Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory

Sabrin@ · 22.08.2018, 05:34

Hallo,

Kaspersy findet den Trojaner Trojan.Multi.GenAutorunReg.a in System Memory, aber diesen darüber zu desinfzieren funktioniert nicht.

Malwarebytes findet keine Bedrohung.

Wie kann ich den Trojaner trotzdem loswerden?

Vielen Dank

Sabrin@

Sabrin@ · 22.08.2018, 06:06

Das ist die .txt Datei von AdwCleaner

M-K-D-B · 22.08.2018, 08:28

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Zudem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
Du musst die hier verwendeten Programme NICHT selbst von deinem Computer entfernen. Das erledigt das TBCleanUpTool am Ende automatisch für dich.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Bitte poste mit deiner nächsten Antwort

die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Sabrin@ · 22.08.2018, 14:24

Hallo,

danke schon mal für die Hilfe. Hier die zwei Dateien.

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02
durchgeführt von Arhelger (Administrator) auf ARHELGER-PC (22-08-2018 12:45:31)
Gestartet von C:\Users\Arhelger\Desktop
Geladene Profile: Arhelger &  (Verfügbare Profile: Arhelger)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Salfeld Computer) C:\Windows\cc\WinCtlSvc.exe
(Salfeld Computer) C:\Windows\cc\CtlSysMgr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Salfeld Computer GmbH) C:\ProgramData\NFS\NFSccsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Salfeld Computer) C:\Windows\cc\CtlSysUI.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRIE.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\RunServicesOnce: [WISO Finanz Update] => C:\Users\Arhelger\AppData\Local\Temp\Buhl\WISO Mein Geld 365 Professional\WISOFinanz365Update_24.0.0.100.exe "/Reduced" "/InstallDir=C:\Program Files (x86)\Buhl\WISO Mein Geld 365" "/ProcessID=3916" " (Der Dateneintrag hat 77 mehr Zeichen). <==== ACHTUNG
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ACHTUNG
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-07] (Google Inc.)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1023664 2016-03-25] (Samsung)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {28f75973-3991-11e8-a592-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {2d327e58-f154-11e7-bdac-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
IFEO: [Debugger] logonui.exe
IFEO\sethc.exe: [Debugger] logonui.exe
GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{2F1AB9F8-898F-464B-B9F8-BE087F0E4A2C}: [NameServer] 192.168.178.0
Tcpip\..\Interfaces\{E700DAEE-439D-4EE4-962B-7D3507F98C6A}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06
SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {A7521B9F-4CC8-42E7-907C-2085ABD4F486} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-02-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-06-07] (Oracle Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default [2018-08-20]
FF Homepage: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/
FF NewTab: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/
FF Extension: (Ciuvo Preisvergleich) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\extension@ciuvo.com.xpi [2016-04-19] [Legacy]
FF Extension: (Forecastfox (fix version)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\forecastfox@s3_fix_version.xpi [2016-04-19] [Legacy]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\newtaboverride@agenedia.com.xpi [2016-04-19] [Legacy]
FF Extension: (S3.Google Translator) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\s3google@translator.xpi [2016-04-28] [Legacy]
FF Extension: (Flagfox) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-04-28] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-19] [Legacy]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-08-21]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-10-29] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-07-25] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-06-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-06-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @protectdisc.com/NPPDLicenseHelper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Arhelger\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Arhelger\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei]

Chrome: 
=======
CHR HomePage: Default -> hxxp://home.1und1.de/?linkId=hd.nav.themenportal&ucuoId=PUAC:default.EUE.DE-20150617064232-9E49C81A815F50BE9E13B68A1F3A997C.TCpfix111b&ac=OM.PU.PUb48K85425T7073a
CHR StartupUrls: Default -> "hxxp://home.1und1.de/"
CHR NewTab: Default ->  Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Profile: C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default [2018-08-22]
CHR Extension: (Google Übersetzer) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-08-21]
CHR Extension: (Präsentationen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-21]
CHR Extension: (Kaspersky Protection) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-08-21]
CHR Extension: (Docs) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21]
CHR Extension: (Google Drive) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-21]
CHR Extension: (YouTube) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-08-21]
CHR Extension: (Tabellen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-21]
CHR Extension: (Google Docs Offline) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Google Kalender) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2018-08-21]
CHR Extension: (New Tab Redirect) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-08-21]
CHR Extension: (Drucken für Google Chrome) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd [2018-08-21]
CHR Extension: (Google Play) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-08-21]
CHR Extension: (Google Maps) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-08-21]
CHR Extension: (Google Mail-Checker) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-08-21]
CHR Extension: (IP-Domain-Markierungsfahne) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2018-08-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-21]
CHR Extension: (Google Mail) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-21]
CHR Extension: (Chrome Media Router) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-21]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arhelger\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Arhelger\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [245760 2017-02-28] (AVM GmbH) [Datei ist nicht signiert]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R2 CC-Updater; C:\Windows\cc\WinCtlSvc.exe [7022192 2018-02-16] (Salfeld Computer) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [416560 2018-08-21] (AO Kaspersky Lab)
S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
R2 SCC-Dienst; C:\Windows\cc\ctlsysmgr.exe [6626464 2018-08-21] (Salfeld Computer)
S2 sfrem01; C:\Windows\system32\sfrem01.exe [601208 2006-07-05] (Protection Technology (StarForce))
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert]
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 EsgShKernel; "C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-02-13] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2016-04-26] (AVM Berlin)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [836288 2018-05-27] (EasyAntiCheat Oy)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72904 2017-12-27] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122056 2018-02-02] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [87752 2018-07-20] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [219328 2018-08-21] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1193160 2018-08-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1127104 2018-08-21] (AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [58056 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [161592 2018-07-20] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-08-22] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-08-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-22] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94328 2018-08-22] (Malwarebytes)
R1 netfltcc; C:\Windows\System32\drivers\netfltcc.sys [64680 2017-11-25] (Windows (R) Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce))
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 cpuz134; \??\C:\Users\Arhelger\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ACHTUNG
U3 DfSdkS; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-22 12:42 - 2018-08-22 12:46 - 000034135 _____ C:\Users\Arhelger\Desktop\FRST.txt
2018-08-22 12:42 - 2018-08-22 12:42 - 000000000 ____D C:\FRST
2018-08-22 12:41 - 2018-08-22 12:41 - 002413056 _____ (Farbar) C:\Users\Arhelger\Desktop\FRST64.exe
2018-08-22 06:33 - 2018-08-22 06:35 - 007417040 _____ (Malwarebytes) C:\Users\Arhelger\Desktop\adwcleaner_7.2.2.exe
2018-08-21 21:05 - 2018-08-21 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2018-08-21 21:04 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2018-08-21 21:03 - 2018-08-21 21:03 - 001193160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 001127104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 000219328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 000152360 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2018-08-21 21:00 - 2018-08-21 21:00 - 002509880 _____ (Kaspersky Lab) C:\Users\Arhelger\Downloads\kis19.0.0.1088de_14081.exe
2018-08-21 20:36 - 2018-08-21 20:36 - 008896960 _____ C:\Users\Arhelger\Downloads\kpm.exe
2018-08-21 20:25 - 2018-08-21 20:27 - 000484760 _____ C:\Windows\Minidump\082118-50669-01.dmp
2018-08-21 15:21 - 2018-08-21 15:32 - 579815424 _____ C:\Users\Arhelger\Downloads\krd (1).iso
2018-08-21 15:17 - 2018-08-21 15:19 - 147283752 _____ (Kaspersky Lab ZAO) C:\Users\Arhelger\Downloads\KVRT.exe
2018-08-21 14:19 - 2018-08-21 14:19 - 000380928 _____ C:\Users\Arhelger\Downloads\rb3crkqy.exe
2018-08-21 14:11 - 2018-08-21 14:14 - 579815424 _____ C:\Users\Arhelger\Downloads\krd.iso
2018-08-21 06:39 - 2018-08-21 06:39 - 000002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-21 05:46 - 2018-08-21 06:01 - 000073318 _____ C:\Windows\ntbtlog.txt
2018-08-21 05:16 - 2018-08-21 13:17 - 000455344 _____ (Microsoft Corporation) C:\msvcp120.dll
2018-08-21 05:16 - 2018-08-21 13:17 - 000000057 _____ C:\dllme.txt
2018-08-20 13:21 - 2018-08-22 12:34 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-20 13:21 - 2018-08-22 12:34 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-08-20 13:21 - 2018-08-22 12:34 - 000094328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-08-20 13:21 - 2018-08-22 12:34 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-20 13:20 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-08-20 12:53 - 2018-08-20 12:54 - 000000000 ____D C:\KVRT_Data
2018-08-20 12:47 - 2018-08-20 12:52 - 000002604 _____ C:\XoristDecryptor.2.5.3.4_20.08.2018_12.47.54_log.txt
2018-08-18 22:08 - 2018-08-18 22:13 - 000010330 _____ C:\Users\Arhelger\Documents\Toreliste.xlsx
2018-08-16 05:36 - 2018-08-16 05:36 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-16 05:36 - 2018-08-16 05:36 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-16 05:36 - 2018-08-16 05:36 - 000004378 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-15 18:37 - 2018-08-15 18:48 - 000009821 _____ C:\Users\Arhelger\Documents\Waschliste.xlsx
2018-08-05 19:16 - 2018-08-05 19:16 - 000291784 _____ C:\Windows\Minidump\080518-57829-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-22 12:44 - 2017-07-25 14:44 - 000000911 _____ C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job
2018-08-22 12:41 - 2012-02-09 06:43 - 000003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{39A51ED7-4797-424D-AF39-0B9550252DFD}
2018-08-22 12:36 - 2012-04-25 13:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-08-22 12:35 - 2012-02-07 07:28 - 000000000 ____D C:\Users\Arhelger
2018-08-22 12:33 - 2014-04-09 06:42 - 000000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-08-22 12:32 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-22 12:30 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\dl
2018-08-22 07:07 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-22 07:07 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-21 21:06 - 2016-09-19 08:04 - 000000000 ____D C:\Program Files\Common Files\AV
2018-08-21 21:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-21 21:04 - 2016-09-19 07:57 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-08-21 21:01 - 2018-06-06 05:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-08-21 20:25 - 2012-05-17 07:21 - 000000000 ____D C:\Windows\Minidump
2018-08-21 20:24 - 2018-07-10 20:11 - 1557671786 _____ C:\Windows\MEMORY.DMP
2018-08-21 13:18 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sabrina
2018-08-21 12:53 - 2014-09-15 12:27 - 000000000 ____D C:\AdwCleaner
2018-08-21 07:03 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sven
2018-08-21 06:39 - 2012-02-07 07:31 - 000000000 ____D C:\Users\Arhelger\AppData\Local\Google
2018-08-21 06:38 - 2012-02-07 07:22 - 000000000 ____D C:\Program Files (x86)\Google
2018-08-20 14:29 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\cc
2018-08-18 21:52 - 2015-04-30 06:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-18 16:51 - 2012-11-05 09:37 - 000058051 _____ C:\Users\Arhelger\Documents\Wanderwege Dietzhölztal - Eschenburg.xlsx
2018-08-18 16:29 - 2017-05-12 18:14 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Mozilla
2018-08-18 16:29 - 2016-11-27 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-08-18 16:29 - 2015-04-30 06:04 - 000001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2018-08-18 16:29 - 2014-03-25 09:07 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Thunderbird
2018-08-18 16:29 - 2014-02-04 09:04 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Mozilla
2018-08-16 06:12 - 2012-02-08 07:22 - 000000000 ____D C:\Users\Arhelger\Documents\WISO Mein Geld
2018-08-16 06:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-08-16 05:36 - 2018-05-21 15:14 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-08-16 05:36 - 2011-10-14 14:15 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-16 05:36 - 2011-07-18 23:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-15 05:15 - 2015-06-26 05:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-07 05:45 - 2011-05-16 16:04 - 000699884 _____ C:\Windows\system32\perfh007.dat
2018-08-07 05:45 - 2011-05-16 16:04 - 000149766 _____ C:\Windows\system32\perfc007.dat
2018-08-07 05:45 - 2009-07-14 07:13 - 001622300 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-01 20:07 - 2012-02-08 07:17 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-23 06:21 - 2015-04-23 06:21 - 004218880 _____ (Piriform Ltd) C:\Program Files (x86)\ccsetup504_slim.exe
2015-04-06 10:47 - 2015-04-06 10:47 - 000000132 _____ () C:\Users\Arhelger\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2015-01-15 08:53 - 2015-01-15 08:53 - 000001456 _____ () C:\Users\Arhelger\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2016-07-16 15:12 - 2016-07-16 15:12 - 000009728 _____ () C:\Users\Arhelger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-20 14:40 - 2015-04-20 14:40 - 000000000 ___SH () C:\Users\Arhelger\AppData\Local\LumaEmu
2013-10-18 03:23 - 2013-10-18 03:23 - 000007605 _____ () C:\Users\Arhelger\AppData\Local\Resmon.ResmonCfg
2012-02-07 09:12 - 2012-02-07 09:12 - 000017408 _____ () C:\Users\Arhelger\AppData\Local\WebpageIcons.db

Einige Dateien in TEMP:
====================
2017-11-10 07:15 - 2014-03-06 02:39 - 000726616 ____N (CANON INC.) C:\Users\Arhelger\AppData\Local\Temp\MPDD0000.exe
2017-07-25 08:27 - 2014-03-12 13:40 - 001122384 ____N (CANON INC.) C:\Users\Arhelger\AppData\Local\Temp\MSETUP4.EXE
2016-03-29 15:42 - 2016-03-29 15:42 - 007251976 _____ (SEIKO EPSON CORPORATION) C:\Users\Arhelger\AppData\Local\Temp\Setup.exe
2017-07-25 08:04 - 2014-01-20 09:38 - 000354392 _____ (CANON INC.) C:\Users\Arhelger\AppData\Local\Temp\uninstall.exe
2018-05-14 05:41 - 2012-02-29 16:28 - 000455600 _____ (Macrovision Corporation) C:\Users\Arhelger\AppData\Local\Temp\_is815F.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-08-16 17:16

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02
durchgeführt von Arhelger (22-08-2018 12:47:47)
Gestartet von C:\Users\Arhelger\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-07 05:28:37)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2519664068-3109547711-38441924-500 - Administrator - Disabled)
Arhelger (S-1-5-21-2519664068-3109547711-38441924-1001 - Administrator - Enabled) => C:\Users\Arhelger
Gast (S-1-5-21-2519664068-3109547711-38441924-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2519664068-3109547711-38441924-1026 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (HKLM\...\{66CF1DF9-1715-4325-89BC-76B1CA2EE3BE}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Ahnenblatt 2.98 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.98.1.1 - Dirk Böttcher)
AMD Catalyst Install Manager (HKLM\...\{0348F1C7-2092-A05D-DC67-8ECA9EA72C20}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Apowersoft Online Launcher Version 1.4.6 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{D2DCF339-7EBC-4D88-B515-A504297796EA}) (Version: 3.6.0 - Kovid Goyal)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER CD-DVD Druckerei 7 (HKLM-x32\...\CD-DVD Druckerei 7_is1) (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Druckerdeinstallation für EPSON XP-540 Series (HKLM\...\EPSON XP-540 Series) (Version:  - Seiko Epson Corporation)
Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation)
EG*Headlight 1 e-Workbook (HKLM-x32\...\{94D858E3-1BE9-4D81-94A4-FF1695F61CAB}) (Version: 1.0.7.0 - Cornelsen Verlag)
Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Ihr Firmenname) Hidden
Epic Games Launcher (HKLM-x32\...\{AF7881ED-41D7-4ECA-8C7C-AE10DFA0E489}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{29F4F2C2-CB73-418D-BA99-7BB5ECD9F7BF}) (Version: 4.4.6 - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FRITZ!Powerline (HKLM-x32\...\{EB579783-79C4-461A-9493-B9F19EAA23B2}) (Version: 01.02.00 - AVM GmbH)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpg4000 (HKLM-x32\...\{2814D1CB-7038-4EE4-8421-9C18FD571014}) (Version: 13.0.0.0 - Ihr Firmenname) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kindersicherung 2017 (HKLM-x32\...\Salfeld-Kindersicherung_is1) (Version:  - )
Landwirtschafts Simulator 2011 (HKLM-x32\...\FarmingSimulator2011_PLATINUMDE_is1) (Version: 1.0 - GIANTS Software)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
MAGIX Foto Manager 10 (HKLM-x32\...\{5F2380C8-5443-40E4-8FD5-DE0AEC16B4BC}) (Version: 8.0.1.136 - MAGIX AG) Hidden
MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG)
MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\{340912AA-1A68-4D7F-9604-E3520FF69B98}) (Version: 10.5.0.12 - MAGIX AG) Hidden
MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx_SE) (Version: 10.5.0.12 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\{A6338038-539C-3896-C692-1D33BBB01D46}) (Version: 1.1.0 - myphotobook GmbH) Hidden
MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH)
MAGIX Screenshare (HKLM-x32\...\{129D4434-B9AB-4C09-BCE1-110E6C8E10E9}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 2014 (HKLM\...\{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5041.1001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
Mozilla Thunderbird 60.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 60.0 (x86 de)) (Version: 60.0 - Mozilla)
Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{45FF54A4-ECD4-455D-89A2-D209737AD726}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{125D677D-7C65-4660-8E1C-68EF9F32F291}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PRE11 STI 64Installer (HKLM-x32\...\{B614E5FA-6DA4-45A1-845C-52F870240A89}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\.DEFAULT\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Hidden
SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\InstallShield_{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory)
Sinner Kochbuch-CD (HKLM-x32\...\Sinner Kochbuch-CD) (Version: 1.0 - Computerstudio Lemmer & Ernst GmbH)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sounds für Video- und Foto Shows DELUXE (HKLM-x32\...\Sounds für Video- und Foto Shows DELUXE) (Version:  - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Versandhelfer (HKLM-x32\...\{7189F66A-1560-1573-05C9-DE53613AEA1A}) (Version: 0.9.511 - Deutsche Post AG) Hidden
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionpc.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WISO Mein Geld 365 Professional (HKLM-x32\...\{36C0BA39-2207-4146-BD4E-3146DF7B9147}) (Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden
WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version:  - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{E2049356-A0DB-404A-A8FA-521981BE9736}) (Version: 24.00.1375 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{2827FF45-D53F-4E56-B4A7-AB71F58A3945}) (Version: 25.00.1359 - Buhl Data Service GmbH)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2519664068-3109547711-38441924-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arhelger\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-15] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {27A9B751-54B1-4C34-80FD-671C0D15FDD5} - System32\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {2965DD3B-3092-4083-8961-B712E545D4DC} - System32\Tasks\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA} => E:\AutoStarter.exe
Task: {33FBFA83-E6EA-43C5-9C4F-C9BE0F7F4440} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {3975816E-C543-4A8E-97CB-45685403F54C} - System32\Tasks\{6A91FDCB-94AF-4D97-9C80-E46395E39257} => C:\Windows\system32\pcalua.exe -a "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster\12400-annihilator-v09.exe" -d "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster"
Task: {3A29FA87-8FFA-4A97-9EAF-D6FF83004861} - System32\Tasks\{84062063-C92A-47A5-8F03-AB3936029012} => E:\AutoStarter.exe
Task: {41867780-87F0-41F4-93CE-27EC26702487} - System32\Tasks\AdobeAAMUpdater-1.0-Arhelger-PC-Arhelger => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {69960CA3-BF20-46D1-A185-697EB5E88195} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {93FF0622-A5E9-42A7-8DC9-EF2D8705766F} - System32\Tasks\{ECEE297A-548D-44AC-83E1-39E190F9CE3D} => C:\Windows\system32\pcalua.exe -a C:\Users\Arhelger\Downloads\KiesSetup.exe -d C:\Users\Arhelger\Downloads
Task: {C41E458A-066F-4949-988C-ADA1DFB53FC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C4F77D83-E9BE-4623-93C1-1EA03A7BA6B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {D2D7279E-97E4-49D7-975A-0FF6CF076EDA} - System32\Tasks\{14435DC4-9037-46B0-AC76-63495A072DB3} => C:\Windows\system32\pcalua.exe -a "E:\Flatout Ultimate Carnage\1Setup.exe" -d "E:\Flatout Ultimate Carnage"
Task: {DAF4BB1B-2E9A-4774-9840-7DD25D2DC585} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {E0A9F752-14E5-4F98-B6D1-AD7F21DDA114} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-16] (Adobe Systems Incorporated)
Task: {E5105AE2-05D1-4016-BFCB-CF159E6BD14C} - System32\Tasks\{B0FE20F0-FF1A-43F8-A424-FE83AB4A359E} => C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe [2016-12-13] (Seiko Epson Corporation)
Task: {F0560587-8336-4E42-BB5D-640F637F5D6D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-08-16] (Adobe Systems Incorporated)
Task: {FBC496D9-5A9C-47A8-9AED-7ACA124821F1} - \{6220CDF8-30A8-45DE-8BC4-E3953F081C4A} -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE:/EXE:{43713E83-749E-4B66-AFC6-AA2EF8550266} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9d7ba33b467ddc1\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\Jannik - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eafae96818e1883\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Sven - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-04-14 06:59 - 2006-02-23 11:35 - 000020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2014-04-14 06:59 - 2006-02-22 10:39 - 000020480 _____ () C:\Windows\System32\FritzPort64.dll
2014-10-09 09:30 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-10-07 12:23 - 2011-10-07 12:23 - 000070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2012-02-07 07:22 - 2012-02-07 07:22 - 000058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000029696 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Config\2.7.0.12__f722db7bec59a14b\Tvd.Config.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000112640 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\ApricoIJW.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 006936576 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\axelspringer.dll
2018-08-20 13:20 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-20 13:20 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2011-09-15 22:44 - 2011-09-15 22:44 - 000103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-09-15 23:00 - 2011-09-15 23:00 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2018-08-21 06:39 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-21 06:39 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2017-04-07 06:42 - 2016-04-13 13:18 - 000178968 _____ () C:\ProgramData\Software\CC\sse.dll
2017-04-07 06:55 - 2017-11-25 14:40 - 000131072 _____ () C:\ProgramData\NFS\nfccapi.dll
2017-04-07 06:55 - 2017-11-25 14:40 - 000376832 _____ () C:\ProgramData\NFS\protflt.dll
2018-08-21 21:04 - 2018-08-21 21:04 - 000864112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\kpcengine.2.3.dll
2017-04-07 06:42 - 2016-10-31 14:08 - 000249456 _____ () C:\ProgramData\Software\CC\v2\wdrvhook.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Public\AppData:CSM [232]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arhelger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2519664068-3109547711-38441924-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{5D361A38-5498-4331-B111-132C538EC5B9}] => (Allow) E:\fsetup.exe
FirewallRules: [{A00308AE-8E41-48B4-A796-05F7A7EC7482}] => (Allow) E:\fsetup.exe
FirewallRules: [{CE46EE81-7714-42C7-8041-69C83EA8436F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{765D66BE-F09F-4923-A789-38D494A6121A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{DFE9DC56-7B3D-4AAC-B46A-52D0B8A9AF61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{63F90E36-F39A-495D-A93A-C5A52DD66F78}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{FC1FA289-2AA2-4D6F-8F1E-0519695C58F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{B5090DE8-9AF7-49CF-9BC6-822239F6B4D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{7D7A3876-BD96-47E2-87A1-B40AEF6D0FB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F97EAD12-3756-4A61-A1F5-E03A9F45DD25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B44A455B-4183-466D-A13C-4E3AB9CB91CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{4B0C2595-2171-435C-BCC2-62C5DF32776D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5E4AE683-1F68-4FA4-A7F3-F5BDE57F653F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{16B70705-EC2B-4A58-8BDC-21B71DBBEF90}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{36FC00FA-A056-40DC-8E6F-2F5157443BA8}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{64842565-BBC4-4E8B-A5E4-A528247576F0}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{9EE153AF-E7BD-41D5-9FD9-1EA4C886D48C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe
FirewallRules: [{16C08C33-DD75-4EAD-86FE-A6AC7F47B91A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe
FirewallRules: [{518C6F44-A86C-4DA1-9C2E-DA80D1E33C86}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe
FirewallRules: [{D27684F6-43EC-416A-AA16-617A3C6FC155}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe
FirewallRules: [{7EA9C506-8B8F-4FA3-899C-7B53B73652D7}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{D4F457AE-F913-44AD-B940-08685D9388AB}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{3A0307A1-6B13-4CF0-BFFE-39FEE3331263}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1032E88E-BCBA-4B4D-BAA4-BE28ED64843D}] => (Allow) LPort=2869
FirewallRules: [{58FBDCE0-332E-4594-8624-478516053E1F}] => (Allow) LPort=1900
FirewallRules: [{417C6553-2C5E-4570-812F-E8969030A2E2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BD892735-C166-45B0-806E-20961954A31B}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe
FirewallRules: [{ACBA402D-1CE4-42C4-8C4B-A2895D305F5F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe
FirewallRules: [{9C39DC11-AF1E-4875-8125-B9531BB85880}] => (Allow) LPort=8743
FirewallRules: [{A956D535-DF15-498C-909B-10A0527A61B0}] => (Allow) LPort=8643
FirewallRules: [{20CBC063-52F8-4F25-90DB-8EF17FE8F5D5}] => (Allow) LPort=7676
FirewallRules: [{29A60709-655D-40F7-8A78-E3375B7F2FA8}] => (Allow) LPort=7679
FirewallRules: [{96144A4C-86AC-473F-8F51-7FE4CF1E1350}] => (Allow) LPort=24234
FirewallRules: [{5CD6ACFA-6713-4F62-B336-36C2AED59855}] => (Allow) LPort=7900
FirewallRules: [{2CCB2DBC-F498-417F-A996-B3ED6D58D53B}] => (Allow) LPort=1900
FirewallRules: [{47FF4180-27FE-4A39-9C9D-71697001C15E}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{F49484E6-540A-42F6-8FC8-7D9C916003ED}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{02474A9C-02D2-4DA8-B3DA-00DA33909D4D}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe
FirewallRules: [{52B440E1-C299-4448-AA20-D31560AD999F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe
FirewallRules: [{18DD90AA-0FAB-48FD-92BE-B6B59BC6F2F6}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{98C608F0-EF9F-43CF-9762-1CC95025E450}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [TCP Query User{ACB93035-9656-42CF-81D6-4CABF9077D0F}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [UDP Query User{0E59C1ED-2482-4C3F-AFA5-8C7BD65B3B47}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [{A870AFC8-A03C-4D46-A553-14FF7207E1AB}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [{B33558FD-473A-49EB-BC63-F6149C275D5E}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [TCP Query User{E52A09B1-7344-4E4B-A3F2-D203296262D1}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [UDP Query User{54F8861F-374D-4D90-8FAE-82061F8A4AE0}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [TCP Query User{DF63CED5-6898-4B8A-B135-FFE85EB22B82}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [UDP Query User{C1981E0B-04CF-498E-8AAA-F4C64BF8689F}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [{45AD1EAE-E04A-464E-AF72-58D0B56B602B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{F0AD9EB0-A809-49C8-BDAB-C14A9211EE2C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{CD173555-A1AF-47D4-9121-89397355486C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{DE6FA034-B2F9-4186-87C7-E4E4AE83839D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{760E7544-CC9D-4960-A00E-CF8C3A481CE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/22/2018 12:45:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 19.8.2018.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 12f8

Startzeit: 01d43a04c3087782

Endzeit: 0

Anwendungspfad: C:\Users\Arhelger\Desktop\FRST64.exe

Berichts-ID: 6e3160ec-a5f8-11e8-8096-e0b9a5d47ad7

Error: (08/22/2018 12:32:57 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/22/2018 06:59:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce85b
ID des fehlerhaften Prozesses: 0xf84
Startzeit der fehlerhaften Anwendung: 0x01d439d4e01a51e7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: 36a1799d-a5c8-11e8-bbae-e0b9a5d47ad7

Error: (08/22/2018 06:54:28 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/22/2018 05:38:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce85b
ID des fehlerhaften Prozesses: 0x1d74
Startzeit der fehlerhaften Anwendung: 0x01d439c9888cf8f4
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: c9203129-a5bc-11e8-96cf-e0b9a5d47ad7

Error: (08/22/2018 05:33:20 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/21/2018 08:57:31 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/21/2018 08:29:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ctlsysmgr.exe, Version: 18.0.0.2316, Zeitstempel: 0x5b63fb88
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000954b3
ID des fehlerhaften Prozesses: 0x80
Startzeit der fehlerhaften Anwendung: 0x01d4397c4a621571
Pfad der fehlerhaften Anwendung: C:\Windows\cc\ctlsysmgr.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: 1577ec42-a570-11e8-bb95-e0b9a5d47ad7


Systemfehler:
=============
Error: (08/22/2018 12:40:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (08/22/2018 12:39:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (08/22/2018 12:37:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (08/22/2018 12:35:16 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: Arhelger-PC)
Description: Fehler bei der Verarbeitung der Gruppenrichtlinie. Es wurde versucht, registrierungsbasierte Richtlinieneinstellungen für das Gruppenrichtlinienobjekt "LocalGPO-S-1-5-21-2519664068-3109547711-38441924-1001" zu lesen. Die Gruppenrichtlinieneinstellungen dürfen nicht erzwungen werden, bis dieses Ereignis behoben ist. Weitere Informationen über den Dateinamen und -pfad, der den Fehler verursacht hat, können den Ereignisdetails entnommen werden.

