AppID - ok 21:04:34.0773 0x23a4 [ 5152D6B29C61EF59537DBDA92BFE2978, 6D426A0FEE016A8899ADE864DD84BE019C5B5DB7E1DB295ED720239877FCB3EF ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:04:34.0805 0x23a4 AppIDSvc - ok 21:04:34.0851 0x23a4 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll 21:04:34.0883 0x23a4 Appinfo - ok 21:04:34.0914 0x23a4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 21:04:34.0929 0x23a4 arc - ok 21:04:34.0961 0x23a4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:04:34.0976 0x23a4 arcsas - ok 21:04:35.0132 0x23a4 [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 21:04:35.0226 0x23a4 aspnet_state - ok 21:04:35.0304 0x23a4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:04:35.0335 0x23a4 AsyncMac - ok 21:04:35.0366 0x23a4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 21:04:35.0382 0x23a4 atapi - ok 21:04:35.0444 0x23a4 [ EE672EACF3CBEDAB390E0655BF5A11AB, DFAFB55584CED9ECF499067D113F81BE51D492627FD36784C4BED06AE0BECC52 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 21:04:35.0460 0x23a4 AtiHDAudioService - ok 21:04:35.0569 0x23a4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:04:35.0616 0x23a4 AudioEndpointBuilder - ok 21:04:35.0647 0x23a4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:04:35.0678 0x23a4 AudioSrv - ok 21:04:35.0865 0x23a4 [ BD39D7CFD9D6A73396B618113A8E8D57, E78FC40AE8107F9E65D484332B1AB3FE3BB21BE0D723B31EE869CA82D678CBE1 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys 21:04:36.0021 0x23a4 avmaudio - ok 21:04:36.0068 0x23a4 [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura C:\Windows\system32\DRIVERS\avmaura.sys 21:04:36.0131 0x23a4 avmaura - ok 21:04:36.0177 0x23a4 [ 3004DC0D3A30F86D440681DC043F36AA, A3DBBBAEF94C44B316F6D96E55892DF88EA4A36F589CC1DC1CD254BC5DAF281C ] AVMPowerlineService C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe 21:04:36.0209 0x23a4 AVMPowerlineService - detected UnsignedFile.Multi.Generic ( 1 ) 21:04:37.0815 0x23a4 Detect skipped due to KSN trusted 21:04:37.0815 0x23a4 AVMPowerlineService - ok 21:04:37.0925 0x23a4 [ E5D432E9BCEB5CB71B71258F1046DD67, D570C986831DD9CF77C8A6B120F6D527FEA9C3D6A3B304E3EA986F7A83CB1D3C ] AVP19.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe 21:04:37.0971 0x23a4 AVP19.0.0 - ok 21:04:38.0018 0x23a4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:04:38.0065 0x23a4 AxInstSV - ok 21:04:38.0112 0x23a4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:04:38.0159 0x23a4 b06bdrv - ok 21:04:38.0190 0x23a4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:04:38.0252 0x23a4 b57nd60a - ok 21:04:38.0283 0x23a4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 21:04:38.0315 0x23a4 BDESVC - ok 21:04:38.0346 0x23a4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 21:04:38.0393 0x23a4 Beep - ok 21:04:38.0439 0x23a4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 21:04:38.0502 0x23a4 BFE - ok 21:04:38.0580 0x23a4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 21:04:38.0720 0x23a4 BITS - ok 21:04:38.0751 0x23a4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 21:04:38.0798 0x23a4 blbdrive - ok 21:04:38.0814 0x23a4 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:04:38.0876 0x23a4 bowser - ok 21:04:38.0923 0x23a4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:04:38.0954 0x23a4 BrFiltLo - ok 21:04:38.0985 0x23a4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:04:39.0001 0x23a4 BrFiltUp - ok 21:04:39.0032 0x23a4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 21:04:39.0048 0x23a4 Browser - ok 21:04:39.0079 0x23a4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:04:39.0141 0x23a4 Brserid - ok 21:04:39.0157 0x23a4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:04:39.0204 0x23a4 BrSerWdm - ok 21:04:39.0219 0x23a4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:04:39.0266 0x23a4 BrUsbMdm - ok 21:04:39.0297 0x23a4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:04:39.0313 0x23a4 BrUsbSer - ok 21:04:39.0375 0x23a4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 21:04:39.0438 0x23a4 BthEnum - ok 21:04:39.0469 0x23a4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:04:39.0516 0x23a4 BTHMODEM - ok 21:04:39.0563 0x23a4 [ 5A8951D195AFEF979C4AB02A129EBC37, 48FD4A921E51B6DD306A1248EB9A1A6AEC5F59E49528423BF2F40600B3AF1D08 ] BthPan C:\Windows\system32\drivers\bthpan.sys 21:04:39.0625 0x23a4 BthPan - ok 21:04:39.0656 0x23a4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 21:04:39.0703 0x23a4 BTHPORT - ok 21:04:39.0719 0x23a4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 21:04:39.0781 0x23a4 bthserv - ok 21:04:39.0812 0x23a4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 21:04:39.0843 0x23a4 BTHUSB - ok 21:04:40.0639 0x23a4 [ F374694B9FA0FA88C9BBCFB1167E2D70, 13B827DF97679FD9B8D319B10F50E2BA623C1E7D73CE0BFE99C1BE4FD771CE13 ] CC-Updater C:\Windows\cc\WinCtlSvc.exe 21:04:40.0982 0x23a4 CC-Updater - detected UnsignedFile.Multi.Generic ( 1 ) 21:04:42.0607 0x23a4 Detect skipped due to KSN trusted 21:04:42.0607 0x23a4 CC-Updater - ok 21:04:42.0716 0x23a4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:04:42.0856 0x23a4 cdfs - ok 21:04:43.0059 0x23a4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:04:43.0121 0x23a4 cdrom - ok 21:04:43.0153 0x23a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 21:04:43.0184 0x23a4 CertPropSvc - ok 21:04:43.0246 0x23a4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 21:04:43.0293 0x23a4 circlass - ok 21:04:43.0355 0x23a4 [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS C:\Windows\system32\CLFS.sys 21:04:43.0387 0x23a4 CLFS - ok 21:04:43.0652 0x23a4 [ 1C0DD335FE0E3AE4A8244EF6D6BD6347, F02C96B811027107F954FC8259319860BD9CD16601A93899A4BD69E77AADC6FA ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 21:04:43.0777 0x23a4 ClickToRunSvc - ok 21:04:43.0839 0x23a4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:04:43.0886 0x23a4 clr_optimization_v2.0.50727_32 - ok 21:04:44.0042 0x23a4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:04:44.0073 0x23a4 clr_optimization_v2.0.50727_64 - ok 21:04:44.0198 0x23a4 [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:04:44.0447 0x23a4 clr_optimization_v4.0.30319_32 - ok 21:04:44.0572 0x23a4 [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:04:44.0962 0x23a4 clr_optimization_v4.0.30319_64 - ok 21:04:45.0071 0x23a4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 21:04:45.0103 0x23a4 CmBatt - ok 21:04:45.0212 0x23a4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:04:45.0243 0x23a4 cmdide - ok 21:04:45.0539 0x23a4 [ A9E736A8187CAE2F6B915F96C774AAB8, DFBCD2ED51BB5F5A9D2B2EC341DE36250A05B5FE094A7219B16E8CE2DCAAF4FE ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys 21:04:45.0649 0x23a4 cm_km - ok 21:04:45.0727 0x23a4 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys 21:04:45.0805 0x23a4 CNG - ok 21:04:45.0836 0x23a4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:04:45.0851 0x23a4 Compbatt - ok 21:04:45.0883 0x23a4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 21:04:45.0914 0x23a4 CompositeBus - ok 21:04:45.0929 0x23a4 COMSysApp - ok 21:04:46.0210 0x23a4 cpuz134 - ok 21:04:46.0319 0x23a4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:04:46.0366 0x23a4 crcdisk - ok 21:04:46.0475 0x23a4 [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:04:46.0507 0x23a4 CryptSvc - ok 21:04:47.0084 0x23a4 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 21:04:47.0131 0x23a4 cvhsvc - ok 21:04:47.0474 0x23a4 [ BD989CFC6E296373A7EA59514E17A199, 2259B966B8780B08EF6B8E27039C8125D5A751E3C01AB92F20E77F5467B40DEC ] DBService C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe 21:04:47.0614 0x23a4 DBService - detected UnsignedFile.Multi.Generic ( 1 ) 21:04:49.0252 0x23a4 Detect skipped due to KSN trusted 21:04:49.0252 0x23a4 DBService - ok 21:04:49.0330 0x23a4 [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:04:49.0393 