Error: (08/22/2018 12:33:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sfdrv01a
sfsync04

Error: (08/22/2018 12:33:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/22/2018 12:33:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht.

Error: (08/22/2018 12:32:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde nicht richtig gestartet.


CodeIntegrity:
===================================

Date: 2015-02-12 06:03:46.313
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 06:03:46.250
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 05:51:58.542
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 05:51:58.480
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:13:06.691
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:13:06.676
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:11:24.261
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:11:24.246
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Speicherinformationen =========================== 

Prozessor: AMD A8-3820 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 76%
Installierter physikalischer RAM: 3576.13 MB
Verfügbarer physikalischer RAM: 840.73 MB
Summe virtueller Speicher: 7150.45 MB
Verfügbarer virtueller Speicher: 4220.81 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:407.34 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:48.77 GB) NTFS

\\?\Volume{bc107e45-5195-11e1-bc72-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende von Addition.txt ============================

Hallo,

ich habe noch einen zweiten PC mit den selben Problemen, mache aber dafür ein neues Thema auf, da es beim auslesen bestimmt auch andere Aussagen gibt.

M-K-D-B · 22.08.2018, 18:12

Servus,

Schritt 1
Lade Dir bitte SpyHunterCleaner herunter und speichere es auf dem Desktop.

Schließe alle offenen Programme.
Rechtsklicke auf die SpyHunterCleaner.bat und wähle Als Administrator ausführen.
Solltest du die Meldung "Der Computer wurde durch Windows geschützt" erhalten, klicke auf Weitere Informationen und dann auf Trotzdem ausführen.
Erlaube die Ausführung des Windows-Befehlsprozessors, es öffnet sich ein schwarzes Fenster der Kommandozeile.
Drücke eine beliebige Taste, um den Entfernungsprozess zu starten.
Am Ende wird dein Rechner automatisch neu gestartet.

Schritt 2

Kopiere den gesamten Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ACHTUNG
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
IFEO: [Debugger] logonui.exe
IFEO\sethc.exe: [Debugger] logonui.exe
GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG
U3 DfSdkS; kein ImagePath
Task: {FBC496D9-5A9C-47A8-9AED-7ACA124821F1} - \{6220CDF8-30A8-45DE-8BC4-E3953F081C4A} -> Keine Datei <==== ACHTUNG
Task: {D2D7279E-97E4-49D7-975A-0FF6CF076EDA} - System32\Tasks\{14435DC4-9037-46B0-AC76-63495A072DB3} => C:\Windows\system32\pcalua.exe -a "E:\Flatout Ultimate Carnage\1Setup.exe" -d "E:\Flatout Ultimate Carnage"
Task: {2965DD3B-3092-4083-8961-B712E545D4DC} - System32\Tasks\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA} => E:\AutoStarter.exe
Task: {3A29FA87-8FFA-4A97-9EAF-D6FF83004861} - System32\Tasks\{84062063-C92A-47A5-8F03-AB3936029012} => E:\AutoStarter.exe
Task: {93FF0622-A5E9-42A7-8DC9-EF2D8705766F} - System32\Tasks\{ECEE297A-548D-44AC-83E1-39E190F9CE3D} => C:\Windows\system32\pcalua.exe -a C:\Users\Arhelger\Downloads\KiesSetup.exe -d C:\Users\Arhelger\Downloads
Folder: C:\Users\Arhelger\AppData\Local\LumaEmu
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
CMD: ipconfig /flushdns
CMD: netsh winsock reset
RemoveProxy:
EmptyTemp:
End::

Starte nun FRST und klicke direkt den Entfernen Button. Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

eine Rückmeldung bezüglich der Ausführung von SpyHunterCleaner,
die Logdatei des FRST-Fix (fixlog.txt),
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Sabrin@ · 22.08.2018, 20:03

Hallo,

fixlog kann ich nicht einfügen, da wohl zu groß

Hier die neuen Dateien

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22.08.2018
durchgeführt von Arhelger (Administrator) auf ARHELGER-PC (22-08-2018 20:45:26)
Gestartet von C:\Users\Arhelger\Desktop
Geladene Profile: Arhelger (Verfügbare Profile: Arhelger)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Salfeld Computer) C:\Windows\cc\WinCtlSvc.exe
(Salfeld Computer) C:\Windows\cc\CtlSysMgr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Salfeld Computer GmbH) C:\ProgramData\NFS\NFSccsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Salfeld Computer) C:\Windows\cc\CtlSysUI.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRIE.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\RunServicesOnce: [WISO Finanz Update] => C:\Users\Arhelger\AppData\Local\Temp\Buhl\WISO Mein Geld 365 Professional\WISOFinanz365Update_24.0.0.100.exe "/Reduced" "/InstallDir=C:\Program Files (x86)\Buhl\WISO Mein Geld 365" "/ProcessID=3916" " (Der Dateneintrag hat 77 mehr Zeichen). <==== ACHTUNG
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ACHTUNG
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-07] (Google Inc.)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1023664 2016-03-25] (Samsung)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {28f75973-3991-11e8-a592-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {2d327e58-f154-11e7-bdac-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe
IFEO\sethc.exe: [Debugger] logonui.exe
GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{2F1AB9F8-898F-464B-B9F8-BE087F0E4A2C}: [NameServer] 192.168.178.0
Tcpip\..\Interfaces\{E700DAEE-439D-4EE4-962B-7D3507F98C6A}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06
SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {A7521B9F-4CC8-42E7-907C-2085ABD4F486} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-02-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-06-07] (Oracle Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default [2018-08-22]
FF Homepage: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/
FF NewTab: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/
FF Extension: (Ciuvo Preisvergleich) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\extension@ciuvo.com.xpi [2016-04-19] [Legacy]
FF Extension: (Forecastfox (fix version)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\forecastfox@s3_fix_version.xpi [2016-04-19] [Legacy]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\newtaboverride@agenedia.com.xpi [2016-04-19] [Legacy]
FF Extension: (S3.Google Translator) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\s3google@translator.xpi [2016-04-28] [Legacy]
FF Extension: (Flagfox) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-04-28] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-19] [Legacy]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-08-21]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-10-29] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-07-25] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-06-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-06-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @protectdisc.com/NPPDLicenseHelper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Arhelger\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Arhelger\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei]

Chrome: 
=======
CHR HomePage: Default -> hxxp://home.1und1.de/?linkId=hd.nav.themenportal&ucuoId=PUAC:default.EUE.DE-20150617064232-9E49C81A815F50BE9E13B68A1F3A997C.TCpfix111b&ac=OM.PU.PUb48K85425T7073a
CHR StartupUrls: Default -> "hxxp://home.1und1.de/"
CHR NewTab: Default ->  Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Profile: C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default [2018-08-22]
CHR Extension: (Google Übersetzer) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-08-21]
CHR Extension: (Präsentationen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-21]
CHR Extension: (Kaspersky Protection) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-08-21]
CHR Extension: (Docs) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21]
CHR Extension: (Google Drive) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-21]
CHR Extension: (YouTube) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-08-21]
CHR Extension: (Tabellen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-21]
CHR Extension: (Google Docs Offline) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Google Kalender) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2018-08-21]
CHR Extension: (New Tab Redirect) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-08-21]
CHR Extension: (Drucken für Google Chrome) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd [2018-08-21]
CHR Extension: (Google Play) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-08-21]
CHR Extension: (Google Maps) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-08-21]
CHR Extension: (Google Mail-Checker) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-08-21]
CHR Extension: (IP-Domain-Markierungsfahne) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2018-08-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-21]
CHR Extension: (Google Mail) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-21]
CHR Extension: (Chrome Media Router) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-21]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arhelger\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Arhelger\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [245760 2017-02-28] (AVM GmbH) [Datei ist nicht signiert]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R2 CC-Updater; C:\Windows\cc\WinCtlSvc.exe [7022192 2018-02-16] (Salfeld Computer) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [416560 2018-08-21] (AO Kaspersky Lab)
S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
R2 SCC-Dienst; C:\Windows\cc\ctlsysmgr.exe [6626464 2018-08-21] (Salfeld Computer)
S2 sfrem01; C:\Windows\system32\sfrem01.exe [601208 2006-07-05] (Protection Technology (StarForce))
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert]
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-02-13] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2016-04-26] (AVM Berlin)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [836288 2018-05-27] (EasyAntiCheat Oy)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72904 2017-12-27] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122056 2018-02-02] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [87752 2018-07-20] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [219328 2018-08-21] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1193160 2018-08-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1127104 2018-08-21] (AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [58056 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [161592 2018-07-20] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-08-22] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-08-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-22] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94328 2018-08-22] (Malwarebytes)
R1 netfltcc; C:\Windows\System32\drivers\netfltcc.sys [64680 2017-11-25] (Windows (R) Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce))
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 cpuz134; \??\C:\Users\Arhelger\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-22 20:38 - 2018-08-22 20:38 - 000003288 ____N C:\bootsqm.dat
2018-08-22 20:15 - 2018-08-22 20:21 - 000129528 _____ C:\Users\Arhelger\Desktop\Fixlog.txt
2018-08-22 19:55 - 2018-08-22 19:55 - 000000000 ____D C:\Users\Arhelger\Desktop\FRST-OlderVersion
2018-08-22 19:34 - 2018-08-22 19:34 - 000030060 _____ C:\Users\Arhelger\Desktop\SpyHunterCleaner.bat
2018-08-22 12:47 - 2018-08-22 12:50 - 000066843 _____ C:\Users\Arhelger\Desktop\Addition.txt
2018-08-22 12:42 - 2018-08-22 20:50 - 000034385 _____ C:\Users\Arhelger\Desktop\FRST.txt
2018-08-22 12:42 - 2018-08-22 20:45 - 000000000 ____D C:\FRST
2018-08-22 12:41 - 2018-08-22 19:55 - 002413056 _____ (Farbar) C:\Users\Arhelger\Desktop\FRST64.exe
2018-08-22 06:33 - 2018-08-22 06:35 - 007417040 _____ (Malwarebytes) C:\Users\Arhelger\Desktop\adwcleaner_7.2.2.exe
2018-08-21 21:05 - 2018-08-21 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2018-08-21 21:04 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2018-08-21 21:03 - 2018-08-21 21:03 - 001193160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 001127104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 000219328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 000152360 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2018-08-21 21:00 - 2018-08-21 21:00 - 002509880 _____ (Kaspersky Lab) C:\Users\Arhelger\Downloads\kis19.0.0.1088de_14081.exe
2018-08-21 20:36 - 2018-08-21 20:36 - 008896960 _____ C:\Users\Arhelger\Downloads\kpm.exe
2018-08-21 20:25 - 2018-08-21 20:27 - 000484760 _____ C:\Windows\Minidump\082118-50669-01.dmp
2018-08-21 15:21 - 2018-08-21 15:32 - 579815424 _____ C:\Users\Arhelger\Downloads\krd (1).iso
2018-08-21 15:17 - 2018-08-21 15:19 - 147283752 _____ (Kaspersky Lab ZAO) C:\Users\Arhelger\Downloads\KVRT.exe
2018-08-21 14:19 - 2018-08-21 14:19 - 000380928 _____ C:\Users\Arhelger\Downloads\rb3crkqy.exe
2018-08-21 14:11 - 2018-08-21 14:14 - 579815424 _____ C:\Users\Arhelger\Downloads\krd.iso
2018-08-21 06:39 - 2018-08-21 06:39 - 000002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-21 05:46 - 2018-08-21 06:01 - 000073318 _____ C:\Windows\ntbtlog.txt
2018-08-21 05:16 - 2018-08-21 13:17 - 000455344 _____ (Microsoft Corporation) C:\msvcp120.dll
2018-08-21 05:16 - 2018-08-21 13:17 - 000000057 _____ C:\dllme.txt
2018-08-20 13:21 - 2018-08-22 20:40 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-08-20 13:21 - 2018-08-22 20:40 - 000094328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-08-20 13:21 - 2018-08-22 20:40 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-08-20 13:21 - 2018-08-22 20:39 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-20 13:20 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-08-20 12:53 - 2018-08-20 12:54 - 000000000 ____D C:\KVRT_Data
2018-08-20 12:47 - 2018-08-20 12:52 - 000002604 _____ C:\XoristDecryptor.2.5.3.4_20.08.2018_12.47.54_log.txt
2018-08-18 22:08 - 2018-08-18 22:13 - 000010330 _____ C:\Users\Arhelger\Documents\Toreliste.xlsx
2018-08-16 05:36 - 2018-08-16 05:36 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-16 05:36 - 2018-08-16 05:36 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-16 05:36 - 2018-08-16 05:36 - 000004378 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-15 18:37 - 2018-08-15 18:48 - 000009821 _____ C:\Users\Arhelger\Documents\Waschliste.xlsx
2018-08-05 19:16 - 2018-08-05 19:16 - 000291784 _____ C:\Windows\Minidump\080518-57829-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-22 20:48 - 2017-07-26 05:35 - 000000334 __RSH C:\Users\Arhelger\ntuser.pol
2018-08-22 20:48 - 2012-02-07 07:28 - 000000000 ____D C:\Users\Arhelger
2018-08-22 20:45 - 2017-07-25 14:44 - 000000911 _____ C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job
2018-08-22 20:41 - 2012-04-25 13:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-08-22 20:39 - 2014-04-09 06:42 - 000000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-08-22 20:38 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\dl
2018-08-22 20:38 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-22 20:20 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-22 20:20 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-22 20:17 - 2013-07-04 06:50 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Temp
2018-08-22 15:18 - 2012-02-09 06:43 - 000003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{39A51ED7-4797-424D-AF39-0B9550252DFD}
2018-08-21 21:06 - 2016-09-19 08:04 - 000000000 ____D C:\Program Files\Common Files\AV
2018-08-21 21:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-21 21:04 - 2016-09-19 07:57 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-08-21 21:01 - 2018-06-06 05:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-08-21 20:25 - 2012-05-17 07:21 - 000000000 ____D C:\Windows\Minidump
2018-08-21 20:24 - 2018-07-10 20:11 - 1557671786 _____ C:\Windows\MEMORY.DMP
2018-08-21 13:18 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sabrina
2018-08-21 12:53 - 2014-09-15 12:27 - 000000000 ____D C:\AdwCleaner
2018-08-21 07:03 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sven
2018-08-21 06:39 - 2012-02-07 07:31 - 000000000 ____D C:\Users\Arhelger\AppData\Local\Google
2018-08-21 06:38 - 2012-02-07 07:22 - 000000000 ____D C:\Program Files (x86)\Google
2018-08-20 14:29 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\cc
2018-08-18 21:52 - 2015-04-30 06:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-18 16:51 - 2012-11-05 09:37 - 000058051 _____ C:\Users\Arhelger\Documents\Wanderwege Dietzhölztal - Eschenburg.xlsx
2018-08-18 16:29 - 2017-05-12 18:14 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Mozilla
2018-08-18 16:29 - 2016-11-27 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-08-18 16:29 - 2015-04-30 06:04 - 000001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2018-08-18 16:29 - 2014-03-25 09:07 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Thunderbird
2018-08-18 16:29 - 2014-02-04 09:04 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Mozilla
2018-08-16 06:12 - 2012-02-08 07:22 - 000000000 ____D C:\Users\Arhelger\Documents\WISO Mein Geld
2018-08-16 06:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-08-16 05:36 - 2018-05-21 15:14 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-08-16 05:36 - 2011-10-14 14:15 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-16 05:36 - 2011-07-18 23:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-15 05:15 - 2015-06-26 05:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-07 05:45 - 2011-05-16 16:04 - 000699884 _____ C:\Windows\system32\perfh007.dat
2018-08-07 05:45 - 2011-05-16 16:04 - 000149766 _____ C:\Windows\system32\perfc007.dat
2018-08-07 05:45 - 2009-07-14 07:13 - 001622300 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-01 20:07 - 2012-02-08 07:17 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-23 06:21 - 2015-04-23 06:21 - 004218880 _____ (Piriform Ltd) C:\Program Files (x86)\ccsetup504_slim.exe
2015-04-06 10:47 - 2015-04-06 10:47 - 000000132 _____ () C:\Users\Arhelger\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2015-01-15 08:53 - 2015-01-15 08:53 - 000001456 _____ () C:\Users\Arhelger\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2016-07-16 15:12 - 2016-07-16 15:12 - 000009728 _____ () C:\Users\Arhelger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-20 14:40 - 2015-04-20 14:40 - 000000000 ___SH () C:\Users\Arhelger\AppData\Local\LumaEmu
2013-10-18 03:23 - 2013-10-18 03:23 - 000007605 _____ () C:\Users\Arhelger\AppData\Local\Resmon.ResmonCfg
2012-02-07 09:12 - 2012-02-07 09:12 - 000017408 _____ () C:\Users\Arhelger\AppData\Local\WebpageIcons.db

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-08-16 17:16

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22.08.2018
durchgeführt von Arhelger (22-08-2018 20:51:18)
Gestartet von C:\Users\Arhelger\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-07 05:28:37)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2519664068-3109547711-38441924-500 - Administrator - Disabled)
Arhelger (S-1-5-21-2519664068-3109547711-38441924-1001 - Administrator - Enabled) => C:\Users\Arhelger
Gast (S-1-5-21-2519664068-3109547711-38441924-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2519664068-3109547711-38441924-1026 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (HKLM\...\{66CF1DF9-1715-4325-89BC-76B1CA2EE3BE}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Ahnenblatt 2.98 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.98.1.1 - Dirk Böttcher)
AMD Catalyst Install Manager (HKLM\...\{0348F1C7-2092-A05D-DC67-8ECA9EA72C20}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Apowersoft Online Launcher Version 1.4.6 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{D2DCF339-7EBC-4D88-B515-A504297796EA}) (Version: 3.6.0 - Kovid Goyal)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER CD-DVD Druckerei 7 (HKLM-x32\...\CD-DVD Druckerei 7_is1) (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Druckerdeinstallation für EPSON XP-540 Series (HKLM\...\EPSON XP-540 Series) (Version:  - Seiko Epson Corporation)
Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation)
EG*Headlight 1 e-Workbook (HKLM-x32\...\{94D858E3-1BE9-4D81-94A4-FF1695F61CAB}) (Version: 1.0.7.0 - Cornelsen Verlag)
Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Ihr Firmenname) Hidden
Epic Games Launcher (HKLM-x32\...\{AF7881ED-41D7-4ECA-8C7C-AE10DFA0E489}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{29F4F2C2-CB73-418D-BA99-7BB5ECD9F7BF}) (Version: 4.4.6 - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FRITZ!Powerline (HKLM-x32\...\{EB579783-79C4-461A-9493-B9F19EAA23B2}) (Version: 01.02.00 - AVM GmbH)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpg4000 (HKLM-x32\...\{2814D1CB-7038-4EE4-8421-9C18FD571014}) (Version: 13.0.0.0 - Ihr Firmenname) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kindersicherung 2017 (HKLM-x32\...\Salfeld-Kindersicherung_is1) (Version:  - )
Landwirtschafts Simulator 2011 (HKLM-x32\...\FarmingSimulator2011_PLATINUMDE_is1) (Version: 1.0 - GIANTS Software)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
MAGIX Foto Manager 10 (HKLM-x32\...\{5F2380C8-5443-40E4-8FD5-DE0AEC16B4BC}) (Version: 8.0.1.136 - MAGIX AG) Hidden
MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG)
MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\{340912AA-1A68-4D7F-9604-E3520FF69B98}) (Version: 10.5.0.12 - MAGIX AG) Hidden
MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx_SE) (Version: 10.5.0.12 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\{A6338038-539C-3896-C692-1D33BBB01D46}) (Version: 1.1.0 - myphotobook GmbH) Hidden
MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH)
MAGIX Screenshare (HKLM-x32\...\{129D4434-B9AB-4C09-BCE1-110E6C8E10E9}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 2014 (HKLM\...\{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5041.1001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
Mozilla Thunderbird 60.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 60.0 (x86 de)) (Version: 60.0 - Mozilla)
Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{45FF54A4-ECD4-455D-89A2-D209737AD726}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{125D677D-7C65-4660-8E1C-68EF9F32F291}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PRE11 STI 64Installer (HKLM-x32\...\{B614E5FA-6DA4-45A1-845C-52F870240A89}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\.DEFAULT\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Hidden
SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\InstallShield_{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory)
Sinner Kochbuch-CD (HKLM-x32\...\Sinner Kochbuch-CD) (Version: 1.0 - Computerstudio Lemmer & Ernst GmbH)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sounds für Video- und Foto Shows DELUXE (HKLM-x32\...\Sounds für Video- und Foto Shows DELUXE) (Version:  - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Versandhelfer (HKLM-x32\...\{7189F66A-1560-1573-05C9-DE53613AEA1A}) (Version: 0.9.511 - Deutsche Post AG) Hidden
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionpc.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WISO Mein Geld 365 Professional (HKLM-x32\...\{36C0BA39-2207-4146-BD4E-3146DF7B9147}) (Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden
WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version:  - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{E2049356-A0DB-404A-A8FA-521981BE9736}) (Version: 24.00.1375 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{2827FF45-D53F-4E56-B4A7-AB71F58A3945}) (Version: 25.00.1359 - Buhl Data Service GmbH)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2519664068-3109547711-38441924-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arhelger\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-15] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {27A9B751-54B1-4C34-80FD-671C0D15FDD5} - System32\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {33FBFA83-E6EA-43C5-9C4F-C9BE0F7F4440} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {3975816E-C543-4A8E-97CB-45685403F54C} - System32\Tasks\{6A91FDCB-94AF-4D97-9C80-E46395E39257} => C:\Windows\system32\pcalua.exe -a "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster\12400-annihilator-v09.exe" -d "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster"
Task: {41867780-87F0-41F4-93CE-27EC26702487} - System32\Tasks\AdobeAAMUpdater-1.0-Arhelger-PC-Arhelger => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {69960CA3-BF20-46D1-A185-697EB5E88195} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {C41E458A-066F-4949-988C-ADA1DFB53FC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C4F77D83-E9BE-4623-93C1-1EA03A7BA6B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DAF4BB1B-2E9A-4774-9840-7DD25D2DC585} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {E0A9F752-14E5-4F98-B6D1-AD7F21DDA114} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-16] (Adobe Systems Incorporated)
Task: {E5105AE2-05D1-4016-BFCB-CF159E6BD14C} - System32\Tasks\{B0FE20F0-FF1A-43F8-A424-FE83AB4A359E} => C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe [2016-12-13] (Seiko Epson Corporation)
Task: {F0560587-8336-4E42-BB5D-640F637F5D6D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-08-16] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE:/EXE:{43713E83-749E-4B66-AFC6-AA2EF8550266} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9d7ba33b467ddc1\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\Jannik - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eafae96818e1883\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Sven - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-04-14 06:59 - 2006-02-23 11:35 - 000020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2014-04-14 06:59 - 2006-02-22 10:39 - 000020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-09-15 22:44 - 2011-09-15 22:44 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-10-09 09:30 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-10-07 12:23 - 2011-10-07 12:23 - 000070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2012-02-07 07:22 - 2012-02-07 07:22 - 000058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000029696 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Config\2.7.0.12__f722db7bec59a14b\Tvd.Config.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000112640 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\ApricoIJW.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 006936576 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\axelspringer.dll
2018-08-20 13:20 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-20 13:20 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2012-09-17 06:11 - 2012-09-17 06:11 - 004003408 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\AMocWrapper.dll
2011-09-15 22:44 - 2011-09-15 22:44 - 000103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-09-15 23:00 - 2011-09-15 23:00 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2018-08-21 06:39 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-21 06:39 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2017-04-07 06:42 - 2016-04-13 13:18 - 000178968 _____ () C:\ProgramData\Software\CC\sse.dll
2017-04-07 06:55 - 2017-11-25 14:40 - 000131072 _____ () C:\ProgramData\NFS\nfccapi.dll
2017-04-07 06:55 - 2017-11-25 14:40 - 000376832 _____ () C:\ProgramData\NFS\protflt.dll
2018-08-21 21:04 - 2018-08-21 21:04 - 000864112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\kpcengine.2.3.dll
2017-04-07 06:42 - 2016-10-31 14:08 - 000249456 _____ () C:\ProgramData\Software\CC\v2\wdrvhook.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Public\AppData:CSM [232]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arhelger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2519664068-3109547711-38441924-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{5D361A38-5498-4331-B111-132C538EC5B9}] => (Allow) E:\fsetup.exe
FirewallRules: [{A00308AE-8E41-48B4-A796-05F7A7EC7482}] => (Allow) E:\fsetup.exe
FirewallRules: [{CE46EE81-7714-42C7-8041-69C83EA8436F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{765D66BE-F09F-4923-A789-38D494A6121A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{DFE9DC56-7B3D-4AAC-B46A-52D0B8A9AF61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{63F90E36-F39A-495D-A93A-C5A52DD66F78}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{FC1FA289-2AA2-4D6F-8F1E-0519695C58F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{B5090DE8-9AF7-49CF-9BC6-822239F6B4D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{7D7A3876-BD96-47E2-87A1-B40AEF6D0FB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F97EAD12-3756-4A61-A1F5-E03A9F45DD25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B44A455B-4183-466D-A13C-4E3AB9CB91CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{4B0C2595-2171-435C-BCC2-62C5DF32776D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5E4AE683-1F68-4FA4-A7F3-F5BDE57F653F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{16B70705-EC2B-4A58-8BDC-21B71DBBEF90}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{36FC00FA-A056-40DC-8E6F-2F5157443BA8}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{64842565-BBC4-4E8B-A5E4-A528247576F0}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{9EE153AF-E7BD-41D5-9FD9-1EA4C886D48C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe
FirewallRules: [{16C08C33-DD75-4EAD-86FE-A6AC7F47B91A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe
FirewallRules: [{518C6F44-A86C-4DA1-9C2E-DA80D1E33C86}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe
FirewallRules: [{D27684F6-43EC-416A-AA16-617A3C6FC155}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe
FirewallRules: [{7EA9C506-8B8F-4FA3-899C-7B53B73652D7}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{D4F457AE-F913-44AD-B940-08685D9388AB}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{3A0307A1-6B13-4CF0-BFFE-39FEE3331263}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1032E88E-BCBA-4B4D-BAA4-BE28ED64843D}] => (Allow) LPort=2869
FirewallRules: [{58FBDCE0-332E-4594-8624-478516053E1F}] => (Allow) LPort=1900
FirewallRules: [{417C6553-2C5E-4570-812F-E8969030A2E2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BD892735-C166-45B0-806E-20961954A31B}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe
FirewallRules: [{ACBA402D-1CE4-42C4-8C4B-A2895D305F5F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe
FirewallRules: [{9C39DC11-AF1E-4875-8125-B9531BB85880}] => (Allow) LPort=8743
FirewallRules: [{A956D535-DF15-498C-909B-10A0527A61B0}] => (Allow) LPort=8643
FirewallRules: [{20CBC063-52F8-4F25-90DB-8EF17FE8F5D5}] => (Allow) LPort=7676
FirewallRules: [{29A60709-655D-40F7-8A78-E3375B7F2FA8}] => (Allow) LPort=7679
FirewallRules: [{96144A4C-86AC-473F-8F51-7FE4CF1E1350}] => (Allow) LPort=24234
FirewallRules: [{5CD6ACFA-6713-4F62-B336-36C2AED59855}] => (Allow) LPort=7900
FirewallRules: [{2CCB2DBC-F498-417F-A996-B3ED6D58D53B}] => (Allow) LPort=1900
FirewallRules: [{47FF4180-27FE-4A39-9C9D-71697001C15E}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{F49484E6-540A-42F6-8FC8-7D9C916003ED}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{02474A9C-02D2-4DA8-B3DA-00DA33909D4D}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe
FirewallRules: [{52B440E1-C299-4448-AA20-D31560AD999F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe
FirewallRules: [{18DD90AA-0FAB-48FD-92BE-B6B59BC6F2F6}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{98C608F0-EF9F-43CF-9762-1CC95025E450}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [TCP Query User{ACB93035-9656-42CF-81D6-4CABF9077D0F}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [UDP Query User{0E59C1ED-2482-4C3F-AFA5-8C7BD65B3B47}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [{A870AFC8-A03C-4D46-A553-14FF7207E1AB}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [{B33558FD-473A-49EB-BC63-F6149C275D5E}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [TCP Query User{E52A09B1-7344-4E4B-A3F2-D203296262D1}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [UDP Query User{54F8861F-374D-4D90-8FAE-82061F8A4AE0}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [TCP Query User{DF63CED5-6898-4B8A-B135-FFE85EB22B82}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [UDP Query User{C1981E0B-04CF-498E-8AAA-F4C64BF8689F}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [{45AD1EAE-E04A-464E-AF72-58D0B56B602B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{F0AD9EB0-A809-49C8-BDAB-C14A9211EE2C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{CD173555-A1AF-47D4-9121-89397355486C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{DE6FA034-B2F9-4186-87C7-E4E4AE83839D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{760E7544-CC9D-4960-A00E-CF8C3A481CE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

22-08-2018 13:34:27 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/22/2018 08:39:14 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/22/2018 08:09:24 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/22/2018 07:46:34 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/22/2018 12:45:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 19.8.2018.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 12f8

Startzeit: 01d43a04c3087782

Endzeit: 0

Anwendungspfad: C:\Users\Arhelger\Desktop\FRST64.exe

Berichts-ID: 6e3160ec-a5f8-11e8-8096-e0b9a5d47ad7

Error: (08/22/2018 12:32:57 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/22/2018 06:59:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce85b
ID des fehlerhaften Prozesses: 0xf84
Startzeit der fehlerhaften Anwendung: 0x01d439d4e01a51e7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: 36a1799d-a5c8-11e8-bbae-e0b9a5d47ad7

Error: (08/22/2018 06:54:28 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/22/2018 05:38:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce85b
ID des fehlerhaften Prozesses: 0x1d74
Startzeit der fehlerhaften Anwendung: 0x01d439c9888cf8f4
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: c9203129-a5bc-11e8-96cf-e0b9a5d47ad7


Systemfehler:
=============
Error: (08/22/2018 08:45:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (08/22/2018 08:44:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (08/22/2018 08:44:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (08/22/2018 08:39:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sfdrv01a
sfsync04

Error: (08/22/2018 08:39:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/22/2018 08:39:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht.

Error: (08/22/2018 08:38:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (08/22/2018 08:38:28 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.


CodeIntegrity:
===================================

Date: 2015-02-12 06:03:46.313
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 06:03:46.250
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 05:51:58.542
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 05:51:58.480
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:13:06.691
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:13:06.676
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:11:24.261
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:11:24.246
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Speicherinformationen =========================== 

Prozessor: AMD A8-3820 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 71%
Installierter physikalischer RAM: 3576.13 MB
Verfügbarer physikalischer RAM: 1029.71 MB
Summe virtueller Speicher: 7150.45 MB
Verfügbarer virtueller Speicher: 4321.76 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:410.02 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:48.77 GB) NTFS

\\?\Volume{bc107e45-5195-11e1-bc72-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende von Addition.txt ============================

Sabrin@ · 22.08.2018, 20:07

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22.08.2018
durchgeführt von Arhelger (22-08-2018 20:15:15) Run:1
Gestartet von C:\Users\Arhelger\Desktop
Geladene Profile: Arhelger (Verfügbare Profile: Arhelger)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ACHTUNG
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
IFEO: [Debugger] logonui.exe
IFEO\sethc.exe: [Debugger] logonui.exe
GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG
U3 DfSdkS; kein ImagePath
Task: {FBC496D9-5A9C-47A8-9AED-7ACA124821F1} - \{6220CDF8-30A8-45DE-8BC4-E3953F081C4A} -> Keine Datei <==== ACHTUNG
Task: {D2D7279E-97E4-49D7-975A-0FF6CF076EDA} - System32\Tasks\{14435DC4-9037-46B0-AC76-63495A072DB3} => C:\Windows\system32\pcalua.exe -a "E:\Flatout Ultimate Carnage\1Setup.exe" -d "E:\Flatout Ultimate Carnage"
Task: {2965DD3B-3092-4083-8961-B712E545D4DC} - System32\Tasks\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA} => E:\AutoStarter.exe
Task: {3A29FA87-8FFA-4A97-9EAF-D6FF83004861} - System32\Tasks\{84062063-C92A-47A5-8F03-AB3936029012} => E:\AutoStarter.exe
Task: {93FF0622-A5E9-42A7-8DC9-EF2D8705766F} - System32\Tasks\{ECEE297A-548D-44AC-83E1-39E190F9CE3D} => C:\Windows\system32\pcalua.exe -a C:\Users\Arhelger\Downloads\KiesSetup.exe -d C:\Users\Arhelger\Downloads
Folder: C:\Users\Arhelger\AppData\Local\LumaEmu
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
CMD: ipconfig /flushdns
CMD: netsh winsock reset
RemoveProxy:
EmptyTemp:

*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => erfolgreich entfernt
"HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" => erfolgreich entfernt
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir" => erfolgreich entfernt
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\\Debugger" => erfolgreich entfernt
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sethc.exe" => erfolgreich entfernt
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User => erfolgreich verschoben
"HKLM\System\CurrentControlSet\Services\DfSdkS" => erfolgreich entfernt
DfSdkS => Dienst erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBC496D9-5A9C-47A8-9AED-7ACA124821F1}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBC496D9-5A9C-47A8-9AED-7ACA124821F1}" => erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6220CDF8-30A8-45DE-8BC4-E3953F081C4A} => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2D7279E-97E4-49D7-975A-0FF6CF076EDA}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2D7279E-97E4-49D7-975A-0FF6CF076EDA}" => erfolgreich entfernt
C:\Windows\System32\Tasks\{14435DC4-9037-46B0-AC76-63495A072DB3} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{14435DC4-9037-46B0-AC76-63495A072DB3}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2965DD3B-3092-4083-8961-B712E545D4DC}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2965DD3B-3092-4083-8961-B712E545D4DC}" => erfolgreich entfernt
C:\Windows\System32\Tasks\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{28394E35-6DD1-4A32-B2A5-69D35F29B8FA}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A29FA87-8FFA-4A97-9EAF-D6FF83004861}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A29FA87-8FFA-4A97-9EAF-D6FF83004861}" => erfolgreich entfernt
C:\Windows\System32\Tasks\{84062063-C92A-47A5-8F03-AB3936029012} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{84062063-C92A-47A5-8F03-AB3936029012}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93FF0622-A5E9-42A7-8DC9-EF2D8705766F}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93FF0622-A5E9-42A7-8DC9-EF2D8705766F}" => erfolgreich entfernt
C:\Windows\System32\Tasks\{ECEE297A-548D-44AC-83E1-39E190F9CE3D} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ECEE297A-548D-44AC-83E1-39E190F9CE3D}" => erfolgreich entfernt

========================= Folder: C:\Users\Arhelger\AppData\Local\LumaEmu ========================

C:\Users\Arhelger\AppData\Local\LumaEmu => Datei

====== Ende von Folder: ======


========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\Program Files

20.08.2018  13:20    <DIR>          .
20.08.2018  13:20    <DIR>          ..
05.04.2013  15:32    <DIR>          Adobe
28.10.2011  01:09    <DIR>          ATI
28.10.2011  01:10    <DIR>          ATI Technologies
08.07.2017  10:15    <DIR>          BeamNG.drive
25.07.2017  14:44    <DIR>          Common Files
11.02.2013  13:54    <DIR>          DIFX
15.03.2017  15:30    <DIR>          DVD Maker
07.02.2012  07:22    <DIR>          Google
15.11.2017  07:15    <DIR>          Internet Explorer
07.06.2018  05:27    <DIR>          Java
29.10.2016  17:57    <DIR>          Logitech
20.08.2018  13:20    <DIR>          Malwarebytes
12.04.2011  10:28    <DIR>          Microsoft Games
07.02.2012  09:13    <DIR>          Microsoft Office
28.06.2018  05:48    <DIR>          Microsoft Office 15
14.06.2017  04:32    <DIR>          Microsoft Silverlight
14.07.2009  07:32    <DIR>          MSBuild
07.02.2012  07:24    <DIR>          PlayReady
28.10.2011  01:20    <DIR>          Realtek
01.02.2017  10:48    <DIR>          Recuva
14.07.2009  07:32    <DIR>          Reference Assemblies
02.02.2017  07:18    <DIR>          SAMSUNG
03.07.2017  05:49    <DIR>          VideoLAN
26.07.2013  22:44    <DIR>          Windows Defender
28.04.2014  13:15    <DIR>          Windows Live
12.02.2012  20:30    <DIR>          Windows Mail
15.11.2017  07:15    <DIR>          Windows Media Player
14.07.2009  07:32    <DIR>          Windows NT
12.02.2012  20:30    <DIR>          Windows Photo Viewer
21.11.2010  05:31    <DIR>          Windows Portable Devices
12.02.2012  20:30    <DIR>          Windows Sidebar
25.04.2016  06:18    <DIR>          WinPcap
               0 Datei(en),              0 Bytes
              34 Verzeichnis(se), 434.953.101.312 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\Program Files (x86)

21.08.2018  06:39    <DIR>          .
21.08.2018  06:39    <DIR>          ..
26.06.2015  05:22    <DIR>          Adobe
26.03.2014  15:28    <DIR>          af0.net
01.02.2017  08:43    <DIR>          Aiseesoft Studio
28.10.2011  01:11    <DIR>          AMD APP
30.12.2016  06:40    <DIR>          Anvsoft
22.03.2017  06:15    <DIR>          Areca
28.10.2011  01:09    <DIR>          ATI Technologies
15.09.2016  06:22    <DIR>          AviSynth
02.01.2013  08:01    <DIR>          Brother
16.09.2015  07:03    <DIR>          Buhl
18.08.2017  06:15    <DIR>          Calibre2
10.11.2017  11:06    <DIR>          Canon
23.04.2015  06:21         4.218.880 ccsetup504_slim.exe
07.06.2018  05:31    <DIR>          Common Files
07.02.2012  07:22    <DIR>          Corel
29.11.2017  14:46    <DIR>          Cornelsen
22.03.2017  06:15    <DIR>          CyberLink
23.08.2013  18:51    <DIR>          DATA BECKER
19.05.2018  12:15    <DIR>          EasyAntiCheat
14.07.2018  09:06    <DIR>          Epic Games
06.04.2018  07:22    <DIR>          epson
06.04.2018  06:45    <DIR>          EPSON Software
25.09.2015  06:56    <DIR>          Exact Audio Copy
03.03.2014  08:30    <DIR>          Foxit Software
10.06.2015  05:02    <DIR>          Freemake
14.04.2014  06:59    <DIR>          FRITZ!
14.02.2012  14:00    <DIR>          FRITZ!Box
14.02.2012  14:00    <DIR>          FRITZ!BoxPrint
25.07.2017  05:57    <DIR>          FRITZ!Powerline
21.08.2018  06:38    <DIR>          Google
28.02.2014  08:02    <DIR>          gs
29.09.2015  13:27    <DIR>          HERMA
22.10.2015  05:14    <DIR>          HP
15.11.2017  07:15    <DIR>          Internet Explorer
01.03.2018  15:05    <DIR>          ISL
21.08.2015  05:01    <DIR>          Kaspersky Internet Security 2012
21.08.2018  21:04    <DIR>          Kaspersky Lab
30.08.2014  09:07    <DIR>          Kingsoft
27.12.2013  18:30    <DIR>          Landwirtschafts Simulator 2011
15.01.2014  16:16    <DIR>          MAGIX
24.02.2012  15:46    <DIR>          MAGIX-Online-Druck-Service
07.02.2012  07:26    <DIR>          MARKEMENT
07.02.2012  07:26    <DIR>          Mediathek
29.08.2013  18:09    <DIR>          Medion MediaPack 2
07.02.2012  07:26    <DIR>          Memeo
13.05.2015  04:07    <DIR>          Microsoft Application Virtualization Client
09.10.2014  09:40    <DIR>          Microsoft Office
14.06.2017  04:32    <DIR>          Microsoft Silverlight
28.11.2013  08:54    <DIR>          Microsoft SkyDrive
18.07.2011  22:55    <DIR>          Microsoft SQL Server Compact Edition
17.09.2014  06:13    <DIR>          Microsoft WSE
16.05.2014  06:19    <DIR>          Microsoft.NET
19.09.2016  10:49    <DIR>          Mozilla Firefox
18.08.2018  21:52    <DIR>          Mozilla Maintenance Service
18.08.2018  16:29    <DIR>          Mozilla Thunderbird
14.09.2017  06:05    <DIR>          Mp3tag
14.07.2009  07:32    <DIR>          MSBuild
10.05.2012  06:11    <DIR>          MSECache
15.01.2014  16:15    <DIR>          MSXML 4.0
07.02.2012  07:26    <DIR>          myMugle
09.06.2015  06:01    <DIR>          Opera
08.07.2016  06:27    <DIR>          PDF24
10.09.2012  13:13    <DIR>          ProtectDisc Driver Installer
28.10.2011  01:20    <DIR>          Realtek
14.07.2009  07:32    <DIR>          Reference Assemblies
07.11.2016  08:25    <DIR>          SaalDesignSoftware
18.10.2017  17:22    <DIR>          Salfeld
20.06.2017  12:52    <DIR>          Samsung
04.09.2014  15:43    <DIR>          Sinner_Kochbuch_CD
25.11.2015  06:44    <DIR>          StickRoot
09.10.2015  04:06    <DIR>          Ulead PhotoImpact 11
14.09.2016  06:17    <DIR>          Universal Media Server
03.06.2015  05:27    <DIR>          VideoLAN
07.02.2012  07:22    <DIR>          watchmi
16.01.2017  10:56    <DIR>          Will Software
26.07.2013  22:44    <DIR>          Windows Defender
28.04.2014  13:16    <DIR>          Windows Live
12.02.2012  20:30    <DIR>          Windows Mail
15.11.2017  07:15    <DIR>          Windows Media Player
14.07.2009  07:32    <DIR>          Windows NT
12.02.2012  20:30    <DIR>          Windows Photo Viewer
21.11.2010  05:31    <DIR>          Windows Portable Devices
12.02.2012  20:30    <DIR>          Windows Sidebar
14.05.2018  05:56    <DIR>          WISO
               1 Datei(en),      4.218.880 Bytes
              85 Verzeichnis(se), 434.953.023.488 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\ProgramData

26.06.2015  05:22    <DIR>          Adobe
28.10.2011  01:10    <DIR>          AMD
18.04.2018  13:17    <DIR>          AomeiBR
24.02.2016  13:59    <DIR>          Apowersoft
08.03.2017  10:03    <DIR>          Ashampoo
28.10.2011  01:15    <DIR>          ATI
23.07.2015  13:31    <DIR>          AVAST Software
01.08.2018  20:07    <DIR>          Buhl Data Service GmbH
25.07.2017  08:18    <DIR>          CanonIJWSpt
13.09.2012  06:02    <DIR>          CD-DVD Druckerei 7
07.02.2012  07:24    <DIR>          Corel
02.11.2011  11:52    <DIR>          CyberLink
13.09.2012  06:02    <DIR>          DATA BECKER Downloads
19.05.2018  11:40    <DIR>          Epic
10.11.2017  07:25    <DIR>          Epson
10.06.2015  05:02    <DIR>          Freemake
28.02.2014  08:20    <DIR>          FreePDF
07.02.2012  07:22    <DIR>          Google
20.06.2012  08:16    <DIR>          HP
20.06.2012  08:12    <DIR>          HP Product Assistant
14.04.2014  06:56    <DIR>          ISDNWatch
22.08.2018  19:53    <DIR>          Kaspersky Lab
21.08.2018  21:01    <DIR>          Kaspersky Lab Setup Files
07.02.2012  07:28    <DIR>          Kaspersky Rescue Disk 10
30.08.2014  09:08    <DIR>          Kingsoft
29.10.2016  18:00    <DIR>          Logishrd
15.01.2014  16:16    <DIR>          MAGIX
20.08.2018  13:20    <DIR>          Malwarebytes
21.05.2018  15:14    <DIR>          McAfee
27.05.2015  14:43    <DIR>          Microsoft Help
28.11.2013  08:54    <DIR>          Microsoft OneDrive
29.01.2018  07:23               588 Microsoft.SqlServer.Compact.400.32.bc
25.03.2014  08:45    <DIR>          Mozilla
25.11.2017  14:40    <DIR>          NFS
31.03.2014  12:27           262.144 ntuser.dat
09.05.2017  06:30    <DIR>          Oracle
13.05.2018  10:22    <DIR>          Package Cache
18.02.2012  09:14    <DIR>          Protexis
04.07.2013  07:59    <DIR>          regid.1986-12.com.adobe
28.06.2018  05:49    <DIR>          regid.1991-06.com.microsoft
20.06.2017  12:53    <DIR>          Samsung
02.03.2017  18:21    <DIR>          Skype
07.04.2017  06:42    <DIR>          Software
25.07.2017  14:58    <DIR>          Sony Corporation
18.07.2011  23:13    <DIR>          Sun
02.11.2011  11:57    <DIR>          Temp
09.06.2015  05:49    <DIR>          TuneUp Software
07.02.2012  07:22    <DIR>          TvdPersonal
25.07.2017  14:59    <DIR>          UDL
14.09.2016  05:18    <DIR>          UMS
09.02.2012  10:11    <DIR>          VirtualizedApplications
20.06.2012  08:14    <DIR>          WEBREG
               2 Datei(en),        262.732 Bytes
              50 Verzeichnis(se), 434.952.978.432 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\Users\Arhelger\AppData\Roaming

19.05.2018  12:15    <DIR>          .
19.05.2018  12:15    <DIR>          ..
25.09.2015  06:56    <DIR>          AccurateRip
12.12.2017  06:50    <DIR>          Adobe
06.04.2015  10:47               132 Adobe CS5-Voreinstellungen fr BMP-Format
31.12.2017  17:23    <DIR>          Ahnenblatt
16.09.2016  05:27    <DIR>          Anvsoft
02.02.2017  06:57    <DIR>          Apowersoft
07.02.2012  07:29    <DIR>          ATI
27.09.2015  20:00    <DIR>          Avery
29.01.2018  06:53    <DIR>          Buhl
08.02.2012  07:22    <DIR>          Buhl Data Service
08.12.2015  13:31    <DIR>          Buhl Data Service GmbH
18.08.2017  06:20    <DIR>          calibre
10.11.2017  07:15    <DIR>          Canon
07.01.2013  16:01    <DIR>          com.adobe.downloadassistant.AdobeDownloadAssistant
18.02.2012  09:15    <DIR>          Corel
29.11.2017  14:45    <DIR>          Cornelsen
16.03.2013  18:42    <DIR>          DataDesign
11.04.2018  06:29    <DIR>          DevExpress
07.05.2015  09:23    <DIR>          Dropbox
13.09.2016  11:36    <DIR>          dvdcss
28.08.2013  14:24    <DIR>          DVDVideoSoft
25.09.2015  06:56    <DIR>          EAC
19.05.2018  12:15    <DIR>          EasyAntiCheat
10.11.2017  07:25    <DIR>          EPSON
22.08.2014  20:32    <DIR>          Flo & Seb Engineering
03.03.2014  08:31    <DIR>          Foxit Software
14.04.2014  07:00    <DIR>          FRITZ!
14.04.2014  06:56    <DIR>          FRITZ!fax fr FRITZ!Box
15.02.2013  13:27    <DIR>          GARMIN
16.05.2017  22:27    <DIR>          Google
20.06.2012  08:15    <DIR>          HP
22.10.2015  09:55    <DIR>          HpUpdate
07.02.2012  07:28    <DIR>          Identities
30.08.2014  09:07    <DIR>          Kingsoft
29.10.2016  18:03    <DIR>          Logishrd
29.10.2016  18:00    <DIR>          Logitech
14.10.2011  13:27    <DIR>          Macromedia
15.01.2014  16:25    <DIR>          MAGIX
12.04.2011  10:28    <DIR>          Media Center Programs
18.08.2018  16:29    <DIR>          Mozilla
14.09.2017  06:08    <DIR>          Mp3tag
01.04.2014  06:06    <DIR>          Mugle
22.09.2015  15:36    <DIR>          Nero
16.07.2015  08:08    <DIR>          One Click Root
10.12.2013  08:19    <DIR>          OpenOffice
09.06.2015  06:01    <DIR>          Opera Software
16.05.2014  06:18    <DIR>          ProtectDisc
20.06.2013  15:39    <DIR>          Rovio
14.05.2018  05:40    <DIR>          Rovio Entertainment Ltd
06.10.2015  07:21    <DIR>          SaalDesignSoftware
07.04.2017  05:44    <DIR>          Salfeld
27.09.2016  05:50    <DIR>          Samsung
02.03.2017  18:21    <DIR>          Skype
08.10.2014  15:22    <DIR>          SoftGrid Client
13.09.2016  08:00    <DIR>          Sun
18.08.2018  16:29    <DIR>          Thunderbird
07.02.2012  09:14    <DIR>          TP
09.06.2015  05:50    <DIR>          TuneUp Software
15.12.2017  06:55    <DIR>          vlc
11.06.2018  05:19    <DIR>          WhatsApp
16.02.2012  20:03    <DIR>          Windows Live Writer
14.03.2016  06:54    <DIR>          YDP
13.04.2015  17:17    <DIR>          {466A0DFA-C85C-4714-8AFE-2F0A00C73020}
               1 Datei(en),            132 Bytes
              64 Verzeichnis(se), 434.952.916.992 Bytes frei

========= Ende von CMD: =========

Sabrin@ · 22.08.2018, 20:09

Code:

ATTFilter

========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\Users\Arhelger\AppData\Local