0x23a4 DcomLaunch - ok 21:04:49.0439 0x23a4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 21:04:49.0486 0x23a4 defragsvc - ok 21:04:49.0533 0x23a4 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:04:49.0549 0x23a4 DfsC - ok 21:04:49.0611 0x23a4 [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 21:04:49.0642 0x23a4 dg_ssudbus - ok 21:04:49.0720 0x23a4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 21:04:49.0751 0x23a4 Dhcp - ok 21:04:49.0892 0x23a4 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll 21:04:49.0985 0x23a4 DiagTrack - ok 21:04:50.0017 0x23a4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 21:04:50.0065 0x23a4 discache - ok 21:04:50.0112 0x23a4 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys 21:04:50.0143 0x23a4 Disk - ok 21:04:50.0190 0x23a4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:04:50.0268 0x23a4 Dnscache - ok 21:04:50.0346 0x23a4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 21:04:50.0487 0x23a4 dot3svc - ok 21:04:50.0518 0x23a4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 21:04:50.0549 0x23a4 DPS - ok 21:04:50.0580 0x23a4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:04:50.0689 0x23a4 drmkaud - ok 21:04:50.0799 0x23a4 [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:04:50.0845 0x23a4 DXGKrnl - ok 21:04:50.0877 0x23a4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 21:04:50.0939 0x23a4 EapHost - ok 21:04:51.0048 0x23a4 [ 684D2F465DFA098CE7DB76D9084D9AC9, C769C66EA6133C249F126CB9A7EE40332D44753A7D06D6218E4B0EC8F2ADE906 ] EasyAntiCheat C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe 21:04:51.0177 0x23a4 EasyAntiCheat - ok 21:04:51.0317 0x23a4 [ 78AC59B45CFBFCC68DA7D397D6819D03, C423C3A49D8F9BF931C694309AA982A2A554E7F2CEEC44F9AA1C13F98F9D6FBF ] EasyAntiCheatSys C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys 21:04:51.0380 0x23a4 EasyAntiCheatSys - ok 21:04:51.0598 0x23a4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:04:51.0801 0x23a4 ebdrv - ok 21:04:51.0863 0x23a4 [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] EFS C:\Windows\System32\lsass.exe 21:04:51.0895 0x23a4 EFS - ok 21:04:51.0957 0x23a4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:04:52.0051 0x23a4 ehRecvr - ok 21:04:52.0066 0x23a4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 21:04:52.0129 0x23a4 ehSched - ok 21:04:52.0175 0x23a4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:04:52.0207 0x23a4 elxstor - ok 21:04:52.0269 0x23a4 [ 859DF918E0B44E764D394E940C4717AD, 818E6C4D08FCDCA9B2B90EDE68E093359A03E20F368B4484618FC356700DB125 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe 21:04:52.0285 0x23a4 EpsonScanSvc - ok 21:04:52.0378 0x23a4 [ 86032A47AD0105130FE7808C903E2086, ACCCA35483B7E8F9FC72A65031E024C469DF94FCCF2C5CC37C9B3BED4F1C676E ] EPSON_PM_RPCV4_06 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE 21:04:52.0394 0x23a4 EPSON_PM_RPCV4_06 - ok 21:04:52.0425 0x23a4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:04:52.0441 0x23a4 ErrDev - ok 21:04:52.0534 0x23a4 [ 1E01F509048BEF78831AC89401B172BD, 34558F56D9AEA8527B84B2BE2A752D181A5D825622EB4B90D454F6D4F971BFED ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys 21:04:52.0565 0x23a4 ESProtectionDriver - ok 21:04:52.0612 0x23a4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 21:04:52.0675 0x23a4 EventSystem - ok 21:04:52.0737 0x23a4 [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys 21:04:52.0815 0x23a4 exfat - ok 21:04:52.0831 0x23a4 Fabs - ok 21:04:52.0864 0x23a4 [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:04:52.0911 0x23a4 fastfat - ok 21:04:52.0957 0x23a4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 21:04:53.0004 0x23a4 Fax - ok 21:04:53.0051 0x23a4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 21:04:53.0051 0x23a4 fdc - ok 21:04:53.0082 0x23a4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 21:04:53.0176 0x23a4 fdPHost - ok 21:04:53.0191 0x23a4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 21:04:53.0238 0x23a4 FDResPub - ok 21:04:53.0254 0x23a4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:04:53.0269 0x23a4 FileInfo - ok 21:04:53.0285 0x23a4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:04:53.0347 0x23a4 Filetrace - ok 21:04:53.0488 0x23a4 [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe 21:04:53.0581 0x23a4 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 ) 21:04:55.0206 0x23a4 Detect skipped due to KSN trusted 21:04:55.0206 0x23a4 FirebirdServerMAGIXInstance - ok 21:04:55.0268 0x23a4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:04:55.0299 0x23a4 flpydisk - ok 21:04:55.0362 0x23a4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:04:55.0409 0x23a4 FltMgr - ok 21:04:55.0565 0x23a4 [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache C:\Windows\system32\FntCache.dll 21:04:55.0658 0x23a4 FontCache - ok 21:04:55.0752 0x23a4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:04:55.0783 0x23a4 FontCache3.0.0.0 - ok 21:04:55.0799 0x23a4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:04:55.0814 0x23a4 FsDepends - ok 21:04:55.0861 0x23a4 [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 21:04:55.0923 0x23a4 fssfltr - ok 21:04:56.0142 0x23a4 [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 21:04:56.0235 0x23a4 fsssvc - ok 21:04:56.0267 0x23a4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:04:56.0267 0x23a4 Fs_Rec - ok 21:04:56.0329 0x23a4 [ 13799CB7521A39724FFDEA2E5D9C8305, 14FDF6273CEAD3E4E391F538D0FF4E3E258FC34B1B1074C73B72961E640377E0 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys 21:04:56.0376 0x23a4 FTDIBUS - ok 21:04:56.0407 0x23a4 [ F1544BBC7E08BB5B9E9E97996C3FA04B, 2D998E4DCF7EA918B537119583BE678121148DB314BDC338925D8588A30F4BE0 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys 21:04:56.0454 0x23a4 FTSER2K - ok 21:04:56.0532 0x23a4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:04:56.0579 0x23a4 fvevol - ok 21:04:56.0594 0x23a4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:04:56.0610 0x23a4 gagp30kx - ok 21:04:56.0657 0x23a4 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll 21:04:56.0922 0x23a4 gpsvc - ok 21:04:57.0187 0x23a4 [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\Windows\system32\drivers\grmnusb.sys 21:04:57.0296 0x23a4 grmnusb - ok 21:04:57.0359 0x23a4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:04:57.0374 0x23a4 gupdate - ok 21:04:57.0390 0x23a4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:04:57.0405 0x23a4 gupdatem - ok 21:04:57.0483 0x23a4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 21:04:57.0530 0x23a4 gusvc - ok 21:04:57.0577 0x23a4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:04:57.0639 0x23a4 hcw85cir - ok 21:04:57.0702 0x23a4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:04:57.0749 0x23a4 HdAudAddService - ok 21:04:57.0795 0x23a4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 21:04:57.0827 0x23a4 HDAudBus - ok 21:04:57.0889 0x23a4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:04:57.0983 0x23a4 HidBatt - ok 21:04:58.0014 0x23a4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:04:58.0045 0x23a4 HidBth - ok 21:04:58.0076 0x23a4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 21:04:58.0092 0x23a4 HidIr - ok 21:04:58.0139 0x23a4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 21:04:58.0185 0x23a4 hidserv - ok 21:04:58.0263 0x23a4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:04:58.0310 0x23a4 HidUsb - ok 21:04:58.0326 0x23a4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:04:58.0373 0x23a4 hkmsvc - ok 21:04:58.0404 0x23a4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:04:58.0419 0x23a4 HomeGroupListener - ok 21:04:58.0451 0x23a4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:04:58.0466 0x23a4 HomeGroupProvider - ok 21:04:58.0576 0x23a4 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 