22.08.2018  12:39    <DIR>          .
22.08.2018  12:39    <DIR>          ..
25.06.2018  05:04    <DIR>          Adobe
15.01.2015  08:53             1.456 Adobe Fr Web speichern 12.0 Prefs
01.02.2017  08:44    <DIR>          Aiseesoft Studio
07.02.2012  07:29    <DIR>          AMD
02.02.2017  06:57    <DIR>          Apowersoft
13.02.2012  14:47    <DIR>          Apps
07.02.2012  07:29    <DIR>          ATI
05.10.2017  07:42    <DIR>          Buhl
08.02.2012  07:22    <DIR>          Buhl Data Service
16.09.2015  07:08    <DIR>          Buhl Data Service GmbH
18.08.2017  06:19    <DIR>          calibre-cache
15.07.2015  19:54    <DIR>          CEF
20.04.2015  14:40    <DIR>          CrashRpt
27.06.2017  18:18    <DIR>          DataDesign
16.07.2016  15:12             9.728 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
15.09.2016  06:21    <DIR>          Deployment
16.08.2018  05:22    <DIR>          Diagnostics
20.06.2017  12:49    <DIR>          Downloaded Installations
13.08.2017  10:57    <DIR>          ElevatedDiagnostics
19.05.2018  11:39    <DIR>          EpicGamesLauncher
11.09.2013  12:13    <DIR>          Evernote
12.11.2014  08:57    <DIR>          FlatOut Ultimate Carnage
13.09.2016  08:19    <DIR>          fontconfig
19.05.2018  12:16    <DIR>          FortniteGame
04.07.2013  06:50    <DIR>          FreemakeVideoConverter
14.04.2014  07:00    <DIR>          FRITZ!
11.02.2013  16:16    <DIR>          GARMIN_Corp
30.08.2017  06:35           162.752 GDIPFONTCACHEV1.DAT
21.08.2018  06:39    <DIR>          Google
10.06.2015  10:55    <DIR>          GWX
20.06.2012  08:15    <DIR>          HP
01.03.2018  15:21    <DIR>          ISL
30.08.2014  09:12    <DIR>          Kingsoft
22.08.2014  08:08    <DIR>          Macromedia
12.09.2016  15:40    <DIR>          Mad.Max.Fury.Road.2015
24.02.2012  15:56    <DIR>          MAGIX
06.10.2016  11:07    <DIR>          Microsoft
28.11.2013  09:19    <DIR>          Microsoft Games
13.02.2012  07:00    <DIR>          Microsoft Help
25.03.2014  08:45    <DIR>          Mozilla
19.05.2018  12:19    <DIR>          NVIDIA Corporation
09.06.2015  06:01    <DIR>          Opera Software
17.09.2014  06:12    <DIR>          PackageAware
28.02.2014  07:56    <DIR>          PDF24
14.09.2016  05:53    <DIR>          Plex Media Server
07.02.2012  07:29    <DIR>          Power2Go
29.08.2013  17:51    <DIR>          Program Files
04.07.2013  06:48    <DIR>          Programs
18.10.2013  03:23             7.605 Resmon.ResmonCfg
11.03.2018  11:24    <DIR>          Roblox
20.06.2017  12:57    <DIR>          Samsung
02.03.2017  13:35    <DIR>          Skype
07.02.2012  09:14    <DIR>          SoftGrid Client
15.05.2018  05:40    <DIR>          SquirrelTemp
22.08.2018  20:14    <DIR>          Temp
14.09.2014  19:09    <DIR>          Tempcf9273a2e904d339f0ed2becfb17781c
14.09.2014  19:09    <DIR>          Tempd25b0f1338bfaf6c24348888ed762d79
22.08.2014  06:32    <DIR>          Thunderbird
09.06.2015  05:50    <DIR>          TuneUp Software
19.05.2018  12:16    <DIR>          UnrealEngine
19.05.2018  11:39    <DIR>          UnrealEngineLauncher
16.05.2014  06:56    <DIR>          VirtualStore
07.02.2012  09:12            17.408 WebpageIcons.db
11.06.2018  05:19    <DIR>          WhatsApp
19.09.2017  06:50    <DIR>          Windows Live
16.05.2014  10:06    <DIR>          Windows Live Writer
10.11.2017  11:20    <DIR>          WISO Mein Geld 365 Professional
24.02.2012  15:56    <DIR>          Xara
15.07.2015  09:22    <DIR>          Xmarks
09.05.2012  19:22    <DIR>          {002C1CFA-5AAE-4913-BA60-6A8B1ECD364E}
09.02.2013  19:47    <DIR>          {00E74972-6619-47F8-8E27-E5286E812A4F}
09.04.2012  16:31    <DIR>          {00F5DB17-1F4D-413E-90BE-25669B118A1F}
08.03.2012  19:38    <DIR>          {0137D1E7-C012-4D90-8CD0-5D150B52CBD4}
12.10.2012  09:21    <DIR>          {0150FB70-E454-4C31-A030-AA96DCD6C9C6}
16.05.2012  06:12    <DIR>          {017B170C-2C45-4779-8D4E-4440CF0E4F60}
17.04.2012  09:28    <DIR>          {018D4E23-E2EB-416A-A2BE-9435C2463868}
07.08.2012  05:07    <DIR>          {019B08CA-7581-4921-9997-D8AED6E04ACF}
21.03.2012  04:39    <DIR>          {01A16155-9B5B-476A-A60D-F4D0751820E8}
29.04.2012  08:39    <DIR>          {01D04EB0-209E-419A-9546-9C7A5DD8E8A6}
25.06.2012  19:38    <DIR>          {01D7B0A0-B4D9-4C3E-87D2-F07DBD7B6428}
14.02.2012  06:06    <DIR>          {01FB58C1-C573-47F0-9A09-938E66442CB3}
11.02.2012  18:58    <DIR>          {022D2109-EEF2-4A0F-B503-72F5F71239A1}
04.04.2012  12:22    <DIR>          {02E9B60A-A4AF-4433-8C72-EB4F541B2E43}
06.08.2012  16:13    <DIR>          {0308EAF2-F216-4EBA-A69C-D0FFA9166D2B}
27.04.2013  08:55    <DIR>          {0310851E-4132-439A-82AB-1AA92CBB0D97}
06.04.2013  14:52    <DIR>          {032F1954-BDA6-4A2C-B7EB-05ABBB7B51DB}
01.07.2012  20:00    <DIR>          {0351D341-9F90-4551-9851-97AF7D2C7E7B}
02.03.2013  09:22    <DIR>          {03FACB12-4E40-4818-B12F-F4D8AC0EF9FA}
18.04.2013  04:33    <DIR>          {042CBB49-F485-47BB-9593-51A9D250DDA4}
04.01.2013  21:24    <DIR>          {047F1154-F2FA-431F-9011-3CF3982723CA}
08.02.2012  07:35    <DIR>          {04AAD096-2F97-41F5-B0E6-BB01036C5441}
29.03.2013  18:06    <DIR>          {05339E32-2D6E-4138-B46E-F170EDEBBC5F}
02.09.2013  06:10    <DIR>          {0540A991-7428-4656-A5D9-B1A35033B1F2}
04.10.2013  11:07    <DIR>          {055F6BB1-C800-4160-903B-5DB0F9442CCF}
25.02.2012  20:15    <DIR>          {0584050D-C7BD-4127-A2E1-76681B1FAD37}
07.02.2012  08:09    <DIR>          {0584C497-8397-4D18-AF28-6895B70D8E56}
14.07.2012  06:48    <DIR>          {05926D29-3B4F-42B6-9CCD-C7F46EAFC0E1}
24.02.2012  15:51    <DIR>          {067E3751-E97E-47C2-870C-16828A03A5CC}
24.05.2012  16:51    <DIR>          {06CCB32F-7E8C-42EA-A8A5-4C9D5DC54893}
25.04.2012  13:51    <DIR>          {06DA70AE-E267-46F3-8265-04E00A7BF55D}
05.08.2012  18:01    <DIR>          {06E30DCF-42F4-45C3-9DC4-BDB558B77585}
24.11.2013  17:56    <DIR>          {07F66236-3C60-436F-8CB6-CF88FBC0B864}
27.10.2012  08:48    <DIR>          {07F746AC-DEF4-40EA-BCD7-2C74D042C5B8}
31.03.2013  06:17    <DIR>          {0830D1F1-55BA-4A31-BDF0-BEB40F7A9E34}
04.08.2012  06:34    <DIR>          {086FD60E-1B2C-4CBE-B798-5937021ED279}
18.11.2012  17:14    <DIR>          {08AD3419-5AE3-4276-8C84-DD016B5E66A3}
05.03.2013  05:11    <DIR>          {0927C18B-F9DF-42D2-93B8-CF77A8D6353E}
22.03.2013  20:14    <DIR>          {09363320-BE52-4ED1-B971-7CA92E819733}
07.05.2012  19:03    <DIR>          {0989EA81-EAC7-4A5C-8F8D-B3AB9712087F}
14.07.2012  18:49    <DIR>          {09C9ED86-8CC4-4BAF-8CD4-748230E97F2E}
08.05.2013  19:30    <DIR>          {09DF4D89-B9A0-42EE-B196-3DBA94C20CB6}
02.09.2013  18:16    <DIR>          {09FD5856-50D4-4714-8684-FF102F429C98}
25.04.2013  08:06    <DIR>          {0A0C5293-B2E6-4738-AB4C-ABBDD6C63140}
29.04.2013  06:31    <DIR>          {0A632511-5DFB-46D7-AE7B-34A601FE8065}
21.06.2012  05:06    <DIR>          {0A79257F-03D1-4BF2-922A-DCCEB1536F2D}
11.02.2013  07:37    <DIR>          {0AC527A9-3F50-41BA-8576-CC6C53E03DBA}
27.08.2012  05:06    <DIR>          {0B260ECB-D75D-49C0-AFC9-858A288E089F}
23.08.2013  17:35    <DIR>          {0BD6155A-6484-4CCD-96B2-C961E06174FB}
17.11.2013  18:20    <DIR>          {0C9CD967-12C5-4AD6-A9A0-8920EC2A9FA2}
15.08.2012  05:06    <DIR>          {0CA9C986-FB21-400C-BEBE-8CEFFFA408DD}
18.04.2012  12:39    <DIR>          {0CC0EF6A-9222-4911-8E4C-D45F3C7F6F8E}
05.06.2013  11:27    <DIR>          {0D1C6E02-8005-4A2B-9103-023EB405B104}
14.04.2013  07:14    <DIR>          {0D3DE20E-9026-4A62-9301-25F3B2DAE8DB}
15.05.2013  13:49    <DIR>          {0D5D38A2-DCB7-45A1-B325-A124C041B91B}
28.06.2012  20:45    <DIR>          {0D67234A-E52C-4D37-8B7E-FF7F4B65A788}
25.03.2013  21:04    <DIR>          {0D6E50DB-EDCB-4AE4-A4E0-766A1207A6FA}
16.08.2012  05:14    <DIR>          {0D710532-0F52-4CDA-AFF7-EDAE5B6B1EB9}
11.09.2013  20:17    <DIR>          {0D9484F3-01A2-4DFF-9844-DBF9DD50AF54}
05.10.2012  18:46    <DIR>          {0DE74300-2928-4FB3-8EBB-992252967D69}
24.08.2013  19:09    <DIR>          {0DED5360-109B-4CF3-A851-F53332A4F01A}
20.11.2013  21:16    <DIR>          {0E2CB0DD-1034-4D8E-84EB-8578592798F7}
20.11.2012  07:45    <DIR>          {0E731AEF-5435-4E1C-86B8-1349FCC26583}
21.06.2012  19:18    <DIR>          {0E8D5274-B5E5-4C85-A408-FCBA27BA228A}
25.10.2013  09:11    <DIR>          {0EBF782B-AF56-4F1C-B72E-8F5389AD1FD1}
22.06.2013  05:46    <DIR>          {0EE61872-2655-43A2-AB9D-9CD661439C2C}
16.09.2012  23:29    <DIR>          {0EEDCDC1-CA28-4F69-99B8-4EBE6BC224FE}
18.09.2012  22:14    <DIR>          {0F37BB84-F3A8-4E1F-A64A-30837261379E}
02.10.2013  05:35    <DIR>          {0F435A1C-A7AA-408C-BB35-1685F8BE7733}
15.02.2012  06:20    <DIR>          {0F5702DE-FB41-4CF7-8C55-EBC8B6048752}
16.06.2012  05:45    <DIR>          {0FB42BD4-556B-462B-8924-D316E5DD38F0}
19.09.2013  09:12    <DIR>          {102D64D1-E729-4B25-9E7A-47C07C902199}
26.02.2012  20:44    <DIR>          {1048E5DD-FF13-4F4C-BDC5-98D3D20881A5}
04.09.2013  12:13    <DIR>          {10B009D9-8DC3-4109-921D-8448F3A7C790}
01.03.2013  08:21    <DIR>          {1113C86B-1BA3-4520-833A-B48B295223C1}
12.07.2012  19:19    <DIR>          {113AA0F3-BDD6-4AE6-AF8B-049D35BF4CC3}
23.02.2012  21:05    <DIR>          {113F4C60-2582-4B13-B866-48AE87405975}
11.12.2012  17:45    <DIR>          {114C5EC0-716F-4C9C-A6FC-2175F67FB098}
14.08.2013  18:26    <DIR>          {116921E4-33F8-4D29-90F7-69DB8983553F}
12.07.2012  04:37    <DIR>          {11B65749-4640-479E-A698-B839A14CC204}
30.05.2012  04:36    <DIR>          {11BC5826-B2ED-4F10-A3AF-C738648D8E17}
17.12.2012  20:02    <DIR>          {11C8D0C9-472F-45D2-830D-23DD5D8C8638}
09.03.2012  07:39    <DIR>          {11E69806-7BBE-4B99-B77F-69B6558F2E2C}
16.04.2012  18:38    <DIR>          {12B06723-7CF6-48E8-9322-C4B541FD28D2}
04.01.2013  07:30    <DIR>          {12FBE21F-FEE5-46EE-A025-EE62DA89C651}
19.05.2013  11:04    <DIR>          {13646911-132F-49F9-A60D-FD8C81604211}
26.01.2013  09:42    <DIR>          {1377A20B-8CF8-4D88-B768-6268A25F79C6}
14.01.2013  11:52    <DIR>          {13A6FB2A-8F51-410C-8613-11A479D1D014}
28.10.2013  13:28    <DIR>          {13A77F86-4A1E-48B9-9F8B-73700EC814BD}
25.05.2013  08:33    <DIR>          {13EADC84-E4D5-4B64-A443-07BB7F82B4C5}
08.06.2012  06:11    <DIR>          {143136E5-958A-4F65-A268-B7D825406ACD}
06.08.2013  15:58    <DIR>          {14A67526-BEA2-472E-9B3D-8382485FB28C}
08.07.2012  06:00    <DIR>          {14C9617D-33F8-4B44-B474-E1FA2723E131}
18.11.2013  19:17    <DIR>          {14D3F9C4-4F21-4820-806E-96544C6D0E13}
14.06.2013  06:01    <DIR>          {14ED0A09-C94D-4B8A-902A-BFC029AA6AF5}
21.03.2013  19:59    <DIR>          {150B08B8-1E31-4DD8-A44A-8C317A79846E}
25.10.2012  00:28    <DIR>          {15322F69-37FE-4E3D-9D79-4E1C5AF6A937}
22.10.2012  10:19    <DIR>          {1539D73F-411A-4409-B35A-E32E140AD041}
27.06.2012  19:21    <DIR>          {1565D206-37FA-4D15-8A69-E0A96EC4A344}
05.04.2013  05:50    <DIR>          {156E7634-F17C-4268-8CF2-B6BD8BDE4B6C}
22.06.2012  12:32    <DIR>          {16401F97-B7B2-432B-8A77-CA0EA8E88B7A}
29.09.2012  07:18    <DIR>          {16609260-2F5F-4BFE-A4BE-5B4A7FA8C70E}
24.10.2012  06:54    <DIR>          {16A44FF1-AB01-4505-B5B9-6FD6A0C6C03E}
21.08.2013  06:51    <DIR>          {16E9F86C-EDD0-438C-8294-FF882A3A3B79}
22.02.2012  07:43    <DIR>          {171365C8-095E-4AD5-BE46-4CA3CE221EF3}
29.04.2012  14:04    <DIR>          {172C95A2-B8AA-49E8-8DD0-6254D7A8F558}
15.09.2012  14:28    <DIR>          {178B097F-E046-451A-AE4A-798AC9AE055D}
09.04.2013  19:26    <DIR>          {179B962F-DE7E-4AE6-B0DC-53FE0A7A92C1}
22.02.2013  05:13    <DIR>          {17BC3271-8761-4F16-BB94-14AA1CDA9A9F}
28.02.2012  08:07    <DIR>          {17BD69AA-3CFA-49F6-BE39-B661A4EFC2FA}
12.02.2012  09:40    <DIR>          {17D05F6A-11AE-4F49-BC7F-6E46AA05FD71}
02.11.2013  08:47    <DIR>          {17EA412B-180F-4827-8F19-87E3EF4728D6}
27.01.2013  08:19    <DIR>          {184D63D5-2E5D-4E00-94DA-A28F1C9259EA}
23.04.2012  05:05    <DIR>          {1886756E-7AB5-458F-BFE1-28A2D0A58040}
16.09.2013  13:27    <DIR>          {18B17EFF-7982-42B8-B59F-61C5C4174ABA}
05.08.2012  18:01    <DIR>          {18F91A27-985F-4415-9C71-62FA67DC9387}
03.08.2012  11:07    <DIR>          {191A15B5-03CA-44AD-A579-8AAE3D8572FD}
12.08.2012  06:28    <DIR>          {195224B5-C17B-4F53-AAC4-34AC62919753}
29.06.2012  16:10    <DIR>          {19922128-6816-4E92-B1D5-D4DA2519095F}
14.04.2012  07:36    <DIR>          {19A26900-EF85-4B41-8615-EA9CDFA284D6}
07.11.2012  08:34    <DIR>          {19BA166E-1983-405F-A410-DDC477F026AD}
17.10.2012  06:12    <DIR>          {19C3CB81-CA97-4499-8E15-F43C47256F08}
13.10.2013  06:16    <DIR>          {1A5D5486-ED41-4984-8BA6-8D4D787DA326}
24.10.2013  20:15    <DIR>          {1AD10CC4-8CD7-444F-A03A-3A0E6D73910E}
04.05.2012  22:30    <DIR>          {1ADC5F1C-18A0-45C7-886E-D139A24F1E78}
03.03.2013  08:53    <DIR>          {1B78507D-AD70-475C-B0B6-8212D4ADC680}
18.10.2012  13:35    <DIR>          {1B9190F1-6E53-48D8-8FEE-CF5F52AD82B7}
12.12.2012  06:26    <DIR>          {1BB1EF0D-D9E6-4879-9C46-BDE93DB19CA7}
13.11.2012  14:26    <DIR>          {1BE6A171-E85B-4510-A46B-18C8D54881D7}
15.04.2012  08:57    <DIR>          {1BF0C04A-41D6-4FD1-9063-211167F1BAE8}
19.08.2012  18:20    <DIR>          {1C0D0653-1029-4F52-8C0C-559BA7E14D49}
03.09.2012  19:42    <DIR>          {1C2C47FE-6A90-4529-BEA1-A60DFF6F18C8}
25.02.2012  20:17    <DIR>          {1C87BB5E-E0C2-42F7-9A48-9CE14D511F91}
05.05.2012  11:17    <DIR>          {1C891922-C357-41CF-81D6-7C51C41E9033}
01.11.2012  08:39    <DIR>          {1CD3CFE3-6FAB-4061-B7B1-79208F3DA71A}
25.06.2013  03:23    <DIR>          {1D1E6BD4-53EC-46FE-8BE5-AFF6CCA601AD}
14.02.2012  06:06    <DIR>          {1D206422-91E8-4FDF-AFCF-9A1CB4CDD861}
19.06.2012  11:05    <DIR>          {1D478C6B-E655-415E-BF9E-27BFD650EE3C}
25.04.2012  13:42    <DIR>          {1D86CC90-980E-4B0A-B18E-8E1B0FEB76DD}
11.11.2013  06:12    <DIR>          {1D9D6B55-2017-438A-B772-D712E67CB65A}
20.06.2012  06:25    <DIR>          {1DC82E47-7B5C-4A28-8CF1-1DE5C2E1C0B6}
20.08.2013  04:31    <DIR>          {1DCBABF2-948E-4041-8EBB-8D81A5FC6078}
17.03.2013  05:10    <DIR>          {1DDBAECA-0B15-4D25-BA46-B06CFF38BFCE}
09.09.2013  06:26    <DIR>          {1E1276E1-4A8D-4472-84E3-4B3FA737A843}
23.08.2013  05:34    <DIR>          {1E2C50B9-50AC-479F-A74D-D6D414347AD0}
03.02.2013  19:40    <DIR>          {1E7401B9-C265-44D6-9BEE-45C38E8D5FD8}
06.12.2012  22:12    <DIR>          {1E779B3F-2580-4132-9EF4-416F623604D4}
06.06.2012  20:11    <DIR>          {1E828012-CACB-423D-A6A5-16D27DAF4E25}
17.11.2013  03:49    <DIR>          {1E93B060-B95B-4A6A-AA76-80B8146AA64C}
03.04.2013  07:09    <DIR>          {1E95550C-042A-4B8B-A66A-8F3DFC8B9808}
15.03.2012  05:30    <DIR>          {1EE92966-CC1C-4D37-99A7-BFC14E7D2FB5}
26.08.2012  07:21    <DIR>          {1EF2F882-E581-497C-9627-E820A6253D14}
01.11.2013  06:27    <DIR>          {1F109866-84CE-41BC-A900-724546382AF9}
05.11.2013  08:07    <DIR>          {1F3F60C7-B6D9-4C71-AB3C-B2CD7E9CA09B}
01.05.2013  19:49    <DIR>          {1FE3A373-CF2F-403A-9E33-0A6CADBEB4BB}
29.04.2012  09:08    <DIR>          {202B2DDA-F0CA-4442-B121-B6806A593154}
20.06.2013  07:04    <DIR>          {2039B12B-06F7-4425-BE5C-730A217DEABF}
10.01.2013  07:17    <DIR>          {20AF4F31-EC1C-4D22-8D9D-09574015BEE1}
24.11.2013  00:26    <DIR>          {20C8B5BD-E495-48D6-9A6B-17E92C39ADFE}
05.01.2013  09:25    <DIR>          {20E5AB93-44C9-40E7-A6F6-5163927463BA}
06.10.2013  13:55    <DIR>          {212BE281-C025-413B-B7C4-9D42C6E6615A}
21.02.2012  07:14    <DIR>          {21492DDB-8C06-4D59-98B8-8251AD6B2545}
15.05.2012  05:07    <DIR>          {21F2C307-8AF8-4BEA-916B-B67730673C39}
29.05.2012  09:20    <DIR>          {224156D7-2500-4B45-8568-F7B3B3135003}
29.08.2012  04:22    <DIR>          {22593610-93B6-47BC-BBD4-F7746C4F189A}
12.12.2012  20:49    <DIR>          {2266CA37-D393-49A2-AC5C-F8E1068D8824}
03.07.2012  05:02    <DIR>          {22683C9E-4FE6-489A-8D91-186E28A4263D}
02.05.2012  10:16    <DIR>          {22AD74A5-0E0A-4B17-89FC-4B43CBB04D0F}
06.06.2013  19:04    <DIR>          {22B0DF95-CE51-4655-B304-70A5FA5C80EF}
24.04.2012  05:57    <DIR>          {22CEB0D0-ADDC-4E32-A85B-4366CF426D39}
21.11.2012  20:59    <DIR>          {22DF7DB7-7A3E-4F43-8072-78D705A8D546}
28.04.2012  06:45    <DIR>          {22E0FDA8-0359-40EC-BC97-8F99BD5301CC}
02.05.2012  11:21    <DIR>          {23A57C3B-467A-4375-997B-DE88D129D73E}
22.04.2012  06:38    <DIR>          {23BAF4AE-E443-4146-B383-B58339E88EFF}
29.05.2012  09:20    <DIR>          {241E2F6C-6540-4B4B-A083-7996A6C1095D}
30.05.2012  05:12    <DIR>          {2432B39E-CBC3-4C44-A2AC-20AD10A5A9C7}
18.06.2013  18:47    <DIR>          {2455C1C1-2DC7-481C-A6E3-1082BAB5C59D}
25.10.2012  15:26    <DIR>          {245A7829-779B-4D58-83C7-7C9722F3C870}
24.02.2013  13:15    <DIR>          {2487B341-0D25-4577-8767-1745586DF49E}
08.09.2012  06:49    <DIR>          {248A3138-A9F6-42EA-B267-A30C326DB0D6}
14.12.2012  16:56    <DIR>          {24D20DDD-60E2-4A2B-A11F-C2517DB77038}
26.12.2012  20:31    <DIR>          {24D4B1EE-FAB7-4310-B0D9-6A774E1DC4DB}
17.10.2013  18:55    <DIR>          {24EF60A0-1E4B-4F1D-90F7-6D0DFC0F93C2}
02.05.2012  05:37    <DIR>          {251D40E2-0141-4428-9E93-7B1FBE24ECD8}
11.09.2013  08:17    <DIR>          {2521F169-AE34-46DC-82E8-8C26496C5E39}
26.07.2013  22:06    <DIR>          {252600FE-102F-4964-9E20-477CE8E80D26}
03.02.2013  19:37    <DIR>          {254BEA56-7AE4-4B53-B3EE-8B447A757F31}
28.06.2012  08:30    <DIR>          {25729DD2-79F7-436E-AB80-6BF57DC3DE83}
20.04.2013  07:54    <DIR>          {25D128C6-7E08-441D-93FE-FDB8BA504DEF}
26.11.2013  07:23    <DIR>          {25EDAEC2-1C6B-4CEE-8B83-C88E21067976}
11.08.2012  07:55    <DIR>          {25F06543-5AED-4BE1-A899-3BDBCE8613A9}
24.06.2012  08:31    <DIR>          {26480B68-C44A-4BB4-802C-334DA22A25F0}
07.09.2013  13:03    <DIR>          {265156C0-5915-438A-8FDA-F04039E78F0C}
30.09.2013  18:48    <DIR>          {2670F759-FDEB-44D9-9EEE-AA1681EADE62}
08.06.2013  20:01    <DIR>          {26743C7E-5CFD-42F6-955F-AB93DBEBC3CF}
21.08.2012  05:08    <DIR>          {268BED24-D633-40B7-88D1-8FBC97D54F6D}
21.02.2013  14:43    <DIR>          {26AD5EC7-06FD-427B-AA48-8136A74BAA0F}
29.10.2012  05:41    <DIR>          {26DE84ED-0CBC-4889-98A3-E9D3F3229AD6}
05.06.2012  05:12    <DIR>          {27173C5C-C2C9-4320-BDF0-C4898EE6FE08}
26.02.2012  07:32    <DIR>          {27C3A93A-155A-4DE9-A3E3-1788BCC586BF}
29.08.2013  12:16    <DIR>          {285D04A1-1799-452C-9810-704046E8A786}
08.03.2013  07:42    <DIR>          {286460B7-211E-4C78-A01D-BC26552AFAA1}
06.01.2013  06:38    <DIR>          {28664F46-042A-4E47-B2C5-8B2EA95AD0D5}
03.07.2013  19:08    <DIR>          {288E9FC7-C413-4DD0-8195-725EED1FC4A3}
08.11.2012  13:33    <DIR>          {290C8FF6-7617-4548-BEBD-E319CAD1274A}
15.03.2012  05:30    <DIR>          {29EDA13E-AB8D-457F-BBBE-08B7612BFA78}
20.06.2013  22:16    <DIR>          {29F2A73F-0516-4538-B992-0061557AB2D2}
13.03.2013  05:15    <DIR>          {29FFF575-BFDB-4B5E-A09E-E4AFF4AEE5E6}
14.10.2013  22:05    <DIR>          {2A2945F5-036F-4099-9C20-25B63A6B4C7F}
20.06.2012  13:14    <DIR>          {2A2CDFE3-C4B8-4677-8993-30043F74063F}
05.11.2012  12:40    <DIR>          {2A9CE74F-FF30-41D8-8D93-12E8B2CB97E3}
05.07.2012  13:35    <DIR>          {2AF141D8-7A01-4F91-82AF-2ACCC65298A1}
27.11.2013  07:24    <DIR>          {2B8AF309-A913-4CA7-BC51-5E00EDF753C8}
29.04.2013  19:49    <DIR>          {2B939BAE-AE48-41A0-9ECA-1594433C4475}
08.05.2012  15:01    <DIR>          {2BFEE06E-4E38-4703-A7F1-A03BDAB11144}
08.06.2012  06:10    <DIR>          {2C368B92-347F-4CF3-8971-43146E5150C1}
28.06.2013  01:11    <DIR>          {2CC82253-3688-4878-904D-0F284451E2A3}
17.06.2012  10:19    <DIR>          {2CED07F7-A85A-459B-B2CA-E789E7FCA539}
28.12.2012  00:14    <DIR>          {2D616445-D39F-4661-88F8-A717574D79FF}
25.04.2012  05:24    <DIR>          {2DA1357E-008F-4B27-89C6-06E306CA0D6B}
01.07.2012  07:39    <DIR>          {2DCACE38-ADB7-4984-BF9F-8D8EED2EF8AA}
10.10.2012  19:14    <DIR>          {2DEBC1F6-069E-4495-8FB5-4BE5840689A4}
04.05.2012  22:30    <DIR>          {2E2FAAD8-B18E-4DA8-9732-75D56E16356D}
07.08.2012  17:16    <DIR>          {2EA2C82B-7CFB-42FD-B2A5-2355320C5DEB}
10.12.2012  05:27    <DIR>          {2EDB6AE9-1A9E-4F40-96D4-3123EE60D0E4}
04.11.2013  19:52    <DIR>          {2EEEE716-FA39-4522-973E-DA46F7EAEBD5}
23.05.2012  18:31    <DIR>          {2F0B432D-C99D-4DB2-818B-5954DE9A203D}
27.06.2012  06:47    <DIR>          {2F139CB0-8630-4335-9202-BAFFA9C2F59E}
14.05.2013  19:58    <DIR>          {2F214D10-6C61-4EAE-B188-32B324FF84FB}
29.07.2013  13:04    <DIR>          {2F32BF3C-29AE-42C8-A2C6-157DC0DBA9DA}
19.04.2012  09:12    <DIR>          {2F82D2F6-6DC1-416E-9675-2CF5D65EEECE}
31.08.2013  12:42    <DIR>          {2FD24D45-97C1-427A-8839-164C59AF24D2}
04.03.2013  14:11    <DIR>          {2FE5C05C-55E7-4E89-8469-71AC0EDD964A}
27.03.2013  07:47    <DIR>          {30185C40-1860-44E2-881D-BA474D26757E}
25.05.2012  18:59    <DIR>          {30AD6C07-A89D-4140-B4BB-60FC97AB121E}
07.04.2013  23:11    <DIR>          {30C8101B-152A-463A-905D-9A956F6771E6}
12.11.2013  07:05    <DIR>          {30F0F5C1-361A-49F7-B909-8BB1122A2ECE}
20.06.2012  06:25    <DIR>          {310AC8F0-01C9-43AE-81D8-65E85AAF0A79}
11.02.2012  03:54    <DIR>          {315C135D-D306-46C1-B137-F5009B4A47F2}
10.07.2012  19:07    <DIR>          {31771E23-2B10-4313-9E5A-1799E27D7E8A}
05.07.2013  18:36    <DIR>          {3197652F-1791-4230-9873-57E71C63E711}
13.05.2012  05:51    <DIR>          {319B6C35-2540-4132-9771-8A03181EB5A3}
07.07.2013  07:35    <DIR>          {31A24935-879C-411F-B1B1-5C9A11D59BBC}
19.01.2013  23:41    <DIR>          {31C1FA5B-93B7-4FC7-8F8E-EBF0AEB18C21}
09.08.2013  10:38    <DIR>          {3200A828-1471-4DA5-A7E8-B1B4B6F04DF0}
04.06.2013  06:03    <DIR>          {3224A251-A755-4E34-9BCE-7BAD4CD5B00E}
10.05.2012  12:15    <DIR>          {326A695E-CD14-4C8A-886C-796E718E939F}
01.06.2012  16:33    <DIR>          {32757647-4A7E-43CC-A663-358A47C834E5}
08.06.2013  08:01    <DIR>          {3275F03A-ACFB-4FFB-A4F3-CEFD2AB1EFBD}
25.05.2012  06:11    <DIR>          {328394F3-EDDF-42A5-9916-DB56739C91C9}
24.04.2012  15:22    <DIR>          {330215D0-C91E-4B59-8F9D-F6E5F15B94FF}
27.03.2012  08:24    <DIR>          {334349A0-B119-4850-915B-3342DBB6B9CD}
31.07.2013  06:35    <DIR>          {334E38BF-4EAA-42B3-9FB2-73B184C24F22}
06.07.2013  06:43    <DIR>          {33857AD7-F145-4484-8762-B73EA1106139}
27.10.2012  23:00    <DIR>          {338B4454-F35B-4BB2-A17C-A7F0E40395D3}
29.02.2012  21:06    <DIR>          {33AF8988-59A5-4A48-B67A-88E7ADB24A83}
18.05.2012  06:07    <DIR>          {345EE255-5BE1-4EE4-BC91-33CEF99653C1}
29.01.2013  19:53    <DIR>          {34752812-045F-46B5-9939-2BCBB6C4924C}
30.08.2013  21:10    <DIR>          {34C33518-6F00-4CDD-A677-CB0312AEC118}
30.03.2012  07:04    <DIR>          {34FDA26E-CB7D-4DDA-BB84-B273E9A028DA}
04.03.2012  21:15    <DIR>          {356D8020-B8CA-4E16-B5CE-BCBC68076FEC}
18.10.2013  08:25    <DIR>          {35777D4B-1518-48AC-B67C-EDB1737CA2EE}
19.06.2013  15:08    <DIR>          {35876E92-FAFC-4B3F-99B4-C0754DCF5039}
10.05.2012  12:15    <DIR>          {3594A6E1-2C28-4E7B-8B11-4BBA4FD1264A}
03.10.2012  06:55    <DIR>          {3596827C-F433-434C-9005-C0D2683046E5}
03.06.2012  22:23    <DIR>          {35A93C92-AF4C-4775-BB3E-30BAC386944E}
03.05.2012  06:15    <DIR>          {35DFA49A-EA9A-43CA-A8AC-CFAF7C470000}
26.06.2012  13:06    <DIR>          {35F916BB-CBB2-4BE5-989A-4F3017D6A297}
07.03.2012  17:20    <DIR>          {35FD62CD-08B6-49AE-B661-9E8A0C365F82}
06.05.2012  10:30    <DIR>          {36544B66-900F-4117-B06D-A4B720D27E0B}
28.02.2013  19:28    <DIR>          {3656142E-05EE-41BA-AF1B-5A5E353F0DF7}
16.02.2012  06:10    <DIR>          {36744AE7-06AE-45C1-81DD-61BF6CB38F71}
01.02.2013  06:23    <DIR>          {36B80766-8EE7-4952-BF77-69D72A7620AB}
17.11.2012  06:34    <DIR>          {36C2AC2E-D3D1-4641-A2F6-2A2224A460E3}
11.10.2012  08:02    <DIR>          {36F290B0-0D69-4BCC-A03D-71746065FA38}
26.05.2012  22:21    <DIR>          {375CF475-C95C-4223-A0D3-2F0923AE5E08}
07.08.2012  05:07    <DIR>          {378B1B12-3693-480C-82F4-ABB93EBE78C2}
05.04.2013  19:57    <DIR>          {37A696F3-9715-45A7-9142-185983DBDCC7}
12.10.2013  15:18    <DIR>          {37E3CB94-5ED0-44FB-9D94-5ECA821BBAC1}
22.04.2012  06:38    <DIR>          {37E4802F-66C1-4E22-8EC7-BD39F39E5743}
14.12.2012  04:56    <DIR>          {381DFEBF-4E2B-485C-9560-B39028872B2D}
14.11.2013  17:29    <DIR>          {3825427C-D53C-4C7B-A29A-D3E592444E94}
13.03.2012  14:41    <DIR>          {383486DB-BEC3-4B30-9599-01ACAD76CC90}
30.06.2013  15:39    <DIR>          {3836C132-F0D9-446F-BA4E-B334FE1DF48B}
22.11.2012  09:49    <DIR>          {3856279C-E2E9-484A-8AA2-651BB760B3D7}
12.05.2012  10:16    <DIR>          {388CB9BC-A95D-4DC9-BCE4-4F696FFD2EFB}
17.05.2012  10:41    <DIR>          {38EF3653-B6B6-4890-A27B-5E890AA8A1CB}
26.09.2012  17:28    <DIR>          {39C4D7B6-05E5-402E-9AF0-B300ED78950E}
06.04.2013  08:34    <DIR>          {39F0312D-701F-40EF-B87C-BC050B5506F0}
07.02.2012  08:10    <DIR>          {3A11BC4E-8E9E-46F4-B801-A7D1675938EC}
09.10.2013  19:58    <DIR>          {3A44C98B-2E03-4AC1-B547-95CB015EA906}