21:04:58.0592 0x23a4 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 ) 21:05:00.0417 0x23a4 Detect skipped due to KSN trusted 21:05:00.0417 0x23a4 hpqcxs08 - ok 21:05:00.0448 0x23a4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:05:00.0495 0x23a4 HpSAMD - ok 21:05:00.0589 0x23a4 [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:05:00.0792 0x23a4 HTTP - ok 21:05:00.0838 0x23a4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:05:00.0854 0x23a4 hwpolicy - ok 21:05:00.0901 0x23a4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 21:05:00.0916 0x23a4 i8042prt - ok 21:05:00.0979 0x23a4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:05:01.0010 0x23a4 iaStorV - ok 21:05:01.0104 0x23a4 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 21:05:01.0135 0x23a4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 21:05:02.0788 0x23a4 Detect skipped due to KSN trusted 21:05:02.0788 0x23a4 IDriverT - ok 21:05:02.0913 0x23a4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:05:02.0991 0x23a4 idsvc - ok 21:05:03.0022 0x23a4 IEEtwCollectorService - ok 21:05:03.0303 0x23a4 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 21:05:03.0553 0x23a4 igfx - ok 21:05:03.0615 0x23a4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:05:03.0646 0x23a4 iirsp - ok 21:05:03.0740 0x23a4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 21:05:03.0802 0x23a4 IKEEXT - ok 21:05:03.0958 0x23a4 [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 21:05:04.0208 0x23a4 IntcAzAudAddService - ok 21:05:04.0333 0x23a4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 21:05:04.0380 0x23a4 intelide - ok 21:05:04.0504 0x23a4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 21:05:04.0551 0x23a4 intelppm - ok 21:05:04.0660 0x23a4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:05:04.0723 0x23a4 IPBusEnum - ok 21:05:04.0863 0x23a4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:05:04.0972 0x23a4 IpFilterDriver - ok 21:05:05.0097 0x23a4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:05:05.0253 0x23a4 iphlpsvc - ok 21:05:05.0362 0x23a4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:05:05.0409 0x23a4 IPMIDRV - ok 21:05:05.0440 0x23a4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:05:05.0503 0x23a4 IPNAT - ok 21:05:05.0534 0x23a4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:05:05.0581 0x23a4 IRENUM - ok 21:05:05.0628 0x23a4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:05:05.0643 0x23a4 isapnp - ok 21:05:05.0690 0x23a4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:05:05.0706 0x23a4 iScsiPrt - ok 21:05:05.0752 0x23a4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:05:05.0768 0x23a4 kbdclass - ok 21:05:05.0799 0x23a4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:05:05.0815 0x23a4 kbdhid - ok 21:05:05.0815 0x23a4 [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] KeyIso C:\Windows\system32\lsass.exe 21:05:05.0830 0x23a4 KeyIso - ok 21:05:05.0893 0x23a4 [ 169272E71198BF7AFEFC5D7C5D928EDA, DD040485C68D39939517EF1047501DBCF0B4BF301CF2BC686D72BFE157C792F4 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 21:05:05.0924 0x23a4 kl1 - ok 21:05:05.0955 0x23a4 [ 424146EC434A4DA36F00512F7FE3CBEC, 9FCF7079B19C3CB7C12FC2F2D6D202FEF5117F0BFB7F147A150ADC86A4A79C7E ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys 21:05:05.0986 0x23a4 klbackupdisk - ok 21:05:06.0049 0x23a4 [ 5E1D689F31632B07CC2324E748C1A999, F7A10B40B04D9145355497E0D942F2F7FFDC9C5D2EBB01DE8224DDDC44BEB140 ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys 21:05:06.0064 0x23a4 klbackupflt - ok 21:05:06.0127 0x23a4 [ 739A56AA19474B6F38EC1A0EA087B774, 533C7D015257E1A0565E475B59C29C3EA31E11096D3EED764EF2D4A883448EEE ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys 21:05:06.0189 0x23a4 kldisk - ok 21:05:06.0252 0x23a4 [ E282FAEEC2C5F83C922CDA0134D03995, 45E2A466F3881B821E143C524BF0D3C0B9A232CF764D823F632B84F0A07DF3B6 ] klflt C:\Windows\system32\DRIVERS\klflt.sys 21:05:06.0283 0x23a4 klflt - ok 21:05:06.0330 0x23a4 [ 5257998857707DA4BCC86420CDDFED18, C4DC3CB2F807CF094010A147FAE736C3B7E9E3F9C4F41030A7CE26ADF4B229AC ] klhk C:\Windows\system32\DRIVERS\klhk.sys 21:05:06.0408 0x23a4 klhk - ok 21:05:06.0470 0x23a4 [ 5165F284BCBD8F43A6F625512D55BABE, CED66D0A7B69D6FB7819E6E3F48F28BA583AF31ED974B59F2D8E863138696EDD ] KLIF C:\Windows\system32\DRIVERS\klif.sys 21:05:06.0532 0x23a4 KLIF - ok 21:05:06.0548 0x23a4 [ AAC68576EF93EF1BD17FE0B777D411E0, 40FD272F9876223BB0439085F5B07D53D4FC6CC2468583542428D8389335F120 ] klim6 C:\Windows\system32\DRIVERS\klim6.sys 21:05:06.0579 0x23a4 klim6 - ok 21:05:06.0579 0x23a4 [ 9D42BBF1BDB28AF1927BAA0A73647BF3, 2106045B7ADF552B788D364AD9E8776F09C58FBAD1AE51ECC90B35A26F2D74B3 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 21:05:06.0595 0x23a4 klkbdflt - ok 21:05:06.0610 0x23a4 [ 440AFB292037D890AC8CAF20CE7E429E, 62994410C2911A0CE9EF3601648F813B08316DF78AD13C75CCA085B1D4567527 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 21:05:06.0642 0x23a4 klmouflt - ok 21:05:06.0673 0x23a4 [ 3B69B9FF8B0B99333016B0B9D1DB1742, 586C1E0B4E8308EFE195A77EE8C7CA6B742F54B68A80C16EBC39790DDE038EBE ] klpd C:\Windows\system32\DRIVERS\klpd.sys 21:05:06.0688 0x23a4 klpd - ok 21:05:06.0782 0x23a4 [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap C:\Windows\system32\DRIVERS\kltap.sys 21:05:06.0829 0x23a4 kltap - ok 21:05:06.0860 0x23a4 [ D4D67FDAFC981E3FCC376B4548697EB8, 78AD738EFFF8D45A5988B69E3B99C68D8FF38F8A72FB7B4374DE874808AA932D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 21:05:06.0891 0x23a4 kltdi - ok 21:05:07.0000 0x23a4 [ 5E465826E78C6753BD88B7B766521ACA, 0C0D06FF096BD05D373B7A63EAFC2CA73E51F6FCA82DDACBD97D42FA562CB6DB ] klvssbridge64_19.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe 21:05:07.0047 0x23a4 klvssbridge64_19.0.0 - ok 21:05:07.0078 0x23a4 [ 5053C642DB87B00C75BB2124517B1FA2, C7FD6BFDE422B9C9E7AEDFAE68F0D59A74D8AC3FC0E4F13EF8FF8504F473B645 ] klwtp C:\Windows\system32\DRIVERS\klwtp.sys 21:05:07.0110 0x23a4 klwtp - ok 21:05:07.0125 0x23a4 [ AAA0543A0E55548E8C66FEFE13D2EFE5, 13623619D219142BD61DC2F632E84F7AC5729462E35DF26AC9BD4471B6530EE1 ] kneps C:\Windows\system32\DRIVERS\kneps.sys 21:05:07.0156 0x23a4 kneps - ok 21:05:07.0266 0x23a4 [ 4DCE20849E789DC24A867E7D7B15CE5B, 0F6236E0F99709FF628DB0568E673DA80292874D78AB89CA6C3BB07E4813786E ] KSDE2.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe 21:05:07.0297 0x23a4 KSDE2.0.0 - ok 21:05:07.0344 0x23a4 [ DFE85B031220F8E0271716BBB3C4C8FF, 531AB0851AE2F2B25D751605529C483B4734E5D26F94F56DEC0191730DD6A9A4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:05:07.0390 0x23a4 KSecDD - ok 21:05:07.0406 0x23a4 [ 70D7302DD70B979637179BFD8295C924, 7A3498C8A90AC5D7A070E9BCAF1BC0D16F478A7160A9333C58247034C5B3B59F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:05:07.0422 0x23a4 KSecPkg - ok 21:05:07.0437 0x23a4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:05:07.0484 0x23a4 ksthunk - ok 21:05:07.0515 0x23a4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 21:05:07.0562 0x23a4 KtmRm - ok 21:05:07.0624 0x23a4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:05:07.0671 0x23a4 LanmanServer - ok 21:05:07.0718 0x23a4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:05:07.0765 0x23a4 LanmanWorkstation - ok 21:05:07.0874 0x23a4 [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 21:05:07.0921 0x23a4 LBTServ - ok 21:05:07.0936 0x23a4 [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 21:05:07.0968 0x23a4 LHidFilt - ok 21:05:07.0983 0x23a4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:05:08.0030 0x23a4 lltdio - ok 21:05:08.0108 0x23a4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:05:08.0170 0x23a4 lltdsvc - ok 21:05:08.0186 0x23a4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:05:08.0264 0x23a4 lmhosts - ok 21:05:08.0280 0x23a4 [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 21:05:08.0295 