25.02.2012  20:16    <DIR>          {3A6AAA86-AE35-4250-9D7F-16F2DC2FAE59}
13.03.2013  18:26    <DIR>          {3A6B846B-19F8-46A9-84DF-118245CC56AB}
10.06.2012  06:02    <DIR>          {3A6E9C1F-0AD2-4BB0-97E3-F5638FC3C687}
01.08.2013  06:46    <DIR>          {3A758628-F8AC-41C2-BE0C-37D40BFEAAD4}
27.05.2013  12:35    <DIR>          {3AD26E9B-6A1B-4F5D-AA5D-BE99BDD021D3}
27.09.2012  22:51    <DIR>          {3AE62C75-A9D4-48A1-A0E7-4F38E2768F72}
04.08.2013  21:11    <DIR>          {3B155D2B-2FD6-489C-A4EC-ACAD20E7F246}
02.02.2013  14:57    <DIR>          {3B2AF214-449A-43BA-8E86-9FA75E3AA0B0}
17.05.2013  10:44    <DIR>          {3B4BF51D-4E40-4502-B31A-372ECAA298C9}
21.11.2013  16:00    <DIR>          {3BA82CCD-57BC-4605-9C10-0F51EADDCD60}
17.03.2012  06:25    <DIR>          {3BACC54C-8BE3-4CA1-B8AD-70DD4A98A89B}
08.09.2013  18:03    <DIR>          {3BF20D49-D1FA-4795-B812-E2DD72074871}
31.10.2012  05:52    <DIR>          {3C3D70CE-8350-41F7-926C-CFCED6F52ECD}
28.02.2012  08:02    <DIR>          {3CA94783-1F2C-406D-BDDD-7074CCEED4C7}
20.10.2013  08:20    <DIR>          {3D38EB10-4B5A-417D-A97B-0576C2377390}
27.08.2012  20:22    <DIR>          {3D5E25CF-97FB-4720-9241-E5757EAF7CE9}
28.11.2012  10:01    <DIR>          {3D5E8B7D-4783-4371-AFD7-543F2F3685AB}
22.03.2012  20:05    <DIR>          {3D9476B1-71A3-42BA-9987-56868D69DB10}
22.04.2012  18:22    <DIR>          {3D9A8839-84F6-44FA-9F3A-0DE0276D3D11}
02.05.2012  10:16    <DIR>          {3DF456CC-860B-4F3A-9DEB-4FA6ED58BF67}
17.05.2012  10:41    <DIR>          {3E28D4CB-B180-44AE-B3B4-9A86614F1538}
02.05.2012  15:57    <DIR>          {3E60D716-186E-4A99-A720-65109D6A856E}
15.03.2013  08:00    <DIR>          {3EA578E1-4B27-4FF1-A2EE-7B126AAB2B25}
22.12.2012  01:04    <DIR>          {3EAFC226-BAC4-40CE-B3A0-55D203C5E680}
26.02.2013  06:13    <DIR>          {3EC23A5E-C5C9-4AE3-B3E5-F3E4F96AB24A}
10.03.2012  17:53    <DIR>          {3EC51A63-C671-4FE2-853A-68757F7F1F85}
13.05.2012  05:51    <DIR>          {3EE2384D-12EC-4983-BD2C-D683962D886D}
27.04.2012  05:06    <DIR>          {3F03D21B-B64A-4E88-811E-637B6F818042}
18.09.2013  07:49    <DIR>          {3F1D7FC8-F7EB-4B19-BC9F-CA1356E8A356}
12.06.2012  08:43    <DIR>          {3F45F815-38FF-4A46-8B88-3D7A1C192F78}
07.05.2013  11:05    <DIR>          {3F578A58-E790-4593-9331-B38DC0F9DDEF}
12.08.2013  04:47    <DIR>          {3F70034B-EBAC-49B0-B8CF-3266F1B9C6DE}
14.02.2012  06:07    <DIR>          {3F7F6A67-08D1-4A0E-B4F0-5F915325BF09}
20.04.2012  21:26    <DIR>          {3FA7A5F8-AA66-4EAF-81B2-C2B199196FF9}
09.10.2013  05:11    <DIR>          {3FB0F977-A963-42AB-9FCC-4A3D4398FB7D}
26.04.2012  05:23    <DIR>          {3FB227B7-EA54-4A1E-9377-FC75A60AD7F9}
26.08.2013  04:40    <DIR>          {3FF05A9F-6A3A-46F4-BB73-DEBDCDF4E668}
22.04.2012  11:56    <DIR>          {402982E6-6E9E-42CD-A5A7-061CEFAC5BD9}
04.07.2012  16:53    <DIR>          {405E948F-01AE-49DE-8073-FCA025F415DE}
02.02.2013  00:30    <DIR>          {4098C66C-EBD0-4B0F-A2BD-6E6DAAB2F308}
17.11.2012  19:21    <DIR>          {40E92C36-D35A-4F5B-86B5-62C6FD10F9BF}
29.10.2013  18:45    <DIR>          {40F0BCE1-583C-45E1-845F-382AF7881C41}
23.10.2012  06:11    <DIR>          {413A3699-7258-4557-BCA4-A1BA3B645CD7}
12.12.2012  18:57    <DIR>          {413A6789-5D18-475D-8924-3315FE566304}
03.08.2013  05:01    <DIR>          {4157A857-C1BF-4EE7-AC9E-478F7E55B3BC}
28.08.2013  07:16    <DIR>          {41AC2BF9-5496-4F9B-9A1C-3909AFC2BF3E}
12.03.2012  05:31    <DIR>          {41BFA7D3-F763-42E4-A346-07187817D9D4}
17.08.2013  08:08    <DIR>          {41E9F658-F09A-47CC-9F93-88084E9559A2}
01.09.2012  22:39    <DIR>          {423763DE-7D1E-40FB-B528-8804698EF473}
23.04.2012  13:50    <DIR>          {4240E828-9898-4F56-B81B-4A47A7622210}
29.03.2012  13:01    <DIR>          {42CCD161-FFB0-40DF-A88F-3D36B8849AA5}
14.07.2012  18:49    <DIR>          {42F725A4-A296-48DC-8B8F-12AE5A304AE9}
05.10.2012  05:54    <DIR>          {43BA2C58-1354-4648-AE06-1488D8B91707}
03.03.2012  10:50    <DIR>          {448EEA07-97F4-4115-942D-399BB4EF8929}
15.08.2013  06:26    <DIR>          {449CAED1-D814-4903-9584-7EFD5FFEF9FD}
14.04.2013  19:14    <DIR>          {44BD08FB-5D13-4750-B80D-0BD6ACAC73C1}
23.05.2012  18:31    <DIR>          {44CF0CF9-D37E-478E-B9EE-AF172BF32CF4}
25.02.2013  13:39    <DIR>          {4509BC37-7A2B-4C34-8A0A-9CDE4E2ED099}
12.06.2013  12:29    <DIR>          {45A404CD-D32C-47E6-A196-07B4A2713048}
07.11.2013  08:53    <DIR>          {45F428CD-DD62-4677-8F26-6EECB5BA10A0}
25.11.2012  20:45    <DIR>          {45F66FF6-3950-4FB5-9646-47BA1309921B}
17.10.2012  23:28    <DIR>          {466FFD3B-7E57-4BD5-A009-8851A9F0B171}
11.03.2012  08:48    <DIR>          {4692BA29-30AD-4398-A0D4-82A43BCA9CCF}
21.03.2012  21:02    <DIR>          {46E60772-0948-4D4F-9802-2D41D1903B69}
16.08.2013  19:39    <DIR>          {472E9C7C-B408-4B02-8540-87F841110840}
06.07.2012  05:08    <DIR>          {4798FC0A-4009-4E07-A872-B00A4854AA4C}
08.07.2012  16:24    <DIR>          {47A66550-B6BF-4FBA-B84D-530B3AC6D3F1}
03.11.2012  09:34    <DIR>          {47AB9B93-0391-4342-8B21-210C2C52576C}
05.05.2013  18:17    <DIR>          {47AD1B08-D5F3-4390-9127-C12F515B1EC8}
10.03.2013  07:06    <DIR>          {47C0834A-202F-4AC4-AE0F-441C015C0323}
20.11.2012  20:09    <DIR>          {47C34EB9-810A-43CB-B11B-441BF893A22C}
25.06.2012  19:38    <DIR>          {47F3B64F-3FD4-438A-8E87-E856E8F0EA28}
17.09.2012  12:07    <DIR>          {484434C9-15AD-4E61-807C-11F3765CEAF2}
24.02.2012  15:51    <DIR>          {48616DFC-8BEE-4EEB-95E4-1AA780FC93B0}
24.09.2012  08:32    <DIR>          {48711CCF-0E9B-4D00-B13B-787B8AED8881}
16.12.2012  08:16    <DIR>          {4884A93F-32D5-4673-877E-B712BBF59CEC}
24.11.2013  17:58    <DIR>          {48A950CE-0E51-4C5A-8180-16A45760EA17}
24.02.2013  01:10    <DIR>          {48B8F82F-F26D-4944-B9B0-F0742E12724C}
21.10.2012  06:23    <DIR>          {48CCFBA2-D6DD-48A8-91AA-512347F4C0B3}
13.06.2012  20:01    <DIR>          {48EEA541-E00A-48F7-8B50-5E25CB9B8BBE}
27.05.2012  19:35    <DIR>          {495CF215-CC39-4911-8654-95483812175A}
20.02.2012  00:36    <DIR>          {49AAB700-1EB8-406B-B02E-C8262DA1658F}
28.06.2013  15:04    <DIR>          {4A4546B5-81E2-45DB-971F-6AEB54EB0959}
30.05.2012  04:36    <DIR>          {4AD96AD3-093E-4460-A33F-597576E671A7}
28.04.2012  09:26    <DIR>          {4B45A86E-BCAB-4655-8559-E67FB4A4EF6B}
17.08.2013  23:37    <DIR>          {4BA5DB5F-0D35-4E50-9916-3657B5FAB42A}
23.06.2012  07:20    <DIR>          {4BAEB805-8075-4DD6-BAA5-E1199A2E6549}
05.05.2012  11:17    <DIR>          {4C300426-4BD9-4F80-9B6E-61BE5029FF25}
26.07.2013  08:45    <DIR>          {4C4E5C3E-5919-4FE1-BF70-7237315FA92F}
18.02.2012  09:15    <DIR>          {4C53A5E8-C465-4798-A29E-C0AC4C53494A}
05.08.2012  14:52    <DIR>          {4C65A1CB-BA68-4684-8676-5CE6F0F4D382}
25.02.2012  21:49    <DIR>          {4CC9BB65-CC8D-40F9-9723-07DFF61A55A3}
06.09.2013  06:05    <DIR>          {4CCF45A3-3C7C-45DD-B480-2BF1327C8245}
13.11.2013  16:25    <DIR>          {4D406809-91F4-48B8-BE8C-A2D76EF727A8}
16.11.2013  07:05    <DIR>          {4DBB0BA1-3368-45B5-9D62-4360C0BCEA4C}
02.04.2013  06:05    <DIR>          {4DC87C9E-B168-45AE-AF29-B924BF93218E}
16.06.2013  22:52    <DIR>          {4DD30565-3907-4A44-A3CB-4A446F63AA06}
16.04.2013  07:06    <DIR>          {4DF382C6-68F3-4438-A20B-69C520DFEB1D}
02.11.2012  06:09    <DIR>          {4E099573-A215-4185-BEE7-0F6A35BCDF32}
24.03.2013  19:48    <DIR>          {4E1E8B61-0D98-4800-918C-09BC7F2FEB14}
11.12.2012  05:44    <DIR>          {4E6278C3-E350-412C-9DEB-854BCD9B8911}
19.04.2012  13:29    <DIR>          {4E981409-3740-47ED-9FA4-8B9A9F68D1A5}
09.08.2012  06:58    <DIR>          {4EC0A60C-B20D-47A0-9E45-9A0821EF53F0}
02.05.2012  05:37    <DIR>          {4EDD2C07-F3F9-40C4-B784-4AD10F4122AE}
01.04.2012  10:46    <DIR>          {4EF8CF7D-6F84-44BD-B7DC-179E2BDD316B}
19.10.2013  18:41    <DIR>          {4F07561B-C550-45A8-B911-C8970CAA7A4C}
04.07.2012  22:33    <DIR>          {4F148183-39EE-428C-BAF4-2CE576B54256}
21.02.2012  07:14    <DIR>          {4F7805D9-84C5-4F43-B470-A546E848D086}
06.02.2013  16:15    <DIR>          {4F998840-FC92-4A93-A667-980595AF6482}
26.08.2012  07:32    <DIR>          {4FA5FEDB-D772-45E9-A5A9-B1CF66C0CC34}
14.08.2013  06:05    <DIR>          {4FFD02FA-AF4A-4A60-B13C-7851637D5412}
14.05.2012  06:53    <DIR>          {5005FD76-4031-49E7-B197-E644B1669080}
14.09.2013  14:44    <DIR>          {502B4774-C22C-4223-A3CF-E664E30F5666}
20.05.2012  05:18    <DIR>          {504C56F2-F86B-4CE0-A131-EC554ACF9373}
09.10.2012  07:13    <DIR>          {5051E737-E97A-4DEC-9903-7EE3E8E6E0EF}
16.05.2013  06:32    <DIR>          {5096E7EB-5979-4124-994F-6FF3A405AA76}
27.08.2013  05:52    <DIR>          {50E8E6F2-694A-4123-8FBB-17E72EB22F78}
18.11.2013  06:31    <DIR>          {50EC7DB5-96D9-4921-BF5A-25F1534D8E55}
06.11.2012  05:51    <DIR>          {50EC81F5-ABAD-4B40-B9A6-3BCF9A8AF857}
09.11.2013  22:04    <DIR>          {50F081A0-ECD1-4BCE-A2C2-2E428FC7C75B}
10.12.2012  17:34    <DIR>          {51E5814A-31F5-41D2-A3AD-0039294F58FB}
01.08.2013  20:14    <DIR>          {52A4E983-8AE8-40E2-8FED-CF504269E1C4}
07.04.2012  06:54    <DIR>          {52B3E10F-9460-4C4C-880A-E7A8A574E0C7}
18.06.2012  18:09    <DIR>          {52E45E8B-F0B9-4D5C-AF7F-ADD44A19159E}
13.01.2013  07:18    <DIR>          {531D1277-AB9A-4B85-B11F-972EEA69720C}
29.10.2013  06:02    <DIR>          {5370C6FA-483A-4506-AD23-BA3487B42847}
22.02.2013  18:21    <DIR>          {53844149-1931-4232-A0B4-03909CE66F0C}
21.08.2013  19:41    <DIR>          {53CCE204-8754-44C7-AC3F-B0E47574011A}
30.07.2013  17:47    <DIR>          {540C2F4B-1EB9-4472-8985-5D70EF00153D}
07.03.2013  11:38    <DIR>          {540EFDFF-F968-4AD0-B906-DB7AC5FDF9B8}
18.09.2013  20:26    <DIR>          {5431409A-9BAC-45F2-98A8-8B1E3608C377}
30.08.2012  07:46    <DIR>          {5440A586-7793-4E9C-AD6B-720A75123C6A}
17.12.2012  07:27    <DIR>          {5491A596-B533-4BC4-8755-5F8FCAB82FB3}
28.02.2012  08:06    <DIR>          {551929F1-7840-4658-AA98-D784534D5E81}
12.07.2012  04:36    <DIR>          {5524E87F-68C8-4A71-9B39-4392D7906AC6}
12.04.2012  04:54    <DIR>          {5529FFAA-F63D-437F-8FE8-47B6BCD95855}
19.11.2013  19:28    <DIR>          {55420F8C-BDD1-45EA-A65D-1644F64B7E4D}
13.06.2013  05:30    <DIR>          {55488A6B-E459-4F5E-B495-3185A21FD309}
25.11.2012  07:19    <DIR>          {55CE638B-90BD-4516-A870-236A3B29DC18}
13.11.2012  00:11    <DIR>          {55CEB39F-0500-42E7-8FA1-A34A26F0CA6D}
15.11.2013  19:04    <DIR>          {55FEF5E8-7318-482A-99D7-43E139179741}
12.09.2012  08:36    <DIR>          {566F675F-E941-42EF-94B9-710D543C3CF7}
16.04.2013  20:03    <DIR>          {56C6D73B-F299-4F3F-A19F-AF0B911ECD8B}
01.02.2013  20:37    <DIR>          {57163856-CAC0-42B3-863F-CD5B40292C0E}
14.02.2012  18:07    <DIR>          {57400A95-3595-4A53-85C8-179F41A557CB}
29.02.2012  11:16    <DIR>          {575AA84C-6221-4E22-A80F-89512B0717FB}
10.10.2013  09:19    <DIR>          {576804FF-EE25-4980-A1C9-87D398EC1FEB}
03.06.2012  07:08    <DIR>          {57B56351-AA73-416E-9C26-ADA10B6D62B9}
12.03.2012  20:34    <DIR>          {57BE9C1C-500C-411C-BBE1-A5CD7C3364E8}
01.03.2013  07:29    <DIR>          {58141E5A-C081-47C3-AE33-E6898D5F2BE2}
04.10.2013  12:22    <DIR>          {583457CE-A96B-4513-B510-4DC1C876B191}
24.08.2013  07:08    <DIR>          {58975C8B-DF9D-4FBC-A5D2-9EE34877E2AF}
19.01.2013  09:42    <DIR>          {58B27BF7-325A-4C2F-BE03-8D0C6F0D04B6}
20.01.2013  13:35    <DIR>          {58D1BB58-C549-4A13-931D-50BC8CF7B681}
21.03.2012  21:02    <DIR>          {58F84D70-35CB-41C2-8264-577CE283C8A0}
23.10.2012  18:11    <DIR>          {593BF080-FE9E-4683-9381-D301726CDA44}
30.09.2012  03:30    <DIR>          {5966EAC6-442C-41A1-9A6D-B24153D4F0CC}
06.08.2012  16:13    <DIR>          {59D22E78-5E3E-442B-A500-5783C04029BE}
29.04.2012  11:14    <DIR>          {59E42F95-17A5-4889-80AC-9F38D0FBBA0E}
18.04.2012  18:47    <DIR>          {59E6F06E-5A6D-442D-A5B6-32695E2FC49B}
04.03.2012  21:14    <DIR>          {59FAA2F3-E26E-4DB3-9F71-ACC09188AA3F}
04.10.2012  13:59    <DIR>          {5A21F6FC-FE89-4362-9030-149B3D098A72}
16.08.2012  19:55    <DIR>          {5A2B1E5B-5E1E-49E1-9E41-7B20A316FDD3}
30.03.2013  10:22    <DIR>          {5A8AA442-108E-449F-91E7-A5B44847535A}
07.08.2013  18:50    <DIR>          {5A8C498E-ABDD-46D9-8CAA-D73DD673D634}
04.02.2013  08:17    <DIR>          {5A905A6E-B599-482B-B56D-D739DD9A5FCC}
23.04.2013  06:03    <DIR>          {5ABEA6D5-8C82-4AB0-92C2-C1FEE7E49AE2}
12.01.2013  14:39    <DIR>          {5B6C7F56-7B2E-4544-8BDD-617752BCF512}
10.02.2012  13:52    <DIR>          {5BB912E5-8B19-4B65-AE1C-DB94D7076341}
25.03.2013  08:49    <DIR>          {5BBF322F-B713-4E8A-A109-A2F45FB87EE9}
09.03.2012  07:39    <DIR>          {5BED1F4A-55A1-4504-A32E-8E28C95B3BD1}
31.05.2012  09:24    <DIR>          {5BFCFD3E-0F62-4D5E-8727-3AD4C81794BF}
26.04.2012  12:27    <DIR>          {5C1612AA-9D12-45A5-A1EC-BBB7FA8E94D0}
02.05.2012  19:23    <DIR>          {5C9B39DF-F0D6-486E-8EA7-453459E46659}
16.05.2013  18:53    <DIR>          {5CDDBB30-8C82-449E-9BCC-D219BF039D92}
11.04.2013  18:58    <DIR>          {5CE64DB8-680B-4FE3-85E0-50AED762BF9D}
28.02.2012  21:26    <DIR>          {5D2C8799-309F-4100-BA95-5A0EAD064352}
20.03.2013  18:48    <DIR>          {5D34EC2E-F94E-4A12-BA63-FD1563F29A06}
30.06.2012  15:49    <DIR>          {5D3CB807-352E-42A1-A665-F09917370CD7}
09.04.2013  07:18    <DIR>          {5D548C0C-FB9F-47E8-B2DF-3C8803A9E018}
03.11.2013  09:32    <DIR>          {5D5A6197-B106-493C-A7C8-4834E5198C2B}
13.10.2012  10:32    <DIR>          {5D5D8A25-CA2D-42E1-B5E5-5914789EC02A}
13.03.2013  17:16    <DIR>          {5D6D7A54-1271-4A74-9E38-8EDFD5E08821}
19.04.2012  20:29    <DIR>          {5D7F2AE5-2008-4980-961C-26A3CC5A7995}
10.09.2013  06:34    <DIR>          {5D835E34-0819-44DD-ACF1-BE7CCB056358}
15.01.2013  07:42    <DIR>          {5D846800-D75D-41AA-97A8-C8F626F73145}
23.04.2013  19:03    <DIR>          {5D90BB21-6C46-4C68-8A45-56E7D1D02B38}
09.09.2013  18:34    <DIR>          {5DCBCED4-E16D-4C2B-825B-220F604E9B97}
07.07.2013  22:15    <DIR>          {5E703AF4-3791-407E-8D25-56C6EDD031F5}
15.03.2013  20:42    <DIR>          {5E903FFA-BD19-432D-B94D-3E5068268652}
23.09.2013  18:19    <DIR>          {5F10ABFC-D0B4-4A15-A353-D531825BE428}
01.07.2012  07:39    <DIR>          {5F1BB078-C661-49A0-A080-A92A85AE01ED}
01.06.2012  16:33    <DIR>          {5F5078F7-B03C-4140-A12B-FCF8430C622C}
17.06.2013  13:07    <DIR>          {5FBC0733-9970-45B1-B323-DD1022999F1C}
23.06.2012  20:28    <DIR>          {601000AC-C79C-4433-BF33-F0F906419BB3}
16.05.2012  18:32    <DIR>          {601794DB-9950-4B7B-8A7F-0D0BF348E1B4}
25.12.2012  09:12    <DIR>          {602B43CB-F49F-4D8C-85D6-A79926A9BF08}
30.12.2012  11:55    <DIR>          {60406840-C818-4613-B8EB-6D80BE2FD8B5}
03.06.2012  07:08    <DIR>          {6052EDB4-E009-4507-826F-DA811B5251DC}
06.01.2013  18:47    <DIR>          {618552AB-E438-48CA-8619-41020A64E6CA}
25.03.2012  23:28    <DIR>          {619552E5-BEE2-4703-8301-FB66E2A7953E}
28.05.2013  06:17    <DIR>          {62213B93-AC0D-4D0F-A805-ED1BF5D7586E}
22.02.2012  07:43    <DIR>          {62371CC7-B4D6-4CA6-8DDE-CB7144958E2F}
25.09.2013  12:56    <DIR>          {6239676B-22D0-436B-A99C-5C9646D07962}
27.09.2012  03:41    <DIR>          {62396C93-3FC3-4F4D-B353-65B31F798623}
09.11.2012  05:29    <DIR>          {6241C3A0-C8FC-4666-BFCD-44B2EAA57BC3}
30.06.2012  15:49    <DIR>          {6297ADC3-2139-4FE7-9B02-4F793EA6C3B5}
16.11.2012  14:57    <DIR>          {62E45271-969C-4A21-AE74-F0681B405E63}
09.02.2012  20:45    <DIR>          {63221224-E91D-47F5-82AC-E6CD880AABCB}
02.12.2012  07:53    <DIR>          {635A6F8D-6453-473E-8AC4-A4F98EAF2911}
23.02.2012  07:45    <DIR>          {638AA037-8996-4C13-8F45-2F9329C131D0}
05.10.2013  09:51    <DIR>          {639F2ADA-8391-495C-86FD-4850E139A432}
07.10.2013  18:44    <DIR>          {63A048C3-974B-4A3F-A0F2-A43DBB1B9E0F}
13.06.2012  05:20    <DIR>          {64124634-D272-4DF8-9F72-A7656444200E}
17.04.2012  07:13    <DIR>          {642794F0-5C8F-486C-AE34-D9EB97EB2B94}
04.09.2012  19:30    <DIR>          {643AD491-3BE0-4910-A6E8-48C65F4834B4}
14.07.2012  06:48    <DIR>          {6466B0E5-059F-4415-ABC3-09DCC9D53438}
25.08.2013  08:44    <DIR>          {647A027A-44F8-46DC-8FF1-EAA494741B8B}
16.03.2012  07:49    <DIR>          {6482D602-EA1B-4A46-80AB-E5ED45DBE481}
11.10.2013  19:02    <DIR>          {64B424F8-CC39-4E91-B0F1-6EF086AD9059}
08.05.2013  06:27    <DIR>          {65506506-126D-4502-9C5A-D16F840EB2E6}
07.08.2013  05:23    <DIR>          {65629BF7-4EE3-43B4-AE19-60606B247143}
29.04.2012  09:09    <DIR>          {65A42D9E-A716-482E-8EF9-BBE57AE831C5}
08.10.2012  09:08    <DIR>          {65BC0339-DC5F-44B0-91ED-1106A1E040AD}
30.09.2012  16:47    <DIR>          {6624E60D-F8F4-441F-856E-647BC3989832}
16.02.2012  19:37    <DIR>          {665EB0B7-4D9E-4BB0-88E7-99333E1A7CEA}
11.10.2012  20:49    <DIR>          {66955EED-F874-4F5C-908F-56A133DDF210}
22.02.2012  19:44    <DIR>          {669F38DD-8617-4792-9CBD-E00A447526D3}
24.04.2012  09:00    <DIR>          {66C6C5BE-F307-42A1-BB38-2A908AA72E13}
16.03.2013  09:23    <DIR>          {66DD8639-205D-4FF7-9DBA-482287DEDA99}
13.01.2013  19:35    <DIR>          {66DE92A3-3578-4783-9847-6503019204F2}
14.11.2012  20:45    <DIR>          {6706F647-4350-484F-B4A7-1468C3E3D934}
27.12.2012  09:07    <DIR>          {67788DE7-8515-4A37-A7AE-6A214DCEAB59}
04.03.2012  09:14    <DIR>          {67AF3D8B-EAD1-402D-AD07-35D364518188}
01.11.2013  20:04    <DIR>          {67D44AAF-4CE8-4106-BD04-521CAD90938B}
23.09.2013  05:44    <DIR>          {6824757C-0989-4494-97CC-A556C0BF352D}
09.07.2013  16:45    <DIR>          {683138F3-50F8-4462-9E59-89D9A98A2226}
11.09.2012  12:06    <DIR>          {6843AD83-AD41-492E-8324-6A3EBA9F1030}
12.08.2013  17:23    <DIR>          {688FDD11-8CE2-4605-B511-5F532131B378}
22.09.2013  09:42    <DIR>          {68D9CB8D-1920-47B2-A766-48BAAB58F177}
16.07.2012  17:39    <DIR>          {68F1AF10-13B1-4898-AFA6-028F66B3CE10}
29.03.2013  05:17    <DIR>          {6929E167-CB6E-406B-9812-8F7DC35A81A6}
10.03.2012  17:53    <DIR>          {6997873D-645F-47E9-AD15-322B8E2DCFEA}
08.02.2013  07:41    <DIR>          {69A7C500-027E-4FEB-A60C-8C0863CFE9CE}
06.02.2013  18:10    <DIR>          {69A895EA-A616-42F6-B056-4B471B1D3D1C}
11.08.2013  10:34    <DIR>          {69D27CCB-4E9F-40AA-8B96-26D6D722530D}
09.05.2013  07:56    <DIR>          {69F736BD-5CA9-46B3-95C8-9C9788E907E8}
27.02.2013  13:09    <DIR>          {6A1FCF10-49AA-4924-97E7-869D9A0E614E}
11.06.2012  06:50    <DIR>          {6A21750E-2B0F-49CE-9D0A-F7264B58479E}
03.04.2013  19:36    <DIR>          {6A9D7D16-95F6-4C61-AE61-F8B2F9F3A071}
29.06.2013  20:22    <DIR>          {6AE0650E-C350-4850-B900-697956C15F9B}
02.11.2012  20:19    <DIR>          {6AE2B820-A819-44CA-85CC-E0516E64345C}
02.05.2012  15:57    <DIR>          {6AF4C43D-EACF-49E8-9053-2EF433300E52}
13.12.2012  13:16    <DIR>          {6B1AF319-3139-410B-9E5A-933C29B782B7}
28.07.2013  20:05    <DIR>          {6B4AD312-FF43-4321-976F-89A042C8E694}
09.02.2013  05:57    <DIR>          {6B96203E-54DC-4DBE-A9E7-C9F7F94FB0A6}
04.11.2013  07:11    <DIR>          {6BB0DE03-054C-4194-8974-63DF3D65BC4E}
04.12.2012  07:27    <DIR>          {6C69D0F0-2D97-421D-9DF2-506B191D1083}
17.04.2013  08:18    <DIR>          {6CF2732D-F7FA-4A53-9E4B-2DFC043191E6}
04.04.2013  09:19    <DIR>          {6D5CA8A3-CE3C-4A0E-9C9A-2A4A9CC18D5A}
29.02.2012  21:06    <DIR>          {6D77A11E-BC39-4EE7-9CF7-C355DEE0E49D}
08.09.2012  23:11    <DIR>          {6D8433EC-DC1B-4146-BB24-5BCCFF5F23E0}
08.07.2013  10:48    <DIR>          {6DE4A9AF-8D25-4CED-9542-7CB91354F8E1}
15.03.2012  19:16    <DIR>          {6DF594E5-E97C-4413-9A80-F956515D2068}
23.01.2013  20:22    <DIR>          {6E35BE88-4C7C-4354-94F5-D5D07968ECA3}
13.02.2013  19:57    <DIR>          {6E84B85A-AC24-4DB9-A55E-202CFD96EAF2}
11.10.2013  03:31    <DIR>          {6E8B0A2B-13D9-426D-8006-66A72331AAAF}
02.08.2013  11:01    <DIR>          {6F20E884-8522-4EC4-B8E8-FC283F29D05E}
03.07.2012  17:36    <DIR>          {6F2DCC6C-F811-4117-BC44-1BDE9D44A6A6}
10.09.2012  22:40    <DIR>          {6F3BD267-35BA-4B4B-A8E9-8B54458E1924}
25.03.2012  08:48    <DIR>          {6F4DA0D5-56B8-4677-9919-DF7B6BF6B84E}
08.03.2013  21:01    <DIR>          {6FB52707-7E25-4C09-8E06-76C5EF0C341F}
11.11.2012  07:10    <DIR>          {7004A009-A867-4FF1-92AA-EF70C34BC66B}
21.09.2013  06:34    <DIR>          {705CA0EA-379F-400A-82F1-3D6A2B954894}
21.09.2013  19:45    <DIR>          {7063AF04-A7AF-45E6-845B-DBE1E4C8585E}
21.04.2012  17:18    <DIR>          {707D2E34-E32A-4D69-B8AC-12BFBC618088}
01.10.2012  18:31    <DIR>          {709527EB-3F9D-4643-8D64-2ECD760D8FB0}
09.09.2012  12:28    <DIR>          {70BAB5E0-77EE-41D3-8EC8-605E5DC30224}
26.04.2013  20:48    <DIR>          {70EDF966-82B8-4E31-A109-23AAFE5A3845}
13.08.2012  05:07    <DIR>          {71498F5E-B5CB-4506-A02B-CFF9F05237C6}
12.09.2013  12:36    <DIR>          {714E849C-C614-458B-88E4-2A0313C8A549}
08.12.2012  05:39    <DIR>          {717391EA-C4DA-4104-82FF-414E1FE52DC3}
14.02.2012  18:07    <DIR>          {71880780-94A7-4261-8D26-0B7BA039EB04}
03.05.2013  18:26    <DIR>          {71CBDFB4-66D3-4B27-B3EE-91A04705ED20}
27.03.2012  08:24    <DIR>          {71CD6530-BDD2-4C64-ADDC-BF8C98D97A79}
18.05.2013  05:45    <DIR>          {72C85FF4-A833-494C-99CC-A45DE26F753E}
10.03.2013  19:48    <DIR>          {72DBDDD1-7668-42DB-B334-A4C660282D6D}
26.04.2013  06:26    <DIR>          {732CE5AD-1770-413B-9469-CA3B8710BEFB}
13.04.2013  05:38    <DIR>          {73761708-D582-44A9-82B2-95F8A3A95F11}
17.03.2012  19:46    <DIR>          {7383B979-16BF-45E1-91CF-B4CEBFFBD49F}
03.07.2013  06:18    <DIR>          {73A3AB9A-7032-4803-BAFC-6842B0EF9979}
06.03.2012  07:19    <DIR>          {73A8B7C5-C710-45CF-BAF7-1E44896609AA}
09.06.2012  20:48    <DIR>          {740C3A94-FD71-44EE-864E-4644AC12AF52}
17.02.2012  07:37    <DIR>          {74238587-14FF-4887-AD07-376645A834A1}
26.06.2013  06:20    <DIR>          {742DF3C8-CEA0-4B99-87DA-3DEB188E65E4}
10.07.2012  05:06    <DIR>          {74362AD0-66BA-42C0-AAE5-CB21656044D5}
09.01.2013  13:24    <DIR>          {74A7AC4A-CF87-4E20-93F8-C9C25363A43C}
15.04.2013  12:30    <DIR>          {74D56685-CA06-4DAF-A81C-749EE33F2609}
15.10.2013  15:05    <DIR>          {74D87C96-817C-4B8D-A1A2-B1640D35A1DF}
01.12.2012  06:02    <DIR>          {74F2C5F3-A7A0-4000-B0E3-9936D9009C43}
01.05.2013  05:33    <DIR>          {751F1820-C008-4161-8EF8-360185A208A5}
19.02.2012  07:25    <DIR>          {75413B44-119C-449E-9F99-F5A1512C5877}
13.10.2012  10:26    <DIR>          {75A2C6BA-1B9F-402D-91B5-29E7B35D52E3}
08.09.2013  05:24    <DIR>          {75CD1F95-86D7-46A1-A8C6-730E7BB3339C}
28.01.2013  17:24    <DIR>          {75ED7B87-2AA5-4FE9-BA93-F189E14BB359}
02.09.2012  11:38    <DIR>          {75F651DB-ACB4-4DA7-90EB-2E0E15909042}
14.10.2013  08:31    <DIR>          {76338339-95CC-45C4-8C17-8D941BD3BC8C}
18.03.2012  09:09    <DIR>          {7655B22B-2337-4108-A1B7-3438CF94E1F9}
03.06.2013  07:41    <DIR>          {7665E3D1-16CF-4C5F-9FB0-FE4258856631}
21.01.2013  22:53    <DIR>          {7670948D-7141-4620-B432-484C521DC6E2}
13.02.2012  06:14    <DIR>          {76A674B1-9E17-4A86-889E-A7438C21C211}
20.05.2013  10:39    <DIR>          {76F54196-8BC8-4C82-8582-89A4DBE6D6A3}
25.05.2012  19:00    <DIR>          {76F7267C-4128-472E-B27D-DA18574DFEE9}
26.05.2013  06:16    <DIR>          {776A2F6B-E116-4715-9432-4A9D6DD5E013}
10.04.2013  12:18    <DIR>          {778434DD-66C5-4476-9BD7-F25942296222}
06.11.2013  20:07    <DIR>          {77A9A594-1499-448C-8F80-DC250C442244}
16.09.2012  04:34    <DIR>          {77D679D5-1339-4410-ACC5-3FD8A50D1561}
25.04.2012  05:25    <DIR>          {78450CA8-3A6C-4D11-9323-D1D984E99E9A}
20.10.2012  11:02    <DIR>          {787AD66F-EB86-44C1-82AD-97EA761AA2B6}
13.05.2013  11:20    <DIR>          {78A597F5-2EA6-4B18-8DF0-086377476F2E}
21.01.2013  07:28    <DIR>          {78F12400-C374-4434-A986-EE8986EAA6A4}
27.11.2012  19:25    <DIR>          {78FC292E-160E-4B48-85BA-3E97F0E196B7}
03.01.2013  07:40    <DIR>          {790818E1-9DF1-4075-86FB-0F51B12A91B1}
08.04.2013  13:02    <DIR>          {79A0B07A-EDC6-42EF-9D95-13BF3069DA62}
07.02.2013  19:29    <DIR>          {79A16CBC-5479-418E-B840-C612C1FA85F4}
22.05.2013  12:25    <DIR>          {79C8AD67-8160-4C72-A3C3-8CB591A3B19F}
24.08.2012  09:43    <DIR>          {7A37FC92-C083-4C01-B1FC-75B8ED0CCEBC}
12.07.2012  19:19    <DIR>          {7A387CC3-DC31-4FBF-8BE7-90D2D1C830FD}
09.02.2012  20:45    <DIR>          {7A899E9A-763E-47DF-8798-B60EA37EDCCE}
02.05.2012  11:21    <DIR>          {7A9C1DB1-7DCE-4165-B968-693960129C51}
21.10.2013  09:05    <DIR>          {7AE7F530-7A65-4D8B-95DA-F5D561DFE1AC}
10.02.2013  11:37    <DIR>          {7AEB0616-EB64-4E34-9EBC-17E2CE476C81}
24.06.2012  08:31    <DIR>          {7B1C54F0-B8E4-4906-B875-59A4B4C8A8A4}
17.02.2012  21:14    <DIR>          {7B3E1770-DB93-477F-A425-B504C8BA6F3D}
06.05.2013  19:13    <DIR>          {7B7B4809-53B7-4055-9CDA-F7FA5AEBCE2D}
27.05.2012  06:09    <DIR>          {7B89DD32-B6FB-4B18-BB39-2ACE6854F510}
26.02.2012  07:32    <DIR>          {7BAFC369-E925-48E1-85F0-9903B6995F9D}
02.07.2012  12:48    <DIR>          {7BE8A965-D1B0-4743-8893-81565C3437EB}