0x23a4 LMouFilt - ok 21:05:08.0326 0x23a4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:05:08.0342 0x23a4 LSI_FC - ok 21:05:08.0373 0x23a4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:05:08.0389 0x23a4 LSI_SAS - ok 21:05:08.0420 0x23a4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:05:08.0436 0x23a4 LSI_SAS2 - ok 21:05:08.0467 0x23a4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:05:08.0482 0x23a4 LSI_SCSI - ok 21:05:08.0529 0x23a4 [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv C:\Windows\system32\drivers\luafv.sys 21:05:08.0576 0x23a4 luafv - ok 21:05:08.0654 0x23a4 [ 30531264292DBC7507AA1FF4123F1F39, AD27317BFAB1D5C1B332000DF51336424B4B80AF725392EB4A0FE53DC0695C41 ] MBAMFarflt C:\Windows\system32\DRIVERS\farflt.sys 21:05:08.0701 0x23a4 MBAMFarflt - ok 21:05:08.0732 0x23a4 [ 0987B4BB03FA1F3C0C7D37347B707D4E, EDEA667695A680B955F42024AD349A9B795A2365C59312EDCC3FE5BF362F59E6 ] MBAMProtection C:\Windows\system32\DRIVERS\mbam.sys 21:05:08.0748 0x23a4 MBAMProtection - ok 21:05:09.0075 0x23a4 [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe 21:05:09.0247 0x23a4 MBAMService - ok 21:05:09.0309 0x23a4 [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\Windows\System32\Drivers\mbamswissarmy.sys 21:05:09.0325 0x23a4 MBAMSwissArmy - ok 21:05:09.0387 0x23a4 [ BB59E29ADA772551DAE87B980DC1425C, BBC24338AF20AC0DC0AAC87F96E1BE8E8CDB1DD8E2F43108C3DD4D915FB8E6CB ] MBAMWebProtection C:\Windows\system32\DRIVERS\mwac.sys 21:05:09.0403 0x23a4 MBAMWebProtection - ok 21:05:09.0434 0x23a4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:05:09.0450 0x23a4 Mcx2Svc - ok 21:05:09.0481 0x23a4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 21:05:09.0496 0x23a4 megasas - ok 21:05:09.0512 0x23a4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:05:09.0543 0x23a4 MegaSR - ok 21:05:09.0637 0x23a4 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe 21:05:09.0652 0x23a4 MemeoBackgroundService - ok 21:05:09.0684 0x23a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 21:05:09.0746 0x23a4 MMCSS - ok 21:05:09.0777 0x23a4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 21:05:09.0871 0x23a4 Modem - ok 21:05:09.0886 0x23a4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:05:09.0933 0x23a4 monitor - ok 21:05:09.0980 0x23a4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:05:09.0996 0x23a4 mouclass - ok 21:05:10.0011 0x23a4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:05:10.0027 0x23a4 mouhid - ok 21:05:10.0089 0x23a4 [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:05:10.0136 0x23a4 mountmgr - ok 21:05:10.0198 0x23a4 [ 7152F2150B49D16467FA9FCE3E092F07, B6F52E387FDBFAF47340629BA7201746CC1A9A51A1159A5EA235F294B6DFB9E0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 21:05:10.0245 0x23a4 MozillaMaintenance - ok 21:05:10.0292 0x23a4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 21:05:10.0323 0x23a4 mpio - ok 21:05:10.0339 0x23a4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:05:10.0401 0x23a4 mpsdrv - ok 21:05:10.0432 0x23a4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:05:10.0510 0x23a4 MpsSvc - ok 21:05:10.0557 0x23a4 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:05:10.0588 0x23a4 MRxDAV - ok 21:05:10.0635 0x23a4 [ 767C6DF04C5758B9F0790D400541B44F, BFC38D7BCF19F7246BCAD3E04273A403F6B973432EE0EF6E25B16BA3826A21B7 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:05:10.0713 0x23a4 mrxsmb - ok 21:05:10.0744 0x23a4 [ BD55F604FFABC911F8E5500186AE70E5, 3719EDB070E6FFE9781337A05CA0309C3CD5CD38A292DF091E05C9BA3D5A479F ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:05:10.0807 0x23a4 mrxsmb10 - ok 21:05:10.0885 0x23a4 [ 92EECFB046D4706A4B8D699A4069B6EC, 3B3E232DABA913A500CE55AD8600D8DD8F28E32B0276B9B6C8FD6239688833A4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:05:10.0963 0x23a4 mrxsmb20 - ok 21:05:10.0994 0x23a4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 21:05:11.0041 0x23a4 msahci - ok 21:05:11.0088 0x23a4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:05:11.0119 0x23a4 msdsm - ok 21:05:11.0150 0x23a4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 21:05:11.0181 0x23a4 MSDTC - ok 21:05:11.0212 0x23a4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:05:11.0259 0x23a4 Msfs - ok 21:05:11.0275 0x23a4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:05:11.0322 0x23a4 mshidkmdf - ok 21:05:11.0353 0x23a4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:05:11.0353 0x23a4 msisadrv - ok 21:05:11.0384 0x23a4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:05:11.0415 0x23a4 MSiSCSI - ok 21:05:11.0431 0x23a4 msiserver - ok 21:05:11.0462 0x23a4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:05:11.0493 0x23a4 MSKSSRV - ok 21:05:11.0524 0x23a4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:05:11.0556 0x23a4 MSPCLOCK - ok 21:05:11.0571 0x23a4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:05:11.0602 0x23a4 MSPQM - ok 21:05:11.0618 0x23a4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:05:11.0649 0x23a4 MsRPC - ok 21:05:11.0665 0x23a4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 21:05:11.0680 0x23a4 mssmbios - ok 21:05:11.0712 0x23a4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:05:11.0758 0x23a4 MSTEE - ok 21:05:11.0790 0x23a4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:05:11.0821 0x23a4 MTConfig - ok 21:05:11.0852 0x23a4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 21:05:11.0868 0x23a4 Mup - ok 21:05:12.0026 0x23a4 [ B7B4BF008EE836D24C245F6A71A42C82, F6B8BF65494D042B06405F3B8A62A5FF5F2B7A238794C91DE51A2EE95D30E024 ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe 21:05:12.0072 0x23a4 MyEpson Portal Service - ok 21:05:12.0119 0x23a4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 21:05:12.0150 0x23a4 napagent - ok 21:05:12.0213 0x23a4 [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:05:12.0228 0x23a4 NativeWifiP - ok 21:05:12.0338 0x23a4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:05:12.0384 0x23a4 NDIS - ok 21:05:12.0416 0x23a4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:05:12.0462 0x23a4 NdisCap - ok 21:05:12.0509 0x23a4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:05:12.0556 0x23a4 NdisTapi - ok 21:05:12.0572 0x23a4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:05:12.0618 0x23a4 Ndisuio - ok 21:05:12.0650 0x23a4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:05:12.0681 0x23a4 NdisWan - ok 21:05:12.0728 0x23a4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:05:12.0759 0x23a4 NDProxy - ok 21:05:12.0790 0x23a4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:05:12.0837 0x23a4 NetBIOS - ok 21:05:12.0884 0x23a4 [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:05:12.0899 0x23a4 NetBT - ok 21:05:12.0962 0x23a4 [ 0AACF89E5FD35CF07CD4E649C6591423, 786E000239FCE114DB83A3914C75E011A3AA15B60EC87AF9C871208C508520A1 ] netfltcc C:\Windows\system32\drivers\netfltcc.sys 21:05:12.0962 0x23a4 netfltcc - ok 21:05:12.0977 0x23a4 [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] Netlogon C:\Windows\system32\lsass.exe 21:05:12.0993 0x23a4 Netlogon - ok 21:05:13.0008 0x23a4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 21:05:13.0055 0x23a4 Netman - ok 21:05:13.0149 0x23a4 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:05:13.0227 0x23a4 NetMsmqActivator - ok 21:05:13.0258 0x23a4 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:05:13.0274 0x23a4 NetPipeActivator - ok 21:05:13.0305 0x23a4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 21:05:13.0352 0x23a4 netprofm - ok 21:05:13.0352 0x23a4 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:05:13.0383 0x23a4 NetTcpActivator - ok 21:05:13.0383 0x23a4 [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 21:05:13.0398 0x23a4 NetTcpPortSharing - ok 21:05:13.0430 0x23a4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:05:13.0445 0x23a4 nfrd960 - ok 21:05:13.0492 