20.06.2013  19:26    <DIR>          {7BE97FC2-3B6E-4E85-BCEB-98764C70DE59}
26.09.2013  05:29    <DIR>          {7C9BA5CC-6B07-4990-B02D-95631F5C94C4}
30.05.2012  17:42    <DIR>          {7CDF17C1-AF49-4C1B-A722-522771F80593}
19.02.2012  07:26    <DIR>          {7CECC0CA-46FA-4D92-9204-AF59E7DB3D61}
18.04.2012  12:39    <DIR>          {7CF5F131-5C3C-4264-87FF-6FDF523DB3BE}
20.12.2012  19:52    <DIR>          {7D168C4A-3B4A-485B-8DEB-B6650B23D9FC}
22.05.2012  15:17    <DIR>          {7D461B06-0C0A-4562-91F0-B7C63B51ED0E}
26.10.2013  18:47    <DIR>          {7D4D1D94-DE7A-4C06-A299-7B3434DA44CE}
10.06.2013  17:42    <DIR>          {7D6B333E-AF84-4CB7-869C-047F83D82F72}
27.06.2013  07:32    <DIR>          {7D8A771A-1852-417E-9F51-E2D73C1C8F10}
05.12.2012  07:43    <DIR>          {7DD16AD1-F8FD-4F6F-906C-361EA62470F6}
03.10.2012  23:29    <DIR>          {7DE5A7A0-EEEB-4D77-999E-91A80BEEABA2}
26.10.2012  08:36    <DIR>          {7DF2CBF2-689B-472D-BB84-EB5E67C4E204}
15.11.2012  11:07    <DIR>          {7E2977B3-9651-48E1-A8CB-0AEF344D9ECB}
22.08.2013  08:49    <DIR>          {7E2FE0D8-6AB8-48A3-B8C9-14C09FCFE1CF}
13.10.2013  18:40    <DIR>          {7E61E30B-816A-45F6-931C-4C219696FDDE}
23.11.2012  06:27    <DIR>          {7ED13480-BEB1-49E1-97CF-0BEB5CFFC7D9}
19.11.2012  19:13    <DIR>          {7F055F63-2B9D-4E64-A8F5-70C951EFE039}
18.05.2013  20:20    <DIR>          {7F6D5B6B-2C4D-4AF1-8ED3-AC02B8CF9186}
11.06.2012  19:39    <DIR>          {7F71FF1A-2F52-4795-9FFE-29BA2036B656}
15.09.2013  19:41    <DIR>          {7F91C45B-9D7A-4F95-8C96-077F443E9DD5}
29.01.2013  07:28    <DIR>          {7FFE2CA7-0F94-49F5-8094-9C8B8D9A1DF2}
22.04.2012  11:56    <DIR>          {80172FC5-CF1F-41D1-8BB6-CE1AC4EEE154}
09.05.2012  19:23    <DIR>          {8048579B-8CF7-45A4-9FF8-231AFC5B31BE}
01.10.2012  06:16    <DIR>          {8073CB31-6CAD-46EC-9774-C4F696F0C19E}
16.10.2012  13:06    <DIR>          {80A5965E-9EBA-47ED-B6F1-4E03F96A1725}
23.05.2012  20:05    <DIR>          {80B7F3D3-3368-4D8F-A382-8E9684D32423}
04.08.2013  07:35    <DIR>          {80C98003-BDBB-42B2-94BA-25CDDB90F390}
03.05.2012  12:27    <DIR>          {80FC9205-A558-457A-A676-F8AFB521C8B4}
24.03.2012  16:39    <DIR>          {811D75A2-4A79-4115-B1F8-05EDE47F1733}
28.06.2012  20:45    <DIR>          {814376E8-2590-462C-B82C-79810870982B}
01.06.2013  19:12    <DIR>          {81509940-2596-475E-8785-0EE61BFDDE59}
21.10.2013  08:59    <DIR>          {8186B229-AD44-4962-8050-8AD631BC41B9}
15.06.2012  13:21    <DIR>          {81F4990F-7BF3-415C-BCF7-FE0C0D8728EA}
10.06.2012  18:49    <DIR>          {82272556-52CE-40A0-8B60-FEF3A1D51A2F}
15.06.2012  05:06    <DIR>          {8235ED9C-B33C-4CB5-A63D-1AF8284ADEB4}
24.04.2012  15:22    <DIR>          {827A73F6-40D2-4B84-830E-1A6AC30F4798}
22.05.2012  15:18    <DIR>          {82A1E4F3-27FA-408C-A96B-C96E9D400266}
04.12.2012  19:36    <DIR>          {82CA4DB0-18CB-4705-9954-B73FCB813748}
29.09.2013  16:44    <DIR>          {82E17F3D-345F-4857-88EC-34E5C42C65B8}
11.02.2013  21:18    <DIR>          {82F2879E-49ED-4CF9-9A19-CCF3383CD06C}
25.03.2012  08:48    <DIR>          {839128C8-7FE4-4717-8B49-2DE7E4EAAA64}
28.03.2012  06:19    <DIR>          {83F694AA-CB1D-492B-9886-42390E253895}
01.02.2013  21:03    <DIR>          {83FC8E0D-22E0-412B-9C3E-430340E35B14}
08.04.2012  08:53    <DIR>          {841746B4-A965-4987-B848-1E6779D470BD}
13.09.2012  05:14    <DIR>          {84727ED5-74B7-489F-BDBC-0907EC688313}
14.03.2013  20:00    <DIR>          {84DF1161-FD01-438C-B8F3-5E8C13D89BF6}
14.10.2012  19:04    <DIR>          {84F67BB7-1371-4972-A93C-724DCFA39B04}
15.06.2013  14:59    <DIR>          {851B5972-25A8-4B23-937E-D813A695DF16}
03.03.2012  10:49    <DIR>          {85649BE5-59B0-4600-B46F-E034DF343FCD}
26.02.2012  20:45    <DIR>          {85862D0B-5564-4B00-BA32-0389E9037896}
13.02.2012  06:15    <DIR>          {85B4B0B4-6EF9-4752-94ED-EB00D922E256}
11.11.2012  20:39    <DIR>          {85C39368-06E3-4811-8A44-C16CA128E0DD}
08.07.2012  16:25    <DIR>          {85C4AD0F-85CD-439C-AF48-232169C0A11C}
30.10.2012  01:20    <DIR>          {860627AF-BD7C-46EC-873A-6653CEDAADC0}
17.03.2012  06:25    <DIR>          {8612457C-5A8C-4176-B756-6955A7A71F31}
26.06.2013  19:32    <DIR>          {8628C3E1-B163-48A4-B1A8-DE695E17316A}
21.12.2012  11:12    <DIR>          {866CE764-B245-439C-B527-B54F286A52DC}
26.05.2013  18:32    <DIR>          {86C0684A-0A34-4A07-AFCF-43AD7C7F4220}
01.09.2013  01:33    <DIR>          {870DC35F-B93E-47B4-BDC8-4A7C57F3B4B6}
16.08.2012  04:24    <DIR>          {87100FF3-69C2-49B7-9123-3ED49979F26C}
31.12.2012  21:59    <DIR>          {873CC83D-8A88-47A2-82B1-3D1411083827}
10.04.2012  08:04    <DIR>          {875046A6-93CF-44B8-8865-7CD259836B47}
18.04.2013  18:30    <DIR>          {87518533-9F38-4AE9-B1A1-E0882148821B}
10.08.2012  05:07    <DIR>          {87D846D2-81CE-4E52-91E3-097EDB812DD5}
20.04.2012  05:05    <DIR>          {87EE70DF-7542-416B-BA18-BBA7B5C098C2}
15.11.2013  07:04    <DIR>          {880A8353-0353-4F97-9D5A-C86321AD1628}
05.08.2013  13:20    <DIR>          {88108D3E-7639-460D-A342-38C8B55CE2FF}
19.11.2013  07:17    <DIR>          {8837B2AC-E6B5-4BF1-82A0-4EA3AAD18278}
30.07.2013  04:58    <DIR>          {883C912E-6A6C-442B-AEA4-0BAECED3999D}
23.05.2012  06:15    <DIR>          {88433DA0-2D20-4FD7-B74F-49A26A361DEB}
01.09.2013  16:29    <DIR>          {885E638F-BB05-413A-966E-80082AD7A101}
20.05.2012  19:50    <DIR>          {88764BEC-9B01-4FEB-B800-4556B7F35267}
22.02.2012  19:44    <DIR>          {889437D5-0B85-48FC-A0DB-FC513241AB08}
31.10.2012  19:12    <DIR>          {88CA971F-4435-42FA-B2DD-4120E2E343DA}
02.01.2013  06:32    <DIR>          {89033B69-77AF-439C-97BE-37F899C4DB31}
31.07.2013  18:46    <DIR>          {892D79FE-DB5F-4E77-B88F-270C2D61ABD1}
10.11.2013  10:49    <DIR>          {8A0BAEE0-38D9-49C0-89F0-F6AD20B78F58}
16.05.2012  18:32    <DIR>          {8A10B336-CD98-4BC9-B27D-CE7369C65677}
14.06.2012  12:29    <DIR>          {8A4F33EF-CF38-453A-9F37-031B87368AA7}
09.11.2012  19:26    <DIR>          {8A579260-769A-4924-91D1-C8BEDA390522}
19.05.2012  12:38    <DIR>          {8A8875C4-0FB3-4E64-9BF8-F9753A1ACAD1}
12.12.2012  18:48    <DIR>          {8ACFD3D5-B1CA-4000-87D6-F697537362E4}
02.03.2012  07:14    <DIR>          {8ADBD2C1-BED7-4CCE-BC5A-0B3B850A9E68}
14.09.2012  08:03    <DIR>          {8B1EA341-BD21-4C0D-9F56-A81F2864C93D}
23.02.2013  08:13    <DIR>          {8B9B3822-45F1-4F95-97E0-74722BC37008}
24.12.2012  19:07    <DIR>          {8BFDAC9D-F0EC-48E6-8308-42508FCA98A1}
18.02.2013  18:38    <DIR>          {8C168A50-E24C-4A5A-B664-FAFDC3C8E924}
12.11.2013  20:32    <DIR>          {8C3C9B20-6838-4BDC-A441-BB6D35C7550C}
25.06.2012  05:07    <DIR>          {8C8779B7-E70B-470E-B02C-E311538A72D7}
27.02.2012  13:34    <DIR>          {8CA2F0F1-53DB-4353-8A41-BF1076FDF10D}
18.03.2013  07:27    <DIR>          {8CC409E9-1FD2-4362-A891-19935C50ADD6}
30.05.2012  17:42    <DIR>          {8D366742-27EB-4963-BF58-96BC5C7E15A8}
03.09.2013  06:17    <DIR>          {8D49AD90-4D58-449C-89C2-5D5A4659ECFD}
03.08.2013  17:29    <DIR>          {8D52E188-AB43-40ED-80A7-3362E0585C26}
23.06.2012  20:28    <DIR>          {8D5748A4-655A-43FA-90F3-BA6D919238A8}
11.05.2012  05:36    <DIR>          {8D59B2AC-8E33-4B42-B109-1C385DDCB8B2}
29.04.2012  11:12    <DIR>          {8D6061B8-F156-4CFF-BF26-FCB34466F925}
23.06.2013  07:55    <DIR>          {8E3B38CC-4660-45CB-946F-B76556C9EF46}
07.01.2013  07:29    <DIR>          {8E55D082-5007-4AF8-969E-3E6D5B193DDE}
16.07.2012  17:39    <DIR>          {8E9EDDB0-0C55-449B-839D-B39A4501B4CA}
26.04.2012  05:23    <DIR>          {8EC7704F-A99E-425A-A796-58DD9C3433E5}
19.04.2012  20:29    <DIR>          {8EFEEE02-B692-40CB-8AEC-7593B6E28EC3}
03.04.2012  05:06    <DIR>          {8F1A2428-6B07-4690-A2EC-D3262CDA8FE2}
08.10.2013  13:05    <DIR>          {8F4F68DE-A957-423A-93C2-3B9A78EAD657}
03.05.2013  06:22    <DIR>          {8F6B0FA1-12AE-4FC9-A01E-1FCD5FAE4D9D}
22.06.2012  12:32    <DIR>          {8F7A68D0-1968-4F6C-BC6E-1BB8368D2B88}
09.03.2013  09:01    <DIR>          {8F9374A8-525E-42C7-B76F-746ACC1FF769}
28.02.2012  21:26    <DIR>          {8FF44351-C77C-438B-BD97-7BAF86EB276B}
19.04.2012  09:12    <DIR>          {9066C07E-6CFC-444A-8A59-980DE411A8AA}
19.03.2012  19:58    <DIR>          {9081A97F-056C-4801-9BC3-20CE7AAE50B3}
24.05.2013  10:07    <DIR>          {90855546-4871-473D-A0C5-94C17BF20E36}
02.05.2012  19:23    <DIR>          {909936BE-EE3E-494D-9956-935866C84AB0}
28.05.2012  20:05    <DIR>          {90CF9E1F-142D-4EC4-B7CD-4217D3C3AD7D}
20.03.2012  08:48    <DIR>          {90F09FA3-5467-4BDA-82FF-CB63F7E45BB5}
25.02.2012  05:39    <DIR>          {91021DBF-80E3-4EF3-A1C2-906771E067F4}
24.10.2013  08:04    <DIR>          {911B80BA-C940-4B92-889F-D4C5E3CE61C3}
23.06.2012  07:20    <DIR>          {9147788C-9B3D-44F5-A8ED-07D4579CAA90}
12.03.2013  16:14    <DIR>          {91759471-932A-4EB6-9518-05AD41703B41}
09.08.2012  09:02    <DIR>          {91859221-56BA-4370-B5B4-E1BC91B3C52D}
07.09.2012  09:13    <DIR>          {91A4176C-71FA-48E3-AA8A-5CE84C5BB575}
04.07.2012  12:41    <DIR>          {91BDB44E-1B1C-4F54-91D0-6F650FD3742C}
24.05.2012  16:51    <DIR>          {91CD39C2-A1DB-41C3-B025-8E2C40CB2F58}
11.06.2013  06:19    <DIR>          {91D94EA2-05D1-4F7B-9E6F-D9ECA2060FA8}
06.11.2012  19:36    <DIR>          {91F7E0BF-A553-4CD4-8C35-38F89B96A619}
16.07.2012  04:57    <DIR>          {91FC6DB2-9827-4DA5-BAD3-D9181411E303}
18.05.2012  20:15    <DIR>          {921E3514-2C11-44A4-9667-01924263C21E}
16.03.2013  10:08    <DIR>          {92A447F8-8881-43EE-9512-585C9CDA6B11}
02.10.2012  07:18    <DIR>          {92B6554C-7AB9-476E-B098-00D5585A72F7}
06.08.2013  02:40    <DIR>          {935B8071-5783-484E-A326-DB7E16F4C701}
20.03.2012  08:48    <DIR>          {936FE1A3-654E-4EE3-90B2-6B1057B7A8EF}
06.10.2013  01:07    <DIR>          {93957C3F-0C25-4C88-B988-05FBB892D924}
20.09.2013  02:03    <DIR>          {93A73910-813A-49E0-9DF6-0433F856DDC6}
20.12.2012  07:26    <DIR>          {94825BEF-3DA5-4059-88B5-EEDA2E5806C1}
19.04.2012  05:06    <DIR>          {94A99DF0-5F2E-4D37-8602-CEA1BAFEBB98}
25.06.2012  05:07    <DIR>          {94B6BEBC-3E99-4B5C-B4F9-7484FD77433F}
20.05.2012  05:18    <DIR>          {94DCC2B7-8B5D-4A69-A20D-8F81299AC4F4}
31.05.2012  09:24    <DIR>          {950F7409-CEA5-4252-8CF4-B9D5484F54DB}
23.05.2013  06:26    <DIR>          {952CFD0C-9500-4603-B87C-E55ACC98D5C2}
29.06.2012  16:10    <DIR>          {952D9FBE-01BD-4727-86E0-FFA90A5C212D}
17.07.2012  09:33    <DIR>          {9553F53E-E486-46A8-9D49-42A4A4410EB8}
31.10.2013  08:55    <DIR>          {958A8BDF-8A65-49C4-9D74-6B205382CE6B}
09.11.2013  03:56    <DIR>          {95B2266A-5D9A-42D9-9CF7-B2B5C82A08D5}
09.07.2012  05:06    <DIR>          {95BA2915-2D0B-4439-B2AA-8049EF87291F}
08.01.2013  21:08    <DIR>          {95C8FC7F-8495-4F96-AD2F-9A0A5870F9E6}
03.03.2013  21:31    <DIR>          {96131794-DA5D-4521-9A7E-2D606E21FBB3}
06.06.2013  06:03    <DIR>          {962BB619-1BCC-4382-A5E4-E329B2B4FACE}
18.12.2012  08:09    <DIR>          {963ECDBA-1284-45FB-B0E4-B151A2DEF1AF}
21.04.2012  17:18    <DIR>          {96964C6D-CDB8-498F-AC84-85183DFCBA2B}
07.10.2012  04:51    <DIR>          {96A8BF7B-DC07-4884-A5B0-012EF0574CD9}
09.05.2012  05:09    <DIR>          {977D7065-E886-4995-BF25-556BE214B03D}
19.06.2012  11:05    <DIR>          {9783B27D-E03D-4360-9EC8-7A82BE539803}
14.06.2012  12:29    <DIR>          {978F315A-9EE9-4A58-BCE7-9F8F4CE5B4AE}
27.06.2012  19:21    <DIR>          {97BCE9F9-8A83-4F73-B517-F1C64D8B54F2}
26.12.2012  08:31    <DIR>          {982E7E4D-AA59-4F49-9C57-06539A09FF6A}
17.02.2013  09:28    <DIR>          {982F0A82-8E83-47A9-84F9-3D5D52F9D219}
28.09.2013  16:48    <DIR>          {98A85031-2173-4342-8035-0FDB5038DE87}
16.06.2013  08:00    <DIR>          {98B46117-1DEC-4621-9989-35E5F2CB3F18}
18.08.2013  12:18    <DIR>          {98B7961A-3D69-4939-9E63-0BBF96033484}
20.10.2013  08:23    <DIR>          {98FAC5AB-B185-49EE-994F-64D45F1E5829}
23.10.2013  06:08    <DIR>          {990C7BB8-530E-42A4-972E-4F2DE640626C}
14.08.2012  05:07    <DIR>          {991C7045-6465-4593-86ED-1EED62F2E003}
23.08.2012  07:21    <DIR>          {992939CA-B342-4FFA-9245-0DEE47CD4A54}
04.06.2012  14:00    <DIR>          {992D0F76-7FC7-4FBE-ACB1-BDC466509C08}
03.10.2012  19:34    <DIR>          {99721697-7A7F-4D40-A155-1AF2B4DBE064}
15.02.2013  08:35    <DIR>          {99A9BFBF-9A98-42B1-BED9-4665CBC2439F}
21.01.2013  08:26    <DIR>          {99AB6493-B0E3-4243-9C49-573CFF7D5BDD}
28.07.2013  06:54    <DIR>          {99F51E58-784D-4E9C-BD24-6A75DD317CBD}
04.02.2013  20:28    <DIR>          {9A1133CF-2B41-4E1A-8E21-ECEC413BE5A2}
23.03.2012  08:35    <DIR>          {9A142F1D-D066-4B02-91CA-96F35D5B2CD2}
05.09.2012  08:33    <DIR>          {9A5645B8-5558-4F49-A36A-DFA565EFB423}
17.10.2013  06:16    <DIR>          {9AB68C72-7EE1-489C-8562-A049A9C6680F}
17.10.2012  18:37    <DIR>          {9B768336-1D27-4ECF-9DC7-F9F46D65CFBD}
20.04.2013  19:54    <DIR>          {9C6152C3-5460-4FF4-A4FA-6DA850E93AB8}
14.03.2012  05:33    <DIR>          {9C800A02-A9CD-4DA7-BED2-E3E7095FE30E}
26.02.2013  20:55    <DIR>          {9C9AEC57-A12B-48A5-A51A-E78633025303}
05.08.2012  00:00    <DIR>          {9CDB88BA-A415-4412-B9C5-1EBAB4164474}
23.02.2012  21:05    <DIR>          {9D3479EA-71C4-4BE0-8060-632E6737D8A4}
16.08.2013  06:54    <DIR>          {9D584A2B-EF00-4AD5-825F-D3BD24D2220B}
09.02.2012  06:26    <DIR>          {9D91991F-ACC6-4298-BBB0-7504FC67736F}
22.04.2013  18:01    <DIR>          {9D9D8AAF-980A-4E11-8E1C-33D392004E32}
26.03.2012  12:44    <DIR>          {9D9DEA2B-4DFD-4BF2-8E7F-86DEBF4F0666}
13.08.2013  18:05    <DIR>          {9DBFBA6A-1DE3-47E6-BD1D-1A58E07D4BF3}
06.12.2012  05:47    <DIR>          {9DC2BA86-F146-40A4-80B1-A0F493499B68}
20.02.2012  14:42    <DIR>          {9E46B3AB-A3D0-4473-8575-768AA8215A3C}
06.06.2012  05:22    <DIR>          {9E6A21F6-376A-4854-AA44-1B5EA7E3206D}
07.08.2012  17:15    <DIR>          {9F09A891-D1A6-4C65-93DF-95AE01EF172F}
29.04.2012  08:39    <DIR>          {9F88E3F2-BD0E-4553-86D6-BD79BD814055}
15.08.2012  05:06    <DIR>          {9FA307DB-2DBB-4909-B4A6-458605880F70}
09.05.2012  05:09    <DIR>          {9FA53D1E-0596-4CFB-972D-F94751061354}
26.08.2013  16:55    <DIR>          {9FD54D03-6321-4E8B-AE99-A651EE58C1E3}
04.07.2012  22:34    <DIR>          {9FF93B04-ADC2-475C-A489-7DCC2ACA7DA3}
12.05.2013  19:15    <DIR>          {A04CFAD4-AA55-433D-A6FD-160B0C14892A}
10.01.2013  19:44    <DIR>          {A0682DF6-152E-4843-B715-FBB3EE6D3D81}
15.06.2013  01:17    <DIR>          {A08581E1-3D25-49F1-AF1C-A50FE44FD14A}
24.04.2012  05:57    <DIR>          {A0A0E329-582A-4F2C-A1F9-91D6859EF7F6}
04.06.2012  14:00    <DIR>          {A0ACA8D5-0F34-425D-AC2D-5C7BB318EE4C}
14.03.2013  07:26    <DIR>          {A0C0FE72-6156-4E54-9035-44C2996F43E3}
24.03.2012  16:39    <DIR>          {A0FB4901-8C82-44C5-9A1C-FDBB60AC60D6}
03.05.2012  11:56    <DIR>          {A0FDED46-530D-4FAE-AC01-D390DAB14815}
06.03.2013  08:21    <DIR>          {A120F615-D4B3-46A7-BA97-4493C4BE8E43}
23.01.2013  08:21    <DIR>          {A1A29A5C-F37F-48F9-A188-2274665138E7}
08.03.2012  07:17    <DIR>          {A1B652BB-B399-43C8-8D8F-96C87417972F}
07.03.2013  09:13    <DIR>          {A1CF9212-EC7D-40C9-9F9F-CB97AAF82030}
01.01.2013  11:10    <DIR>          {A1DC9227-CBD6-49F9-A995-30F0A1766F24}
21.09.2012  03:59    <DIR>          {A1E4205A-E0F4-4D27-9841-FA2049E4BA7B}
20.08.2013  16:55    <DIR>          {A20F147E-7047-409D-B888-AE63D6632B80}
09.03.2012  22:36    <DIR>          {A22D3B51-5F26-4274-8A88-F375521A8149}
15.10.2012  23:28    <DIR>          {A2859051-E944-404E-B3DD-5A6CFF056688}
27.11.2012  07:25    <DIR>          {A2EAE6A7-B4BA-402D-8B89-032DA631F2D9}
28.12.2012  16:37    <DIR>          {A32657FB-B04D-40AB-BBB7-3B837B6A5B6B}
30.10.2013  20:25    <DIR>          {A366A1C4-BF48-4E9A-AD64-52C553D26DA9}
24.09.2013  19:43    <DIR>          {A39BD5EF-5DE1-4D4C-B788-64E018FBEB61}
26.04.2012  12:27    <DIR>          {A40EA21B-8F1E-4981-AB78-8B6E01D78506}
05.02.2013  10:24    <DIR>          {A41DF9F5-2721-467B-AFDF-4245DF3BA000}
01.07.2013  06:02    <DIR>          {A4B700BA-2E6C-4CDF-92B4-7545F2866699}
21.11.2012  08:10    <DIR>          {A4FCBD25-8CF7-4106-9089-E4E41A1A7C46}
09.08.2012  09:02    <DIR>          {A54CF6EE-7D60-454E-83C2-38E65A0B7DA8}
07.05.2012  05:34    <DIR>          {A551F121-427E-4367-B563-6307FD9B9627}
27.11.2013  20:16    <DIR>          {A57863EE-1891-456E-983D-069E6D060F66}
18.02.2012  09:15    <DIR>          {A57FEF0B-110B-4C7D-B349-EB874B547A8D}
19.12.2012  13:18    <DIR>          {A58037C5-07B8-494D-B3EE-CB6654A1347D}
02.05.2012  11:13    <DIR>          {A5ECF0C4-70F3-458F-AF86-BB2F6FF0D082}
19.03.2013  13:27    <DIR>          {A6A5ADD7-E243-4999-A004-F8B886F44EC2}
20.10.2013  20:47    <DIR>          {A6D8F89B-55DE-4C8E-A50D-DD19735E479E}
24.10.2013  08:14    <DIR>          {A7288CBC-3ABD-4596-94A7-F8E0158299A9}
07.02.2013  06:18    <DIR>          {A75DCF39-FE35-4D46-ACDA-F0D251BB16E0}
25.01.2013  20:23    <DIR>          {A77E502B-3949-4EC1-94F3-0A492D33B853}
24.11.2012  21:08    <DIR>          {A7C148BC-F246-40F9-98C2-D47F008E0C24}
20.02.2012  14:42    <DIR>          {A7FF0AEC-4122-4227-9FBF-D5FD15F020FF}
05.07.2012  13:35    <DIR>          {A80DABB4-BE0F-4D7C-96FB-1DFB1289C08F}
01.03.2012  07:18    <DIR>          {A8476507-196A-479E-A936-0B50F274E063}
21.03.2012  04:39    <DIR>          {A859F1E1-EFDF-4194-8921-33DF689AE2A8}
17.03.2012  19:46    <DIR>          {A8818461-6124-4F8C-9D71-F90F9A6ABB47}
12.03.2012  20:34    <DIR>          {A8B1AE99-4646-4EF7-923B-1F6DC228B958}
22.10.2013  04:34    <DIR>          {A8BD5399-A4D3-4D32-A768-EFC13449CAFF}
06.04.2012  12:48    <DIR>          {A9233947-6983-45EC-82A1-23AF8C05FFBE}
13.06.2012  20:01    <DIR>          {A9786A7B-DFB8-49BD-81BE-F90B9848551D}
24.05.2013  16:15    <DIR>          {A9B4EC65-1D53-46E2-B872-EA3C4601152D}
30.10.2012  13:57    <DIR>          {AA2F53AC-C557-4733-9408-D97A6B2E7E4C}
26.10.2013  06:09    <DIR>          {AA746728-3BB7-4297-9082-BE06B4D08198}
13.04.2012  09:40    <DIR>          {AA77C2AA-3202-4D34-AA04-10ACCDF6DB03}
10.07.2012  19:07    <DIR>          {AA7A7232-C2E4-4B54-BEC1-8C969D0C3875}
28.08.2013  20:12    <DIR>          {AA88E5C0-C7D6-4B3C-9CFD-13A39AAC1FF2}
12.05.2012  11:46    <DIR>          {AAB88B6D-AC5C-4D05-88E8-C76761756C2E}
23.10.2013  19:15    <DIR>          {AB4DE2AD-F924-4246-84BE-B43E9A09B654}
15.10.2012  08:17    <DIR>          {ABC0372C-57D4-44B6-9997-15D211162F56}
18.12.2012  23:07    <DIR>          {ABCCA976-6DEA-4F95-A34D-067776B0079D}
09.02.2012  06:26    <DIR>          {ABD66E2E-8949-4DE1-BE68-CFAA20BA5245}
16.01.2013  18:41    <DIR>          {AC5DC05B-7BE3-42C1-997C-4FC01796390F}
12.10.2012  22:05    <DIR>          {AC81868F-6B5C-4DD3-A35E-3CDC738FD987}
26.06.2012  11:25    <DIR>          {ACBD242D-D26D-40A0-A396-6335B488F245}
13.05.2012  18:52    <DIR>          {ACC82C58-BF42-4491-B902-23D4EA847F46}
16.09.2012  18:20    <DIR>          {ACD4FC9F-E416-4DE5-B882-78334EDBA66B}
29.04.2012  11:14    <DIR>          {AD41363B-0EBA-417E-969E-41F2F41C74BA}
05.09.2013  18:04    <DIR>          {AD5922FA-316C-4152-8686-104F5DD7CE7B}
18.09.2012  04:58    <DIR>          {AD7B6971-2765-4572-9408-93AE9EBB0643}
16.02.2013  06:58    <DIR>          {ADAD6F6C-BC11-488A-85C2-CCB2A34599C1}
12.05.2013  04:46    <DIR>          {ADB255F9-C889-4DEB-B772-6A50FE0FE68D}
28.05.2012  20:06    <DIR>          {AE0A1290-6AE0-4B4F-A025-EFEC7CA27DBC}
13.03.2012  14:41    <DIR>          {AE216EB4-6173-45FE-869B-7EDA32972DF9}
26.09.2012  11:57    <DIR>          {AE2E85D3-8773-43BB-989F-0D2D595CD4F9}
17.03.2013  17:10    <DIR>          {AE8AB222-25F1-4E0A-B10B-D2D7BC53FB4E}
20.03.2013  06:47    <DIR>          {AE8EA0BF-CB5A-4495-9DF1-DC0CF1ACE165}
18.05.2012  06:07    <DIR>          {AE8F0398-7988-40C7-A72D-0642D71A7366}
10.08.2012  05:07    <DIR>          {AE9E6C05-8CD5-475B-88F8-0E1D8EBED4ED}
30.01.2013  13:55    <DIR>          {AEC767B9-AAF9-453A-A3B2-DAA1747385DE}
07.12.2012  12:07    <DIR>          {AF09F085-BE7D-4192-8A9C-C4B1B6F7DE2D}
05.08.2012  14:52    <DIR>          {AF8E3918-0A1F-4CBF-BB5B-8DA23110C58F}
02.01.2013  18:52    <DIR>          {AF8FB281-7EFF-4DD4-9678-B9E095043A0D}
22.11.2013  05:49    <DIR>          {AFF5A888-F09A-4CB0-A18D-7E016D869954}
18.04.2012  06:08    <DIR>          {B0372699-1875-4032-89EE-F595BFBA23E3}
17.02.2012  21:14    <DIR>          {B0419BCA-EC0D-4B2E-B7F1-B4F493840C98}
13.08.2013  05:24    <DIR>          {B06189EB-0282-4045-88DB-F125FBDF1FE7}
27.04.2012  05:06    <DIR>          {B079AED1-D934-4F30-89E3-F35C153025C3}
22.12.2012  14:38    <DIR>          {B0B9F15F-05AF-44A7-8F19-7B74AD1DAEDC}
28.04.2013  10:04    <DIR>          {B0C5F2A3-6EC7-463D-8661-BB0CFA3A2ED3}
26.11.2013  19:24    <DIR>          {B0D1ECFF-E6ED-4FF6-8B8C-B6D1C7C426AD}
24.11.2012  07:13    <DIR>          {B0F798DE-F026-4200-8DE5-0546C2C8059D}
20.04.2012  05:06    <DIR>          {B1174DF4-838F-4FCD-9BB2-0C197CD54FDE}
27.08.2013  19:16    <DIR>          {B18080E7-74B5-4DBF-AB9F-4A21C006380E}
02.11.2013  20:55    <DIR>          {B191E054-0E84-437F-A1ED-463EA44E0095}
06.07.2012  05:08    <DIR>          {B1941D68-D788-485B-891B-0AE0C5EE39CD}
22.01.2013  11:54    <DIR>          {B1F44F8C-B6F3-4FD1-960D-885A353FA35C}
25.09.2012  05:33    <DIR>          {B22480A2-1BB1-47E3-AD5B-73A9EBDBFB14}
08.11.2013  11:43    <DIR>          {B283D118-FD20-4DF2-8ED9-CD58274B0E16}
11.06.2012  19:39    <DIR>          {B287C47E-92A7-4E4C-B69B-C3AEA9200E56}
05.07.2013  06:01    <DIR>          {B2A8589B-866D-4302-80DB-F62490909D3C}
18.01.2013  20:48    <DIR>          {B2BBEA28-CCEE-44F2-9D99-CA070A40180E}
22.05.2012  02:39    <DIR>          {B3A33D36-4A9B-493D-BDA9-59BA54B85FF1}
10.08.2013  06:19    <DIR>          {B3AF4AB9-5C7D-4100-B71B-DACE573DB803}
19.08.2013  12:51    <DIR>          {B3BA7C1D-6E73-4360-AFD6-1AF512B276D9}
28.09.2012  12:46    <DIR>          {B402850F-B7CD-4747-900D-546856248D82}
28.05.2012  07:35    <DIR>          {B4211EF3-6BD4-4D3E-8612-358C284207A1}
15.09.2012  01:55    <DIR>          {B49157BE-D28B-41EA-ABD8-DD918D8A19B2}
14.11.2012  07:02    <DIR>          {B4AD3C8C-BFF0-4C39-A6AD-49DEBC684DDE}
08.08.2012  18:36    <DIR>          {B4B9E2CC-C29A-413D-ADAA-E29370175D42}
28.03.2013  15:42    <DIR>          {B4DE8212-B5A8-4B7D-AB02-8EF57FC3BA92}
10.08.2012  17:18    <DIR>          {B4F6AB52-35F3-4252-AAFC-B8D22400A6AA}
22.03.2013  08:07    <DIR>          {B4FBC0ED-BC9A-4411-A0F8-1809BFB66FF5}
11.03.2013  07:48    <DIR>          {B511FEE9-4FC4-4E0E-AD89-23DAF2631D25}
29.05.2013  07:00    <DIR>          {B5193055-753E-483C-9B53-EA02BBB8AB4A}
03.12.2012  18:21    <DIR>          {B52E1E3C-9FAF-449D-82BD-5B0B84845DA3}
23.04.2012  05:05    <DIR>          {B580A8D9-FE95-44D2-B558-89B70638DBA0}
02.05.2013  12:21    <DIR>          {B5A834E6-8A01-4BEA-B914-C4689EC3C055}
25.04.2012  13:42    <DIR>          {B6294EB1-4D7E-4648-8972-577621D8EF03}
30.05.2012  05:12    <DIR>          {B68F7A31-E85A-4900-AC49-B7A75707D399}
30.11.2012  04:16    <DIR>          {B6EA667E-5EB3-417E-960F-A56DE33FE17F}
18.06.2013  06:02    <DIR>          {B73DAC7A-84F2-4A11-B105-AF0FF2D121B0}
28.05.2013  18:17    <DIR>          {B7474827-F4B5-4DC1-9974-770E2F4DDF0B}
13.07.2012  12:38    <DIR>          {B76C4B70-6BA8-4BA6-B406-B4FA19243CC9}
07.05.2012  05:34    <DIR>          {B77A7A7D-02CC-4DCD-8170-F72377849224}
19.08.2012  04:59    <DIR>          {B794D9F4-7EC8-48C9-8602-786551BB2B04}
15.03.2012  19:16    <DIR>          {B7D7907B-85F9-4C4B-BB9D-AB481CC5C029}
02.03.2013  22:57    <DIR>          {B91D84D3-0D4F-45CA-BC96-5DE0A23677E1}
15.12.2012  07:27    <DIR>          {B92FDBD2-624C-47C5-A615-5C74F6733384}
06.05.2012  10:30    <DIR>          {B9312A20-3FDC-4EA6-A429-682F88564189}
17.04.2012  12:58    <DIR>          {B9BED59F-6557-4054-ABE9-6AA0B335B6E1}
13.09.2013  05:17    <DIR>          {B9D0D7E7-6F1B-49DE-BC5F-2BFB9D994EE1}
07.05.2012  19:04    <DIR>          {BA2CE65D-825A-4D55-A671-4DE451F12C71}
11.02.2012  18:58    <DIR>          {BA407EDE-4ECD-4000-83E5-BEABB3A47536}
21.05.2013  18:51    <DIR>          {BA45769B-433D-4CA5-8D0C-005A4F0AB779}
29.12.2012  20:32    <DIR>          {BA8D4B3A-BC63-4894-BBEE-467B6BC5D80F}
09.07.2012  05:06    <DIR>          {BABF887F-C5C8-4A2C-B382-50A23ABD0C28}
03.12.2012  06:20    <DIR>          {BACED136-34DC-4BD0-BD3E-4B5630972F2E}
11.04.2013  06:28    <DIR>          {BB03C2CF-3F02-4353-8A3E-129C5176F028}
14.10.2013  20:35    <DIR>          {BB4E3EFF-8728-45D7-8E47-6747907D7979}
07.04.2013  10:09    <DIR>          {BB90A368-B6C7-435F-BD1D-B3B0E3906308}
20.04.2012  21:26    <DIR>          {BB98AA9E-24E6-4E7E-906B-C246B8056C64}
10.08.2013  20:21    <DIR>          {BB99A914-CA87-484E-9835-4848974B04ED}
03.09.2012  07:53    <DIR>          {BBAA1E71-92EE-4055-AC18-A704DB62E2C4}
30.03.2013  09:48    <DIR>          {BC113D6C-0EA2-4235-9E08-1C50BFD85B86}
18.03.2013  20:11    <DIR>          {BC1ECF18-89A1-49E6-A99F-A336F6431317}
16.07.2012  20:41    <DIR>          {BC90A204-26E2-48E6-BEE2-ADAE45983D3F}
04.11.2012  06:29    <DIR>          {BCA2A64D-C731-4A00-9B67-FBD1B68CF9C2}
02.07.2012  12:48    <DIR>          {BD1D9C94-6C7B-4A44-A74C-B2752E0FED2B}
03.07.2012  05:02    <DIR>          {BD24991D-C882-4651-8D43-41E1A156F3BF}
06.09.2013  20:22    <DIR>          {BD37A452-CB0A-4F31-B2BC-6BD9458B4CB1}