0x23a4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 21:05:13.0539 0x23a4 NlaSvc - ok 21:05:13.0570 0x23a4 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf C:\Windows\system32\drivers\npf.sys 21:05:13.0586 0x23a4 npf - ok 21:05:13.0586 0x23a4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:05:13.0632 0x23a4 Npfs - ok 21:05:13.0679 0x23a4 [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi C:\Windows\system32\nsisvc.dll 21:05:13.0695 0x23a4 nsi - ok 21:05:13.0726 0x23a4 [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:05:13.0757 0x23a4 nsiproxy - ok 21:05:13.0882 0x23a4 [ 1065D9AFE491706EB00AD3CBB76C9E54, 7014029663FC61932EACC07682A66EE5483F11968EF58DE9766A9D77238C6812 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:05:13.0960 0x23a4 Ntfs - ok 21:05:13.0976 0x23a4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 21:05:14.0069 0x23a4 Null - ok 21:05:14.0163 0x23a4 [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 21:05:14.0225 0x23a4 NVENETFD - ok 21:05:14.0646 0x23a4 [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:05:15.0083 0x23a4 nvlddmkm - ok 21:05:15.0146 0x23a4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:05:15.0192 0x23a4 nvraid - ok 21:05:15.0224 0x23a4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:05:15.0255 0x23a4 nvstor - ok 21:05:15.0286 0x23a4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:05:15.0302 0x23a4 nv_agp - ok 21:05:15.0317 0x23a4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:05:15.0333 0x23a4 ohci1394 - ok 21:05:15.0411 0x23a4 [ BF869F329392C7E76FC959B1206A432F, 909879B7432283C1F6D44843FC5CEB598798EE6560DCD4B4EF8B4935E94FB934 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:05:15.0458 0x23a4 ose - ok 21:05:15.0754 0x23a4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:05:16.0004 0x23a4 osppsvc - ok 21:05:16.0050 0x23a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:05:16.0191 0x23a4 p2pimsvc - ok 21:05:16.0222 0x23a4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 21:05:16.0284 0x23a4 p2psvc - ok 21:05:16.0316 0x23a4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 21:05:16.0331 0x23a4 Parport - ok 21:05:16.0362 0x23a4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:05:16.0378 0x23a4 partmgr - ok 21:05:16.0425 0x23a4 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll 21:05:16.0472 0x23a4 PcaSvc - ok 21:05:16.0487 0x23a4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 21:05:16.0518 0x23a4 pci - ok 21:05:16.0550 0x23a4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 21:05:16.0565 0x23a4 pciide - ok 21:05:16.0612 0x23a4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:05:16.0628 0x23a4 pcmcia - ok 21:05:16.0659 0x23a4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 21:05:16.0674 0x23a4 pcw - ok 21:05:16.0706 0x23a4 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:05:16.0768 0x23a4 PEAUTH - ok 21:05:16.0846 0x23a4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:05:16.0877 0x23a4 PerfHost - ok 21:05:17.0049 0x23a4 [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll 21:05:17.0142 0x23a4 pla - ok 21:05:17.0236 0x23a4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:05:17.0298 0x23a4 PlugPlay - ok 21:05:17.0314 0x23a4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:05:17.0408 0x23a4 PNRPAutoReg - ok 21:05:17.0439 0x23a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:05:17.0470 0x23a4 PNRPsvc - ok 21:05:17.0517 0x23a4 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:05:17.0564 0x23a4 PolicyAgent - ok 21:05:17.0595 0x23a4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 21:05:17.0642 0x23a4 Power - ok 21:05:17.0688 0x23a4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:05:17.0720 0x23a4 PptpMiniport - ok 21:05:17.0751 0x23a4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 21:05:17.0766 0x23a4 Processor - ok 21:05:17.0829 0x23a4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 21:05:17.0922 0x23a4 ProfSvc - ok 21:05:17.0938 0x23a4 [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:05:17.0954 0x23a4 ProtectedStorage - ok 21:05:17.0969 0x23a4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:05:18.0016 0x23a4 Psched - ok 21:05:18.0063 0x23a4 [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 21:05:18.0078 0x23a4 PSI_SVC_2 - ok 21:05:18.0156 0x23a4 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 21:05:18.0188 0x23a4 PxHlpa64 - ok 21:05:18.0266 0x23a4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:05:18.0375 0x23a4 ql2300 - ok 21:05:18.0390 0x23a4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:05:18.0406 0x23a4 ql40xx - ok 21:05:18.0422 0x23a4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 21:05:18.0453 0x23a4 QWAVE - ok 21:05:18.0468 0x23a4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:05:18.0500 0x23a4 QWAVEdrv - ok 21:05:18.0562 0x23a4 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 21:05:18.0593 0x23a4 RapiMgr - ok 21:05:18.0609 0x23a4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:05:18.0656 0x23a4 RasAcd - ok 21:05:18.0687 0x23a4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:05:18.0780 0x23a4 RasAgileVpn - ok 21:05:18.0796 0x23a4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 21:05:18.0858 0x23a4 RasAuto - ok 21:05:18.0890 0x23a4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:05:18.0952 0x23a4 Rasl2tp - ok 21:05:18.0968 0x23a4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 21:05:19.0030 0x23a4 RasMan - ok 21:05:19.0046 0x23a4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:05:19.0092 0x23a4 RasPppoe - ok 21:05:19.0124 0x23a4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:05:19.0155 0x23a4 RasSstp - ok 21:05:19.0186 0x23a4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:05:19.0233 0x23a4 rdbss - ok 21:05:19.0248 0x23a4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 21:05:19.0264 0x23a4 rdpbus - ok 21:05:19.0280 0x23a4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:05:19.0311 0x23a4 RDPCDD - ok 21:05:19.0326 0x23a4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:05:19.0373 0x23a4 RDPENCDD - ok 21:05:19.0389 0x23a4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:05:19.0436 0x23a4 RDPREFMP - ok 21:05:19.0607 0x23a4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 21:05:19.0763 0x23a4 RdpVideoMiniport - ok 21:05:19.0826 0x23a4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:05:19.0904 0x23a4 RDPWD - ok 21:05:19.0966 0x23a4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:05:20.0013 0x23a4 rdyboost - ok 21:05:20.0044 0x23a4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:05:20.0106 0x23a4 RemoteAccess - ok 21:05:20.0138 0x23a4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:05:20.0184 0x23a4 RemoteRegistry - ok 21:05:20.0247 0x23a4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:05:20.0262 0x23a4 RFCOMM - ok 21:05:20.0294 0x23a4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:05:20.0349 0x23a4 RpcEptMapper - ok 21:05:20.0381 0x23a4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 21:05:20.0427 0x23a4 RpcLocator - ok 21:05:20.0505 0x23a4 [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] RpcSs C:\Windows\system32\rpcss.dll 21:05:20.0537 0x23a4 RpcSs - ok 21:05:20.0552 0x23a4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:05:20.0599 0x23a4 rspndr - ok 21:05:20.0693 0x23a4 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 21:05:20.0755 0x23a4 RTL8167 - ok 21:05:20.0833 0x23a4 [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 21:05:20.0880 0x23a4 RTL8192su - ok 21:05:20.0911 0x23a4 [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] SamSs C:\Windows\system32\lsass.exe 21:05:20.0927 0x23a4 SamSs - ok 21:05:20.0942 0x23a4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:05:20.0958 0x23a4 sbp2port - ok 21:05:20.0973 0x23a4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:05:21.0036 0x23a4 