22.09.2012  06:05    <DIR>          {BD6E6828-93E4-45A4-81A5-42AD0375F341}
03.05.2012  11:56    <DIR>          {BD8127D4-B99B-4617-BB04-FF2276018D39}
05.09.2013  05:31    <DIR>          {BDD5F93E-FDCF-4E7A-A3DC-D4F0E3560B75}
01.01.2013  11:07    <DIR>          {BDDC7BBE-B8B3-4D0F-A38E-CDD514FD168A}
30.04.2013  13:00    <DIR>          {BDF7BBE3-E38D-487C-BC00-DED78351DE2C}
05.11.2012  14:00    <DIR>          {BE175A24-3A0E-4BFE-A1D7-E9EB5A62ECE8}
08.08.2012  18:36    <DIR>          {BE264B2D-D724-4912-83E3-87BB9FCBBD30}
30.05.2013  08:25    <DIR>          {BE5E8A70-E188-4169-AA16-D627FDD9A9A8}
26.06.2012  13:06    <DIR>          {BE711FE6-B581-4FE7-84EE-C0E445E89CD8}
23.06.2013  19:56    <DIR>          {BE9DCB1B-9FA6-4A9F-BDB8-8E8C5E3877A8}
22.04.2012  18:21    <DIR>          {BF026668-0594-47AC-94CF-D936437FC02A}
18.01.2013  07:36    <DIR>          {BF39F883-92DE-48E6-BF62-B0805A6548D0}
04.08.2012  06:33    <DIR>          {BF3FBC1D-8283-4D80-AD37-3683B64B4C47}
16.05.2012  06:11    <DIR>          {BF7662C8-A24C-4EDA-9EE9-FAA9911634BE}
10.06.2012  18:49    <DIR>          {BFAEB07D-7A11-4ACC-9A00-0D7C7D6A5F24}
27.05.2012  19:34    <DIR>          {BFCFCE4E-96CD-42D2-8D60-447D2037AD04}
19.10.2012  08:38    <DIR>          {BFDA933A-9350-46B3-BFAE-0D4C6C49D13A}
10.09.2012  08:07    <DIR>          {BFF5264A-71DE-4C4A-BC7F-C887DC4AA57F}
11.07.2012  12:49    <DIR>          {C0C9083B-B870-4304-809D-E2BAEC59D563}
27.03.2013  20:26    <DIR>          {C0E24250-2B2E-43EE-996A-8CED6B03E6DE}
15.05.2012  17:14    <DIR>          {C0F5E243-66BD-46E8-9B19-C30A2F8A6730}
12.04.2013  09:36    <DIR>          {C1C9666F-1F0C-4517-BE36-974D25B35461}
23.09.2012  05:56    <DIR>          {C1FE8DE2-7D6A-4E86-BEF9-1B3965ACF3CD}
07.07.2012  17:54    <DIR>          {C2045AB7-2F21-4ECA-A35C-1228042387FF}
01.06.2013  20:46    <DIR>          {C270C08E-B34D-4220-BF77-C600CC9A18C2}
21.10.2012  19:50    <DIR>          {C2AC4C3C-50F8-405A-ABEE-92551DE168DB}
23.04.2012  13:50    <DIR>          {C2FFF347-DA0E-4A11-87B4-3E09442AB4C7}
01.07.2012  20:00    <DIR>          {C317208A-1702-4D02-99EF-6821F7BFD077}
11.05.2012  05:35    <DIR>          {C369A504-F998-4C6D-A8B7-EAB17F8EF757}
18.03.2012  09:09    <DIR>          {C36E261F-F8B0-4133-A87F-939062073650}
29.12.2012  06:09    <DIR>          {C3D1EE54-1811-4999-908E-2E157E01B713}
13.06.2012  05:20    <DIR>          {C3EF3FD3-C4F5-433B-A3D7-BE76F903E35C}
31.01.2013  05:11    <DIR>          {C405F3D9-1B89-44A0-ABD3-C229C8F01B16}
16.02.2012  06:10    <DIR>          {C428761D-BA65-436C-8A31-F90BE7F37ED7}
23.03.2012  08:36    <DIR>          {C46A08CF-F2D4-4864-96D1-8AB64CBA4F7D}
26.12.2012  01:26    <DIR>          {C4A97BD5-1C61-4506-BC58-243B026596F9}
30.04.2012  05:08    <DIR>          {C4B08EEE-FA17-42E1-B872-4D5E3A11D24E}
07.06.2013  08:07    <DIR>          {C58707DC-9D33-4CFB-AA14-68F296A6EA82}
13.02.2013  05:18    <DIR>          {C5A64EC5-1FA9-489D-9410-0028CD6F373B}
13.08.2012  05:07    <DIR>          {C5A7D551-58BB-4CAB-8D86-C83BF8679917}
03.07.2012  17:36    <DIR>          {C5A9DE16-D490-45BB-BA35-1DCD94EFE8C2}
20.08.2012  13:04    <DIR>          {C5D8B184-A508-4A7F-A2DD-35A4DF9636E1}
26.05.2012  09:44    <DIR>          {C614675B-C54B-43F1-BD16-789C3D93C855}
24.03.2013  06:55    <DIR>          {C6351A86-5737-4817-A09A-F8D74A5092AE}
22.05.2012  02:39    <DIR>          {C63841E5-D6F8-4C3C-B969-B50CFCB14457}
01.05.2013  17:40    <DIR>          {C6453F63-237E-4784-B484-E625C1E37385}
21.11.2013  13:26    <DIR>          {C669B471-471E-48AA-AD7D-93BFE15C5D5F}
25.01.2013  05:51    <DIR>          {C6743065-1F4F-495D-A382-FE30D69E5831}
23.05.2012  06:14    <DIR>          {C6780832-8140-4293-8C9A-23AF621F1184}
12.08.2012  06:28    <DIR>          {C6B9AE2C-EFEC-4733-B6F4-88555C40C8B2}
26.03.2012  12:44    <DIR>          {C7097E7E-8263-452F-9A05-FD0A056E59C0}
14.05.2012  06:53    <DIR>          {C709EBE4-BDD8-4527-A4F4-4607586CBF27}
17.07.2012  09:32    <DIR>          {C729984C-A0C8-4E9A-BC21-FF1C49133BA8}
25.12.2012  08:19    <DIR>          {C77CD7D2-5664-4578-92BA-161F1D2A64D0}
27.05.2012  06:09    <DIR>          {C78F5E78-E2E0-4CDC-908F-5FE64FBEE8DE}
16.02.2012  19:36    <DIR>          {C7ED6BCD-6657-44BD-A87C-8520DABF7D8D}
23.11.2013  09:20    <DIR>          {C80C88B4-83E9-46D3-844F-20EE1419611C}
15.08.2013  18:53    <DIR>          {C85B8906-4071-4A85-82AA-262A873F44D2}
09.12.2012  12:55    <DIR>          {C8918093-095D-432F-995D-CEC768DCCD1E}
17.01.2013  19:35    <DIR>          {C8AA0637-08A8-426B-A46C-85C5055327A5}
30.09.2013  20:23    <DIR>          {C8C86BD3-5B07-4D87-96BD-C67844322DF0}
03.10.2013  22:10    <DIR>          {C908D04B-96AE-4B49-8002-F14B8B825C28}
21.06.2013  11:40    <DIR>          {C9096DFA-AA73-4135-AED5-0AF95AA97FB4}
13.04.2013  17:57    <DIR>          {C97BF2E3-9969-48F4-AC41-52D50BFE12B0}
26.03.2013  19:41    <DIR>          {C995FBE8-74D4-41DC-911C-D261C350F929}
27.09.2013  08:00    <DIR>          {C99B6897-6CDC-4272-A733-A1CC712ABED6}
10.10.2012  04:40    <DIR>          {C9AF62E2-BCC5-433F-ABC7-DFBEB2957E5D}
13.06.2013  17:58    <DIR>          {C9B87C0C-BAF7-4733-9848-6F98231D8E2C}
31.12.2012  06:28    <DIR>          {C9C08444-FB3B-4944-9C5C-829D45D65415}
01.03.2013  20:59    <DIR>          {CA3CAF59-C2FE-48BB-AF12-8A00D68EEE23}
07.03.2012  05:19    <DIR>          {CA8E795B-B095-416D-B516-A607AA926535}
08.02.2012  07:35    <DIR>          {CA9BE16A-D1AB-4CEF-80AD-A993278B3E70}
16.11.2012  02:33    <DIR>          {CAB25399-22BE-4608-9C7E-E3B697F8C1A4}
06.09.2012  06:24    <DIR>          {CAB8EB2A-9186-44A2-9E53-492647F5599A}
24.05.2013  07:43    <DIR>          {CAF526C2-44F6-489D-9ADE-938CFFCEB039}
20.02.2013  08:07    <DIR>          {CB30B75C-BE7D-41D4-8C7C-BC9F8F1E849F}
19.03.2012  19:58    <DIR>          {CB3CF2B9-E2B1-4A8A-A640-4A795CC92443}
04.07.2013  09:52    <DIR>          {CB733B7C-6C80-4862-855F-8ADDAA06D625}
06.11.2013  07:14    <DIR>          {CBDE437B-21C7-432C-9A7B-3A5C6E84A054}
13.07.2012  12:38    <DIR>          {CBEFEDB9-0AFB-44B8-9D50-088EC0A0F81E}
27.08.2013  18:42    <DIR>          {CC1B79AA-A95F-4603-AC14-E7BA5BF46E10}
15.07.2012  09:44    <DIR>          {CC1EB39E-CCAA-4645-AC95-3183A106DE4A}
07.07.2012  05:53    <DIR>          {CC75F20C-CCED-4041-924F-4B10085882A8}
07.01.2013  20:59    <DIR>          {CC9363D3-90A2-45B6-92FE-652D132BD819}
16.01.2013  19:34    <DIR>          {CCA4D62B-024E-43B8-8C51-6A931FD555D5}
12.06.2012  08:08    <DIR>          {CD4534EA-53B9-4A4A-B44A-ED48A79C2FD0}
08.08.2012  05:16    <DIR>          {CD4B0848-5685-4F40-9935-02EABE47DD12}
28.11.2013  08:17    <DIR>          {CD7AFBE6-59E3-4192-B8A4-77B379E5A9B5}
02.04.2013  18:47    <DIR>          {CD8914B1-08FC-4E53-A7BE-B15A319F543B}
22.08.2012  04:24    <DIR>          {CD8BD308-4071-49A7-B1BD-E7FD90CF98ED}
13.05.2012  18:52    <DIR>          {CDB1098D-1510-4061-8BED-B1B22DF9A2ED}
04.06.2013  18:46    <DIR>          {CDC56622-D7AF-4D98-8906-5D227C5957C7}
06.07.2013  19:23    <DIR>          {CE0E63EA-CF41-48D8-BBD3-3AD1CD8C04AE}
14.10.2012  06:29    <DIR>          {CE326849-85BA-4A89-BB1A-D56B4A134C47}
09.03.2012  22:36    <DIR>          {CE510DCE-859F-4751-B849-AE5F622479F6}
08.10.2012  22:49    <DIR>          {CE51DEBD-642E-49DF-BFDC-6AE9E33430CF}
12.03.2012  05:31    <DIR>          {CE6C8C69-EDC9-492F-82B9-341FB1A944C1}
05.06.2012  05:12    <DIR>          {CE7E765F-B89D-4769-81D7-2167CA136B29}
10.02.2012  09:00    <DIR>          {CE873E05-7B33-483C-BBEC-780B27F7CAD2}
25.04.2012  19:40    <DIR>          {CE89F292-1A8D-4322-8138-746FDD915CAF}
02.06.2012  09:57    <DIR>          {CEA92EE4-D628-4AC7-A4E3-3F8FED2B51A3}
21.02.2012  19:22    <DIR>          {CEC13644-DF96-406E-8872-D5F720D6DEA1}
10.02.2012  13:52    <DIR>          {CEEAA9D4-4F08-456D-BF48-04D61A6ED4F1}
14.05.2013  07:06    <DIR>          {CF1CD0C4-684D-4ED9-96DF-142BDEACF590}
04.05.2012  05:10    <DIR>          {CF3279D6-5B08-444C-BC50-A3A25EFD728E}
23.11.2012  18:53    <DIR>          {CF7DF754-30A5-442D-B3D5-88D52F7834C7}
27.07.2013  14:53    <DIR>          {CF9CDCCE-2190-4012-B0A4-32B35CD51C97}
08.12.2012  22:10    <DIR>          {CFAFC56B-8D4C-4220-A1D7-B3E76DF0C73A}
19.04.2012  05:06    <DIR>          {CFCD3BDA-DEC9-4691-8392-CFD0F85FD3B8}
25.04.2012  19:40    <DIR>          {D009249E-93FC-4047-8335-3D21EA229465}
07.06.2012  17:49    <DIR>          {D02065D1-905C-4E16-9424-2DFA0BA237ED}
21.04.2012  09:10    <DIR>          {D03F9217-42E4-47F6-A893-2462673CE2A0}
29.04.2012  11:12    <DIR>          {D04FFD05-90D5-49CB-9B1A-B7F4C514EED3}
12.06.2012  08:43    <DIR>          {D06463D9-D471-47D1-A55C-5E8799C3EFA1}
31.03.2012  07:56    <DIR>          {D0889BAB-90FA-473E-B49A-2843867219E3}
03.09.2013  19:11    <DIR>          {D0986E5F-153B-448F-8F06-72CB651584A8}
22.03.2012  20:05    <DIR>          {D0E2DF4C-FC8D-4401-9381-C6234656FE30}
28.04.2012  06:45    <DIR>          {D0E43309-EA2B-478E-8E79-15E726CEEE23}
28.05.2012  07:35    <DIR>          {D1733CD4-BA92-4E5E-8931-226EA13F3C7B}
25.04.2012  13:51    <DIR>          {D19285BA-2D25-4C5D-A409-EF55DEF6CE67}
20.09.2012  09:16    <DIR>          {D1A82EA5-F2C5-4B88-B48A-7B1DCF7C6445}
15.02.2012  06:20    <DIR>          {D1B44DBC-FFFA-49A0-BB29-5B2583E6434C}
18.04.2012  18:47    <DIR>          {D1D71390-5DDB-4016-B5B9-59073DC65002}
27.06.2012  06:46    <DIR>          {D1F1A94A-6956-4665-8A6D-05212700B59B}
09.05.2013  20:05    <DIR>          {D21C70AD-1174-4183-BB33-91601A18C1C8}
20.02.2012  00:36    <DIR>          {D2AAD7AD-9133-4835-996B-748E5BB92E1D}
27.10.2013  20:45    <DIR>          {D2B94F98-21AD-4A8F-9B61-72EAFA3D0F02}
24.09.2013  07:20    <DIR>          {D3127351-C15D-49C5-9BF8-46790FD4916D}
30.08.2013  05:06    <DIR>          {D33DC486-0D8F-4E25-B1B3-18CBAFC906AB}
09.07.2013  04:26    <DIR>          {D35A1D0D-890D-4914-8905-F8D4917F0E97}
30.04.2012  05:08    <DIR>          {D35BCFF4-6B75-434D-8BD6-8AAC7E650CF4}
07.10.2012  19:16    <DIR>          {D3C4FEEB-0BC0-41A4-AC3B-E93703794F57}
28.06.2012  08:30    <DIR>          {D3C61D9D-620E-4ED0-912E-192A7D6605E2}
13.09.2012  17:18    <DIR>          {D4009FAF-F7BB-4722-A300-0A399E11F58D}
30.10.2013  07:12    <DIR>          {D41EF1A9-4B4F-4441-829C-1836C5FA5385}
05.05.2013  04:17    <DIR>          {D4AAC0CB-A342-419B-AE93-4A812BE88DA5}
07.11.2012  23:20    <DIR>          {D4E7CCE0-D1CA-47DA-A981-43FA759F2F96}
12.02.2012  09:40    <DIR>          {D4FC3574-DF8E-42D2-9BB1-634F0C554FA8}
25.11.2013  07:22    <DIR>          {D5018F94-B4C2-4127-A676-48525918606F}
12.11.2012  11:33    <DIR>          {D5B87480-59C1-4CCB-8256-63C73220B086}
06.09.2013  19:00    <DIR>          {D68CCF75-6FAF-4DD4-A40E-579F989046B7}
20.06.2012  13:14    <DIR>          {D699CC8C-17A0-45A0-81BD-47325C0C9F73}
08.01.2013  09:00    <DIR>          {D6C6464D-5E75-4FF1-BD62-77954EF1005E}
16.10.2013  03:52    <DIR>          {D74A66BF-1F82-4A2F-9A82-9E13F8E04221}
16.10.2013  16:01    <DIR>          {D759E13B-0637-4AC7-9F58-C72C9ADCEA7B}
26.05.2012  09:44    <DIR>          {D7779F26-5D16-4F0A-B4EC-9DF2E260E926}
03.06.2013  12:09    <DIR>          {D83F87D1-F519-4E16-9C82-778846E39C8A}
23.05.2012  20:05    <DIR>          {D8E3E17F-47B6-4128-8EF0-5C6638335CA0}
11.06.2013  18:54    <DIR>          {D920B16C-4811-4C51-8936-6E4E892A3674}
21.02.2012  19:21    <DIR>          {D95472F5-0E7D-44E4-8243-016514531BCA}
18.02.2013  06:12    <DIR>          {D97CC457-0218-4955-94D2-BEB821A87530}
18.04.2012  06:08    <DIR>          {D9B23DFE-D65A-4ACF-A743-AC2E3ADB0B0D}
27.02.2012  13:33    <DIR>          {DABD54BE-1BC9-4A3E-8188-14105269F69F}
07.03.2012  05:19    <DIR>          {DAC2934E-3600-4475-A987-B1DE91F80207}
21.06.2012  19:18    <DIR>          {DADE6F94-AD22-4D26-B8B7-6C560FE215D2}
14.06.2013  19:53    <DIR>          {DB6D9124-B9EA-41CA-BF6A-73093D914F89}
19.09.2012  23:16    <DIR>          {DBC4369F-FBB4-44AB-8927-0A0D7C52E0F7}
11.03.2012  08:48    <DIR>          {DBC9CD6F-60EE-453D-B6E0-6E6AEDF76470}
25.06.2013  17:14    <DIR>          {DC3DE102-E6BE-4519-8DDA-357116EB3EBF}
02.06.2012  09:57    <DIR>          {DC54357D-A48C-4EF2-80F0-2A23DEBEC1D1}
10.08.2012  17:18    <DIR>          {DCC1FFD8-E639-4B61-80FD-47D7974B7AA5}
01.09.2012  09:08    <DIR>          {DCC402EA-9443-43CA-82FA-5984EB1A97C4}
03.05.2012  15:52    <DIR>          {DCEA52C5-D0F7-4684-809E-921044689E6D}
09.06.2012  06:12    <DIR>          {DD0E0EE8-0D8F-4415-8C72-4EA5D460CCCE}
22.06.2013  18:37    <DIR>          {DD6F36DA-B952-4FC9-B6E2-B110591C59A9}
14.11.2013  05:27    <DIR>          {DDBDB58F-F93C-408C-85CF-805F077EA6B5}
01.04.2013  08:52    <DIR>          {DDE86B9D-3E29-4173-B031-784BE26D376C}
28.02.2013  07:28    <DIR>          {DDFCE4FD-1F34-4A8B-838B-5A86A62D0CCC}
16.08.2012  04:24    <DIR>          {DE08E59D-D464-495F-BBB8-01C66E292BDC}
05.04.2012  07:26    <DIR>          {DE0B9D39-93FA-4EEA-887C-B4F4621A6A69}
11.06.2012  06:50    <DIR>          {DE11A832-1DF1-42E1-97F2-CC86B7DFFF73}
04.05.2012  05:10    <DIR>          {DE3D6C15-CB70-461B-A94E-AD77521423FC}
26.09.2012  14:38    <DIR>          {DE418D2B-EE8A-449E-BFE3-6B86361F0EB1}
01.06.2012  04:32    <DIR>          {DE96E62C-8EA9-4700-BB62-47A90B81C08A}
03.08.2012  11:08    <DIR>          {DEABF35B-3697-44D9-9F53-59509FFDFE73}
07.07.2012  17:54    <DIR>          {DEB4567C-628A-479C-A85F-6D7AD588761C}
15.05.2012  05:07    <DIR>          {DF0785CF-5F86-4930-A403-E7E228E29AC3}
28.04.2012  09:27    <DIR>          {DF51A7AD-3836-4279-A298-05BB5666ECFC}
22.04.2013  04:51    <DIR>          {DFA46489-A0E1-4581-A9F2-8F8D10766382}
05.08.2012  00:00    <DIR>          {DFEB02E2-68DE-4093-ABCF-4C621620FC10}
16.02.2013  19:30    <DIR>          {E009447B-1C35-4E80-B033-46D00D968F92}
21.06.2012  05:06    <DIR>          {E013A170-5300-4952-AEC1-4DE285936553}
19.09.2013  11:02    <DIR>          {E09778A1-1567-4B08-BB73-65C52722C1EF}
07.06.2012  17:49    <DIR>          {E1716CBC-9C43-4988-8517-1EA8211C7E23}
21.04.2012  09:10    <DIR>          {E17ADE43-EA4B-4E74-BCAA-7773321964FA}
09.06.2013  12:04    <DIR>          {E1914E72-6CAF-4AD3-B217-B04E4FAF2308}
19.09.2012  10:38    <DIR>          {E24B6ECE-DE3E-417B-AA94-0FBDAE1039D5}
26.09.2013  19:47    <DIR>          {E279A642-0F83-495C-AC30-2DAEFF19232F}
22.11.2013  19:52    <DIR>          {E2CE2208-A9AB-4D26-98AC-4D37841617BA}
01.05.2012  06:21    <DIR>          {E2D31673-E4A2-47E9-AC13-BB073A486D28}
08.05.2012  15:01    <DIR>          {E3E435EB-F3FB-42D1-BB4C-A0BD48BFF481}
08.08.2012  05:16    <DIR>          {E4440130-D998-4CD9-A68F-FE2C63F3E02F}
26.11.2012  14:31    <DIR>          {E44ED5FD-0AA3-4310-B298-BCB1FF8D643D}
24.01.2013  10:29    <DIR>          {E4BE7FAF-B0C7-43B2-BE23-7A7C3BA7B7C8}
11.08.2012  07:55    <DIR>          {E4BF4F19-7A62-4CEF-A470-16E5A303B934}
10.05.2013  11:24    <DIR>          {E4F7E3B6-AEA6-4037-AB70-C9A2480F2D35}
16.07.2012  20:42    <DIR>          {E50AF594-07B8-40B2-8CB0-7AB3BF0C4CE9}
03.02.2013  06:19    <DIR>          {E51BC355-064E-4487-AF5C-70F9F9C798EC}
07.03.2012  17:20    <DIR>          {E5A71DFE-A3D9-41B6-ACD3-F240739519E9}
28.08.2012  11:14    <DIR>          {E5BF9CD1-0811-42EC-B08E-20FFB7ED02C2}
25.03.2012  23:29    <DIR>          {E5D5FA4D-B5B8-4334-B14D-26434C307B2A}
02.04.2012  05:53    <DIR>          {E5E51CED-D69F-4D33-928D-69E250A71199}
21.04.2012  07:41    <DIR>          {E6325B7E-2CDC-4A01-BB75-57EA99FAD21C}
24.08.2013  19:51    <DIR>          {E657D871-E987-4D80-A17C-18A9E24066A3}
16.03.2012  07:49    <DIR>          {E6F88570-8D9B-41FD-AC5A-712A439287F2}
17.09.2013  18:43    <DIR>          {E704173D-98D4-47A8-B4C1-DD66292B4A61}
17.02.2012  07:38    <DIR>          {E7FFF482-83D1-4A5D-A345-063943639A22}
10.09.2013  19:22    <DIR>          {E8059FAC-A786-4C23-A1E7-9C1A89E1F183}
15.07.2012  09:44    <DIR>          {E8153392-D889-4B94-82C3-AC60FEF0C302}
11.03.2013  20:36    <DIR>          {E81B7E45-3A6A-49B0-969D-2919F972EFD2}
16.01.2013  05:55    <DIR>          {E81C1737-DDC4-40F7-8A7B-67A92BF1E25B}
16.08.2012  05:14    <DIR>          {E825528C-DA68-4BD7-B2CC-A78BD2C91373}
10.11.2012  09:10    <DIR>          {E835C682-DA02-4F6B-B821-D7CAE6840A0F}
14.08.2012  05:06    <DIR>          {E849AE25-72A0-48F8-B492-3C20B25A1B87}
08.07.2012  06:00    <DIR>          {E85FD390-50A6-4C76-9F81-AE11371F4483}
23.12.2012  08:42    <DIR>          {E89739E4-D6DB-4008-893A-7A26EF5898E1}
02.07.2013  15:20    <DIR>          {E89A30D6-8330-4FC4-98F6-96DB7F1317A6}
03.04.2012  19:06    <DIR>          {E8AEE3FA-D75E-4CAF-A2E1-1BDC00EBDE8D}
06.10.2012  08:39    <DIR>          {E8AF23B8-1356-4C4F-AD6F-CFFE5A5D7317}
23.09.2012  19:36    <DIR>          {E8C7B39B-EE77-466F-86A2-7F6434A0F5E3}
11.05.2013  05:06    <DIR>          {E9319120-9B31-447A-8878-B9FA8F8FD452}
25.02.2012  20:15    <DIR>          {E9475F44-DEA1-4821-8AD8-714E7F9EE329}
19.10.2013  06:24    <DIR>          {E94E483D-D3B9-45C5-8039-20473F87DB9B}
21.04.2012  07:41    <DIR>          {E972900F-8CD1-424B-B049-1E8766FC614E}
11.11.2013  18:23    <DIR>          {E9809EAA-FBE9-4CD8-9277-5C342EDC9C40}
06.06.2012  20:11    <DIR>          {E9BE451F-FF38-43A7-AA66-156C04629981}
20.11.2013  23:26    <DIR>          {E9F3DEB7-5C11-4DEA-9C1B-D491A8908F52}
08.04.2012  23:44    <DIR>          {EA065FB9-A643-4219-A6BF-C5DC3BFF5811}
30.05.2013  21:56    <DIR>          {EA21B388-DB41-4BAB-8C2D-C0F57EF5A870}
01.06.2012  04:32    <DIR>          {EABBD213-D32F-4B91-94EA-0F17A058F115}
04.04.2012  08:09    <DIR>          {EABEDEDE-1E9E-4379-ABCE-74D147398E8A}
29.11.2012  09:07    <DIR>          {EAD9EFB0-92F5-4959-8CF5-3873ABA25367}
31.01.2013  17:11    <DIR>          {EB19A7B1-4A9A-4A24-AB40-E95471F3E568}
05.03.2013  17:29    <DIR>          {EB90E13E-A3E4-4A55-83C2-D97B8CEE4C89}
12.01.2013  02:16    <DIR>          {EB9857A4-ECC2-41B2-8E49-8F672C9E922C}
20.11.2013  07:28    <DIR>          {EB9DABB0-95C3-4759-A27D-D6EB879A99C7}
09.06.2012  06:12    <DIR>          {EBD03E2D-ACBD-4C56-9D84-9524EC99C083}
11.01.2013  08:02    <DIR>          {EBEB9EF4-F2FE-4C4B-B379-7FEFC1677B30}
06.06.2012  05:21    <DIR>          {EBEDD855-EC99-41D4-9EEB-30AFC250E229}
07.10.2013  06:03    <DIR>          {EC325BD9-DF50-42AE-8F64-ECA2943DAADC}
19.11.2012  06:45    <DIR>          {EC394034-C189-4C31-AE3C-529F2616C61A}
12.05.2012  11:46    <DIR>          {EC993BC4-DA47-4AF0-8FBD-2EE5B6678D08}
27.01.2013  20:19    <DIR>          {ECA17545-A0A9-479B-9158-C827894562D0}
25.11.2013  19:23    <DIR>          {ECA66C83-66C7-4627-88CA-FCE3544D6A1A}
17.01.2013  07:35    <DIR>          {ECC4A222-90C8-448D-876A-85053F488FFA}
01.05.2012  06:21    <DIR>          {ECF69F28-6DAC-4BCE-B19E-43A4ECA6A254}
25.11.2012  20:47    <DIR>          {ED512337-23CE-47B1-AA2A-A3D871A127B2}
29.06.2013  06:20    <DIR>          {ED8B0EF8-4D31-46D3-837F-8FBBB4E7B4B0}
11.07.2012  12:49    <DIR>          {ED9FAA20-DCC5-4AD1-89F0-1EADF0B05570}
12.02.2013  14:06    <DIR>          {EDC6A50E-786D-481A-BC9F-F48FBD44BD1D}
25.02.2012  20:15    <DIR>          {EE12C8ED-AD40-4CBB-B015-93EFDEB6EF9A}
09.07.2012  20:30    <DIR>          {EEEBF028-D648-46EE-B09F-44C6AD8DFBBC}
10.06.2012  06:02    <DIR>          {EEF05AE9-5382-4988-82AC-99EB48AF4FD6}
28.03.2012  06:19    <DIR>          {EF01C4C8-A21F-447D-A893-63055AA609B8}
31.05.2013  13:43    <DIR>          {EF4501C0-EF22-42F2-86F5-F80188FB5937}
11.04.2012  05:26    <DIR>          {EF5869E6-D53C-46F5-96BF-1E93A4D9845E}
23.05.2013  18:51    <DIR>          {EF79559E-A296-47ED-98EB-A933DC3A13D0}
07.07.2012  05:53    <DIR>          {EF930443-AB84-4C82-B2BA-2A57C2A282BD}
13.10.2013  19:37    <DIR>          {EFEB7229-20A3-41CA-A8B7-4B5FF9D6EFAC}
21.09.2012  16:27    <DIR>          {F021F404-0572-4711-9022-D859B80E0B16}
18.05.2012  20:16    <DIR>          {F0A336F7-5834-43F1-8114-D76E02681E27}
21.03.2013  07:29    <DIR>          {F0E7EF8A-2B5D-4BCA-9866-DB3BC7EB76CF}
25.05.2012  06:11    <DIR>          {F11C9771-2620-41D7-AB4B-269C381BEDAF}
27.10.2013  08:43    <DIR>          {F11DFABD-04E6-489C-A50F-132013F09BED}
01.07.2013  19:06    <DIR>          {F1204CB5-572A-4987-A74C-8F0CA397ED6B}
20.05.2012  19:50    <DIR>          {F1BC76E7-6F05-4C0B-9115-CC32AD22193F}
08.08.2013  20:19    <DIR>          {F1BD401D-CB51-4171-B970-A2159BAB6AB7}
25.02.2012  05:39    <DIR>          {F1C15A0C-13B6-48C3-879D-11BAC316A60A}
19.10.2013  19:20    <DIR>          {F22E6469-C3C8-40B8-810F-A6DE27B5337C}
02.03.2012  07:13    <DIR>          {F2330A91-7B74-4D29-B1C1-287EFC3B96FD}
02.10.2013  17:36    <DIR>          {F2626A4C-4641-4B0D-BD6F-FDABF9A816A7}
03.06.2012  22:23    <DIR>          {F281EA76-26EB-4FB7-99EA-A6253A8822FD}
07.10.2012  17:27    <DIR>          {F2A0E1BA-2DF5-4612-BB52-2E0C5FAFAC7D}
06.05.2013  06:20    <DIR>          {F39ADAD8-E1A8-4920-9A70-9D2CCDD4843E}
31.08.2012  07:46    <DIR>          {F3BD0913-8E6B-400D-BD21-7FB35D022168}
01.03.2012  07:18    <DIR>          {F3DBEA21-9F1F-45DF-BD04-4CE6FA1F1FE0}
08.08.2013  07:11    <DIR>          {F3FCA6F0-E33F-4693-9D6E-56023C04C01E}
16.07.2012  04:57    <DIR>          {F4542D8A-B502-43BF-8B9E-BEAA08610A2F}
16.06.2012  20:05    <DIR>          {F4B47DD1-511E-47F8-ACEB-47836D02DCEE}
30.09.2013  05:32    <DIR>          {F54A3BFC-0DA1-4248-A02D-A5A4E982C2AB}
11.02.2012  03:54    <DIR>          {F55B6F2B-8FC4-47F1-A6AF-075C5D28C778}
21.04.2013  07:55    <DIR>          {F5645E70-CD47-4076-9193-CF9A44A27B9D}
03.05.2012  06:15    <DIR>          {F5671BF2-06C4-4F5C-BE98-F89EC3FA52BE}
29.05.2013  20:03    <DIR>          {F585A049-8EC7-407D-B80E-70E63513C0AC}
24.12.2012  05:47    <DIR>          {F588C6D5-DA0B-4078-8E46-0EA7C5965FCD}
17.09.2013  03:57    <DIR>          {F5CE14FF-3BAF-4AF5-A95B-A5FE1CCAD7CC}
24.04.2013  19:22    <DIR>          {F612DEFB-A37B-4DCB-AF3F-8BDC6FDF1D10}
14.02.2013  13:20    <DIR>          {F6268A65-5726-4EDB-89EF-6D1F283FE958}
15.04.2012  10:26    <DIR>          {F635F7A6-0A78-439A-8E96-5E6F00A6ACFB}
26.03.2013  06:46    <DIR>          {F642CBAA-385A-44A8-93FD-4729FC064B0E}
22.10.2013  16:37    <DIR>          {F6B2E4FA-2B5F-4887-B09B-5573BFE1413D}
02.02.2013  00:00    <DIR>          {F6EAE12C-0C28-4696-A6FF-08FECAC242E6}
08.03.2012  07:16    <DIR>          {F7427B63-43DF-49A5-B7EC-5B6ACF84F50C}
25.09.2012  23:46    <DIR>          {F75529FF-983D-453C-98CC-96B2260F1F37}
19.04.2013  10:27    <DIR>          {F771C3DF-26E7-44DA-8942-FE15E90B4909}
16.08.2012  19:54    <DIR>          {F794ABDD-19F7-41AF-88D6-AE8821DA1DA6}
03.05.2012  15:52    <DIR>          {F82D7EAF-3C35-48EC-99DC-DFD0A566A6BB}
18.06.2012  05:08    <DIR>          {F844F2C9-4881-4B79-BA7A-EA65064FCDBF}
04.05.2013  08:54    <DIR>          {F88FD4C7-6B0C-4F2C-A460-4AEFF373E508}
28.10.2012  11:00    <DIR>          {F8B5EAD0-9728-4FD9-8087-8965E848C0C3}
10.06.2013  03:58    <DIR>          {F8D14EAC-D8D6-40EB-BF78-8D355D3AFC70}
01.12.2012  19:52    <DIR>          {F8E40020-21A0-428A-85A4-3BE733FC0CE2}
25.08.2012  07:15    <DIR>          {F904B19A-C74F-426C-982D-FE12477093C4}
19.03.2012  07:10    <DIR>          {F9AE40DA-E911-41AD-8C94-1B6DC0893F98}
06.03.2013  20:34    <DIR>          {FA10DACB-19BB-4BCC-BCE9-989E8F0AFC7D}
19.05.2012  12:37    <DIR>          {FA5BC753-02BD-4BE0-9785-6F7EB81D9115}
24.06.2013  12:02    <DIR>          {FA6AD2CD-8300-4263-A177-EF17B811A090}
23.04.2012  14:58    <DIR>          {FAFD925D-23F9-457C-A1DF-AF5E71EC6D02}
06.02.2013  02:50    <DIR>          {FB169C39-9463-4729-BE04-A6DE6819F0C4}
10.07.2012  05:06    <DIR>          {FB2AA211-20CD-4D91-AC5E-5BD1CB18EA52}
19.02.2013  13:56    <DIR>          {FB5E29BD-A7DF-4826-88A1-8CA94E728352}
07.11.2013  20:58    <DIR>          {FB6BB124-90E3-4F77-9405-AFD63BBE4F81}
03.10.2013  08:34    <DIR>          {FB6D2877-B555-4548-B931-1A285537B90F}
01.10.2013  11:06    <DIR>          {FB78A5A3-72E8-4074-AA02-7D21CBFAEC0D}
13.09.2013  20:40    <DIR>          {FBA4BE54-D5D6-4ED9-83CE-FD56CB1797B3}
04.11.2012  23:34    <DIR>          {FBC148AF-E2EB-4BB2-875E-2866A58FC6C0}
01.06.2013  07:09    <DIR>          {FC1561AC-1BF2-435F-B9FD-FC7DCEAA8617}
08.03.2012  19:38    <DIR>          {FC68BADB-187A-463B-872D-46241866E014}
31.03.2013  19:04    <DIR>          {FCA82E4D-1628-4F10-B298-A41E66E41935}
24.04.2013  07:15    <DIR>          {FD3E5ED8-4309-4DE7-95C9-99B295B3CDE2}
01.05.2012  08:57    <DIR>          {FD7BA78B-1094-485E-8073-638F2490E1FE}
23.03.2013  09:01    <DIR>          {FD7D8ECC-3DC8-4AA2-9F03-763FC016DC0F}
23.02.2012  07:45    <DIR>          {FD8A09FE-4616-4F5D-8199-AC49D2A96962}
26.05.2012  21:46    <DIR>          {FE2BB4D0-542F-43A4-8469-3280E35FBF57}
18.10.2012  15:49    <DIR>          {FE5CF527-5756-4615-B75A-D63A4C4F29CF}
14.03.2012  05:33    <DIR>          {FE678A49-A065-4201-BCDC-1F90C1471FD8}
19.03.2012  07:10    <DIR>          {FE838F5C-E106-4937-BAD1-579DDA7CD2B9}
04.03.2012  09:13    <DIR>          {FE9F46B4-61CF-45B3-8B9C-0524C1DB2ABA}
06.03.2012  07:19    <DIR>          {FEAFBF1E-5A6F-4BEB-A94A-B87086CF4B24}
11.05.2012  20:48    <DIR>          {FEC50974-D91B-4424-A6F0-BC01E2A0ED56}
20.09.2013  14:03    <DIR>          {FF467D5C-E1BD-4D35-A786-4019C0D512AF}
02.06.2013  09:52    <DIR>          {FF474FDD-8782-4E15-9BB4-C30EEC861AB5}
11.05.2012  20:48    <DIR>          {FF7277EE-4ABC-4A20-83F3-0850A50D9671}
15.09.2013  06:10    <DIR>          {FF8F9273-EF1C-4A07-9ABE-615A095F2440}
21.05.2013  05:01    <DIR>          {FF9076A5-6B26-4982-B16B-3D359A5E3D9E}
23.06.2012  09:47    <DIR>          {FFBEB7B7-11FD-4A77-AE4C-F775EF72B348}
               5 Datei(en),        198.949 Bytes
            1369 Verzeichnis(se), 434.952.183.808 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\Program Files (x86)\Common Files