SCardSvr - ok 21:05:21.0410 0x23a4 [ DE48E8808653E1CEEBA850BE57798388, 5255F6727F840232D6873AE899B10503A14F0365508657EC8230F35D74E8CB52 ] SCC-Dienst C:\Windows\cc\ctlsysmgr.exe 21:05:21.0724 0x23a4 SCC-Dienst - ok 21:05:21.0771 0x23a4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:05:21.0802 0x23a4 scfilter - ok 21:05:21.0911 0x23a4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 21:05:22.0021 0x23a4 Schedule - ok 21:05:22.0052 0x23a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 21:05:22.0083 0x23a4 SCPolicySvc - ok 21:05:22.0114 0x23a4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:05:22.0161 0x23a4 SDRSVC - ok 21:05:22.0192 0x23a4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:05:22.0255 0x23a4 secdrv - ok 21:05:22.0286 0x23a4 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll 21:05:22.0364 0x23a4 seclogon - ok 21:05:22.0379 0x23a4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 21:05:22.0473 0x23a4 SENS - ok 21:05:22.0489 0x23a4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:05:22.0535 0x23a4 SensrSvc - ok 21:05:22.0567 0x23a4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:05:22.0582 0x23a4 Serenum - ok 21:05:22.0613 0x23a4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 21:05:22.0629 0x23a4 Serial - ok 21:05:22.0660 0x23a4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:05:22.0676 0x23a4 sermouse - ok 21:05:22.0707 0x23a4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 21:05:22.0769 0x23a4 SessionEnv - ok 21:05:22.0847 0x23a4 [ DDA1B38A59DE5096E2619D4CFDE01F4A, 95E2244EC8FD87741169B75A25458C788A9355EBC7D12C5CD6509DBBB89D4EE6 ] sfdrv01a C:\Windows\system32\drivers\sfdrv01a.sys 21:05:22.0880 0x23a4 sfdrv01a - ok 21:05:22.0911 0x23a4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:05:23.0020 0x23a4 sffdisk - ok 21:05:23.0036 0x23a4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:05:23.0067 0x23a4 sffp_mmc - ok 21:05:23.0082 0x23a4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:05:23.0116 0x23a4 sffp_sd - ok 21:05:23.0147 0x23a4 [ 17F6BD95BF04B924F4C05CE78BEF8AE6, 68D38DC04349DA476B62F853B165EE6B6F42054BCAF2B8F615A6E6BAACD35EB4 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys 21:05:23.0178 0x23a4 sfhlp02 - ok 21:05:23.0209 0x23a4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:05:23.0225 0x23a4 sfloppy - ok 21:05:23.0256 0x23a4 sfrem01 - ok 21:05:23.0272 0x23a4 [ C2FC1E7B64D844251A1AF6BCADFE4C14, F1944F303981A64EE109B244BFD333A661C0940EB3A7F28726A61A9422022831 ] sfsync04 C:\Windows\system32\drivers\sfsync04.sys 21:05:23.0287 0x23a4 sfsync04 - ok 21:05:23.0334 0x23a4 [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 21:05:23.0365 0x23a4 Sftfs - ok 21:05:23.0506 0x23a4 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 21:05:23.0537 0x23a4 sftlist - ok 21:05:23.0568 0x23a4 [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 21:05:23.0599 0x23a4 Sftplay - ok 21:05:23.0615 0x23a4 [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 21:05:23.0630 0x23a4 Sftredir - ok 21:05:23.0646 0x23a4 [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 21:05:23.0662 0x23a4 Sftvol - ok 21:05:23.0677 0x23a4 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 21:05:23.0693 0x23a4 sftvsa - ok 21:05:23.0724 0x23a4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:05:23.0786 0x23a4 SharedAccess - ok 21:05:23.0833 0x23a4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:05:23.0833 0x232c Object required for P2P: [ 5257998857707DA4BCC86420CDDFED18 ] klhk 21:05:23.0880 0x23a4 ShellHWDetection - ok 21:05:23.0911 0x23a4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:05:23.0927 0x23a4 SiSRaid2 - ok 21:05:23.0958 0x23a4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:05:23.0974 0x23a4 SiSRaid4 - ok 21:05:24.0020 0x23a4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:05:24.0067 0x23a4 Smb - ok 21:05:24.0083 0x23a4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:05:24.0114 0x23a4 SNMPTRAP - ok 21:05:24.0130 0x23a4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 21:05:24.0145 0x23a4 spldr - ok 21:05:24.0176 0x23a4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 21:05:24.0239 0x23a4 Spooler - ok 21:05:24.0348 0x23a4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 21:05:24.0488 0x23a4 sppsvc - ok 21:05:24.0520 0x23a4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:05:24.0566 0x23a4 sppuinotify - ok 21:05:24.0629 0x23a4 [ 72E6A150A8C8530B201832D1C801CDE6, EFBDD5D1FB924979E63D829A6970CB5552A746BEBB7C4D41066684CA16A374E0 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:05:24.0660 0x23a4 srv - ok 21:05:24.0707 0x23a4 [ C4F67ABCC5033D334613F28F9E782809, A19E32E2EF790E88E7013C298AF0A34A9957A7CE55DF19FBD7BDF688D3767BA5 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:05:24.0769 0x23a4 srv2 - ok 21:05:24.0832 0x23a4 [ C53CB62B0E57488AAE41FDA0FF8A0AB9, 93614C72C578E348B66690585F8AC2B53C0C19D2C96AAD3E776D3389CA5E43B6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:05:24.0863 0x23a4 srvnet - ok 21:05:24.0894 0x23a4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:05:24.0941 0x23a4 SSDPSRV - ok 21:05:24.0972 0x23a4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:05:25.0005 0x23a4 SstpSvc - ok 21:05:25.0099 0x23a4 [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 21:05:25.0146 0x23a4 ssudmdm - ok 21:05:25.0302 0x23a4 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe 21:05:25.0333 0x23a4 ss_conn_service - ok 21:05:25.0364 0x23a4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:05:25.0380 0x23a4 stexstor - ok 21:05:25.0426 0x23a4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 21:05:25.0458 0x23a4 stisvc - ok 21:05:25.0489 0x23a4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 21:05:25.0504 0x23a4 swenum - ok 21:05:25.0520 0x23a4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 21:05:25.0567 0x23a4 swprv - ok 21:05:25.0707 0x23a4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 21:05:25.0816 0x23a4 SysMain - ok 21:05:25.0848 0x23a4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:05:25.0863 0x23a4 TabletInputService - ok 21:05:25.0894 0x23a4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 21:05:25.0957 0x23a4 TapiSrv - ok 21:05:26.0082 0x23a4 [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:05:26.0160 0x23a4 Tcpip - ok 21:05:26.0222 0x23a4 [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:05:26.0284 0x23a4 TCPIP6 - ok 21:05:26.0331 0x23a4 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:05:26.0378 0x23a4 tcpipreg - ok 21:05:26.0394 0x23a4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:05:26.0472 0x23a4 TDPIPE - ok 21:05:26.0503 0x23a4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:05:26.0550 0x23a4 TDTCP - ok 21:05:26.0596 0x23a4 [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:05:26.0674 0x23a4 tdx - ok 21:05:26.0706 0x23a4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 21:05:26.0721 0x23a4 TermDD - ok 21:05:26.0799 0x23a4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 21:05:26.0893 0x23a4 TermService - ok 21:05:26.0924 0x23a4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 21:05:26.0986 0x23a4 Themes - ok 21:05:27.0018 0x23a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 21:05:27.0064 0x23a4 THREADORDER - ok 21:05:27.0080 0x23a4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 21:05:27.0127 0x23a4 TrkWks - ok 21:05:27.0220 0x23a4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:05:27.0283 0x23a4 TrustedInstaller - ok 21:05:27.0298 0x23a4 [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:05:27.0314 0x23a4 tssecsrv - ok 21:05:27.0376 0x23a4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:05:27.0486 0x23a4 TsUsbFlt - ok 21:05:27.0501 0x23a4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:05:27.0548 0x23a4 TsUsbGD - ok 21:05:27.0564 0x232c Object send P2P result: true 21:05:27.0579 0x23a4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:05:27.0642 0x23a4 tunnel - ok 21:05:27.0673 0x23a4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:05:27.0688 0x23a4 uagp35 - ok 21:05:27.0720 0x23a4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:05:27.0766 0x23a4 udfs - ok 21:05:27.0829 0x23a4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:05:27.0860 0x23a4 UI0Detect - ok 21:05:27.0891 0x23a4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:05:27.0922 0x23a4 uliagpkx - ok 21:05:27.0954 0x23a4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:05:27.0985 0x23a4 umbus - ok 21:05:28.0000 0x23a4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 21:05:28.0047 0x23a4 UmPass - ok 21:05:28.0094 0x23a4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 21:05:28.0203 0x23a4 upnphost - ok 21:05:28.0250 0x23a4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:05:28.0328 0x23a4 usbaudio - ok 21:05:28.0375 0x23a4 [ 9E68E917FB4B5C983438969643F53BEF, 7148BF1E7AFAFA025A51AA9A26B90ED85328B41C7F7791CB3460D9CF53245985 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:05:28.0453 0x23a4 usbccgp - ok 21:05:28.0500 0x23a4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:05:28.0562 0x23a4 usbcir - ok 21:05:28.0593 0x23a4 [ 3F9D3902CE931E2A28DD8452AE915B67, C8BF042DD84FB2E3AE7FCDBA65923611FCBDAFD6410E42A5E58F8995D99AE16C ] usbehci C:\Windows\system32\drivers\usbehci.sys 21:05:28.0656 0x23a4 usbehci - ok 21:05:28.0702 0x23a4 [ B7037444DC5138FC7D3D3968B4DE5C4B, DD9E3E40766A3F3B708DA341B7280E447788218ED677E1A24EC0CD04B04281B2 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 21:05:28.0718 0x23a4 usbfilter - ok 21:05:28.0749 0x23a4 [ 86B65EEBC03B936DE8B26E5A18D98FA2, 2981CF5A0FB6B6FE0A38363EA4804DB743C45E3E6E72DC3A2260F583377717C8 ] usbhub C:\Windows\system32\drivers\usbhub.sys 21:05:28.0780 0x23a4 usbhub - ok 21:05:28.0812 0x23a4 [ 099C2931C6F73EB1B9E13C560F61B50D, 83B64A52173243526E380C8FA0D913C7B07C2AF1806ECC4EC0D0B5523A7CBFAA ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:05:28.0827 0x23a4 usbohci - ok 21:05:28.0874 0x23a4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:05:28.0936 0x23a4 usbprint - ok 21:05:28.0968 0x23a4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 21:05:29.0014 0x23a4 usbscan - ok 21:05:29.0046 0x23a4 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:05:29.0139 0x23a4 USBSTOR - ok 21:05:29.0155 0x23a4 [ 5D7651347C7D702F4A5DE53603DC024F, F55532D13AB2FF6D4B6058113AF2710AC5C87059C9000942CF517198BABCD6F5 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:05:29.0233 0x23a4 usbuhci - ok 21:05:29.0264 0x23a4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 21:05:29.0326 0x23a4 UxSms - ok 21:05:29.0342 0x23a4 [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] VaultSvc C:\Windows\system32\lsass.exe 21:05:29.0358 0x23a4 VaultSvc - ok 21:05:29.0373 0x23a4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:05:29.0389 0x23a4 vdrvroot - ok 21:05:29.0420 0x23a4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 21:05:29.0514 0x23a4 vds - ok 21:05:29.0545 0x23a4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:05:29.0560 0x23a4 vga - ok 21:05:29.0560 0x23a4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 21:05:29.0623 0x23a4 VgaSave - ok 21:05:29.0654 0x23a4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:05:29.0685 0x23a4 vhdmp - ok 21:05:29.0701 0x23a4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 21:05:29.0732 0x23a4 viaide - ok 21:05:29.0763 0x23a4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:05:29.0779 0x23a4 volmgr - ok 21:05:29.0826 0x23a4 [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:05:29.0857 0x23a4 volmgrx - ok 21:05:29.0872 0x23a4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:05:29.0888 0x23a4 volsnap - ok 21:05:29.0935 0x23a4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:05:29.0950 0x23a4 vsmraid - ok 21:05:29.0997 0x23a4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 21:05:30.0091 0x23a4 VSS - ok 21:05:30.0122 0x23a4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:05:30.0138 0x23a4 vwifibus - ok 21:05:30.0153 0x23a4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:05:30.0169 0x23a4 vwififlt - ok 21:05:30.0200 0x23a4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 21:05:30.0247 0x23a4 vwifimp - ok 21:05:30.0278 0x23a4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 21:05:30.0340 0x23a4 W32Time - ok 21:05:30.0387 0x23a4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:05:30.0418 0x23a4 WacomPen - ok 21:05:30.0434 0x23a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:05:30.0481 0x23a4 WANARP - ok 21:05:30.0512 0x23a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:05:30.0543 0x23a4 Wanarpv6 - ok 21:05:30.0715 0x23a4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:05:30.0840 0x23a4 WatAdminSvc - ok 21:05:30.0902 0x23a4 [ 261A725F8ACEDDA695C7FFF6D6EDE6B5, 7DE18FDD707F073909FC990F6755CBF562020B6F3D5C698D90C7907EE0F3B420 ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe 21:05:30.0902 0x23a4 watchmi - detected UnsignedFile.Multi.Generic ( 1 ) 21:05:32.0524 0x23a4 Detect skipped due to KSN trusted 21:05:32.0524 0x23a4 watchmi - ok 21:05:32.0634 0x23a4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 21:05:32.0790 0x23a4 wbengine - ok 21:05:32.0821 0x23a4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:05:32.0868 0x23a4 WbioSrvc - ok 21:05:32.0961 0x23a4 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 21:05:32.0992 0x23a4 WcesComm - ok 21:05:33.0024 0x23a4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:05:33.0055 0x23a4 wcncsvc - ok 21:05:33.0102 0x23a4 [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:05:33.0133 0x23a4 WcsPlugInService - ok 21:05:33.0164 0x23a4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 21:05:33.0180 0x23a4 Wd - ok 21:05:33.0258 0x23a4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:05:33.0304 0x23a4 Wdf01000 - ok 21:05:33.0351 0x23a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:05:33.0445 0x23a4 WdiServiceHost - ok 21:05:33.0445 0x23a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:05:33.0476 0x23a4 WdiSystemHost - ok 21:05:33.0538 0x23a4 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll 21:05:33.0601 0x23a4 WebClient - ok 21:05:33.0632 0x23a4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:05:33.0694 0x23a4 Wecsvc - ok 21:05:33.0710 0x23a4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:05:33.0741 0x23a4 wercplsupport - ok 21:05:33.0757 0x23a4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 21:05:33.0804 0x23a4 WerSvc - ok 21:05:33.0850 0x23a4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:05:33.0882 0x23a4 WfpLwf - ok 21:05:33.0897 0x23a4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:05:33.0913 0x23a4 WIMMount - ok 21:05:33.0944 0x23a4 WinDefend - ok 21:05:33.0960 0x23a4 WinHttpAutoProxySvc - ok 21:05:34.0022 0x23a4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:05:34.0069 0x23a4 Winmgmt - ok 21:05:34.0178 0x23a4 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll 21:05:34.0318 0x23a4 WinRM - ok 21:05:34.0365 0x23a4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:05:34.0396 0x23a4 WinUsb - ok 21:05:34.0490 0x23a4 [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:05:34.0537 0x23a4 Wlansvc - ok 21:05:34.0724 0x23a4 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:05:34.0833 0x23a4 wlidsvc - ok 21:05:34.0864 0x23a4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:05:34.0880 0x23a4 WmiAcpi - ok 21:05:34.0896 0x23a4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:05:34.0927 0x23a4 wmiApSrv - ok 21:05:34.0958 0x23a4 WMPNetworkSvc - ok 21:05:34.0989 0x23a4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:05:35.0036 0x23a4 WPCSvc - ok 21:05:35.0067 0x23a4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:05:35.0083 0x23a4 WPDBusEnum - ok 21:05:35.0098 0x23a4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:05:35.0192 0x23a4 ws2ifsl - ok 21:05:35.0223 0x23a4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 21:05:35.0254 0x23a4 wscsvc - ok 21:05:35.0270 0x23a4 WSearch - ok 21:05:35.0286 0x23a4 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys 21:05:35.0301 0x23a4 wsvd - ok 21:05:35.0473 0x23a4 [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv C:\Windows\system32\wuaueng.dll 21:05:35.0644 0x23a4 wuauserv - ok 21:05:35.0676 0x23a4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:05:35.0691 0x23a4 WudfPf - ok 21:05:35.0722 0x23a4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:05:35.0754 0x23a4 WUDFRd - ok 21:05:35.0769 0x23a4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:05:35.0800 0x23a4 wudfsvc - ok 21:05:35.0847 0x23a4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 21:05:35.0925 0x23a4 WwanSvc - ok 21:05:35.0956 0x23a4 ================ Scan global =============================== 21:05:36.0003 0x23a4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 21:05:36.0050 0x23a4 [ 66A8A9412337B08E1735204B8ADEE58C, 766429FBB014A9CA6AEFD39579C3F33625335A3DFD88AB324E4534978695B887 ] C:\Windows\system32\winsrv.dll 21:05:36.0097 0x23a4 [ 66A8A9412337B08E1735204B8ADEE58C, 766429FBB014A9CA6AEFD39579C3F33625335A3DFD88AB324E4534978695B887 ] C:\Windows\system32\winsrv.dll 21:05:36.0112 0x23a4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 21:05:36.0144 0x23a4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 21:05:36.0144 0x23a4 [ Global ] - ok 21:05:36.0144 0x23a4 ================ Scan MBR ================================== 21:05:36.0159 0x23a4 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0 21:05:38.0936 0x23a4 \Device\Harddisk0\DR0 - ok 21:05:38.0936 0x23a4 ================ Scan VBR ================================== 21:05:38.0936 0x23a4 [ AD22454585C8B20832E592BB0BD6CF66 ] \Device\Harddisk0\DR0\Partition1 21:05:38.0936 0x23a4 \Device\Harddisk0\DR0\Partition1 - ok 21:05:38.0952 0x23a4 [ 4993626D5E885B3541AE4E9A7F708F20 ] \Device\Harddisk0\DR0\Partition2 21:05:38.0952 0x23a4 \Device\Harddisk0\DR0\Partition2 - ok 21:05:38.0952 0x23a4 [ 8A9F068D45CF78CC93224F17216DC2DE ] \Device\Harddisk0\DR0\Partition3 21:05:38.0952 0x23a4 \Device\Harddisk0\DR0\Partition3 - ok 21:05:38.0952 0x23a4 ================ Scan generic autorun ====================== 21:05:39.0373 0x23a4 [ 5DADA908E14051D65DB1991CB0B1F58D, DC02EDA032CEC2241F302995BF010B0376D5421A3E97583CB8A13A80993290B4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 21:05:39.0810 0x23a4 RTHDVCPL - ok 21:05:39.0950 0x23a4 [ F9C48B76DA59CF5FF2ED937B62F5ED39, BABC2638F6C92947C79C918DFD3E605B196672B23745226DFA64F68867B7C257 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 21:05:39.0981 0x23a4 AdobeAAMUpdater-1.0 - ok 21:05:40.0044 0x23a4 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe 21:05:40.0075 0x23a4 Windows Mobile Device Center - ok 21:05:40.0247 0x23a4 [ 948EB9C552C05DF39F79587E6979D9F5, 402B155395C32005A8D78C8B0F00F2391542CB41188AF944FF17ADE6BE97A62D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe 21:05:40.0356 0x23a4 EvtMgr6 - ok 21:05:40.0496 0x23a4 [ 4CD463EF28D7345EBFD123D407712D02, FD9DEAE9CAB602E8100E1000C7D9CEA2FC662E875CBAF02EA56E933C666F0567 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 21:05:40.0527 0x23a4 StartCCC - ok 21:05:40.0590 0x23a4 [ FF473648E7B1B37C7F3249A6549FAC72, 632825038F5975415D129CCB84682243360821857D250D7827E21A08DE855BCC ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe 21:05:40.0621 0x23a4 hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 ) 21:05:42.0245 0x23a4 Detect skipped due to KSN trusted 21:05:42.0245 0x23a4 hpqSRMon - ok 21:05:42.0323 0x23a4 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe 21:05:42.0339 0x23a4 HP Software Update - ok 21:05:42.0401 0x23a4 [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe 21:05:42.0417 0x23a4 PDFPrint - ok 21:05:42.0511 0x23a4 [ EE8626BAD390E3F3EBCA5816F133F14A, 2E6331418F6EE99539822E18FCACE74EEEC9A4970BBFB392C89AF32088753525 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe 21:05:42.0526 0x23a4 KiesTrayAgent - ok 21:05:42.0713 0x23a4 [ F17FFAF69E1AF3D0A010FD4749148981, 7486A1EFE378BFCEE30D169BD0189CABD6935EBEE556BF0328330B120975EA03 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe 21:05:42.0791 0x23a4 EEventManager - ok 21:05:42.0901 0x23a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 21:05:43.0088 0x23a4 Sidebar - ok 21:05:43.0103 0x23a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 21:05:43.0150 0x23a4 mctadmin - ok 21:05:43.0213 0x23a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 21:05:43.0244 0x23a4 Sidebar - ok 21:05:43.0259 0x23a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 21:05:43.0291 0x23a4 mctadmin - ok 21:05:43.0353 0x23a4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 21:05:43.0415 0x23a4 Sidebar - ok 21:05:43.0618 0x23a4 [ CE504C7463B7616A737E0C30C58FF138, 46D80A9B17A1F196A2A3029E28991A99C9833B6B61FB979BE4727ACDA5D7BE60 ] C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe 21:05:43.0649 0x23a4 CAHeadless - ok 21:05:43.0681 0x23a4 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 21:05:43.0696 0x23a4 swg - ok 21:05:43.0790 0x23a4 [ 3DCC4C062FEF19028E5FCC002781C9BB, CE016713365A64680C6211D66CF3D62929785EF08784D984CB8E29A95C2D78B8 ] C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe 21:05:43.0837 0x23a4 Kies3PDLR.exe - ok 21:05:43.0961 0x23a4 [ 61F761A0C9361645F3AA0DE5FECBE491, C2A6A585FC088589302D008713F9B85B2E2891920854A5BD06B302958E56D7C3 ] C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe 21:05:44.0008 0x23a4 SmartSwitchPDLR.exe - ok 21:05:44.0086 0x23a4 [ 97BFD4C3591EDD7A9EA1772DBE0202E6, 31DA37709522C8B8DE2784B3AA3C1A8503E92D084E2C695A303D4D09D5FD2C88 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE 21:05:44.0149 0x23a4 EPLTarget\P0000000000000000 - ok 21:05:44.0180 0x23a4 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe 21:05:44.0242 0x23a4 Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok 21:05:44.0258 0x23a4 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe 21:05:44.0289 0x23a4 Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64 - ok 21:05:44.0305 0x23a4 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe 21:05:44.0351 0x23a4 Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64 - ok 21:05:44.0367 0x23a4 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe 21:05:44.0398 0x23a4 Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64 - ok 21:05:44.0414 0x23a4 [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe 21:05:44.0461 0x23a4 Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64 - ok 21:05:44.0507 0x23a4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 21:05:44.0554 0x23a4 Sidebar - ok 21:05:44.0570 0x23a4 Waiting for KSN requests completion. In queue: 25 21:05:45.0584 0x23a4 Waiting for KSN requests completion. In queue: 25 21:05:46.0925 0x23a4 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated ) 21:05:46.0988 0x23a4 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\wmiav.exe ( 19.0.0.1088 ), 0x41000 ( enabled : updated ) 21:05:46.0988 0x23a4 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\wmiav.exe ( 19.0.0.1088 ), 0x41010 ( enabled ) 21:05:57.0669 0x23a4 ============================================================ 21:05:57.0669 0x23a4 Scan finished 21:05:57.0669 0x23a4 ============================================================ 21:05:57.0669 0x19bc Detected object count: 0 21:05:57.0669 0x19bc Actual detected object count: 0 |
24.08.2018, 20:13 | #15 |
/// TB-Ausbilder | Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory Servus, Downloade Dir bitte RogueKiller - Portable 64 bits auf deinen Desktop.
|
Themen zu Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory |
funktionier, funktioniert, kaspersky, loswerden, memory, system, troja, trojaner |