07.06.2018  05:31    <DIR>          .
07.06.2018  05:31    <DIR>          ..
26.06.2015  05:22    <DIR>          Adobe
19.07.2017  07:53    <DIR>          Adobe AIR
28.10.2011  01:10    <DIR>          ATI Technologies
07.02.2012  07:25    <DIR>          Corel
13.09.2012  06:02    <DIR>          DATA BECKER Shared
21.07.2015  22:42    <DIR>          DESIGNER
29.09.2015  13:27    <DIR>          HERMA
20.06.2012  08:11    <DIR>          Hewlett-Packard
20.06.2012  08:11    <DIR>          HP
11.11.2014  19:38    <DIR>          InstallShield
15.01.2014  16:15    <DIR>          MAGIX Services
15.01.2014  16:18    <DIR>          MAGIX Shared
07.02.2012  07:26    <DIR>          Memeo
11.05.2018  19:55    <DIR>          microsoft shared
07.06.2018  05:29    <DIR>          Oracle
07.02.2012  07:24    <DIR>          Protexis
05.04.2013  15:33    <DIR>          PX Storage Engine
14.07.2009  05:20    <DIR>          Services
05.04.2013  15:27    <DIR>          Sonic Shared
14.07.2009  05:20    <DIR>          SpeechEngines
11.11.2014  19:17    <DIR>          Steam
27.10.2011  03:12    <DIR>          SWF Studio
12.02.2012  20:30    <DIR>          System
18.07.2011  22:49    <DIR>          Windows Live
13.11.2017  08:13    <DIR>          Wise Installation Wizard
               0 Datei(en),              0 Bytes
              27 Verzeichnis(se), 434.952.155.136 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\Program Files\Common Files

25.07.2017  14:44    <DIR>          .
25.07.2017  14:44    <DIR>          ..
05.04.2013  15:35    <DIR>          Adobe
28.10.2011  01:10    <DIR>          ATI Technologies
21.08.2018  21:06    <DIR>          AV
25.07.2017  14:44    <DIR>          EPSON
29.10.2016  18:00    <DIR>          Logishrd
12.02.2015  07:39    <DIR>          Microsoft Shared
14.07.2009  05:20    <DIR>          Services
14.07.2009  05:20    <DIR>          SpeechEngines
12.02.2012  20:30    <DIR>          System
               0 Datei(en),              0 Bytes
              11 Verzeichnis(se), 434.952.093.696 Bytes frei

========= Ende von CMD: =========


========= dir "%UserProfile%" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\Users\Arhelger

22.08.2018  20:10    <DIR>          .
22.08.2018  20:10    <DIR>          ..
18.04.2018  05:52    <DIR>          Bcher
14.09.2017  02:28    <DIR>          Contacts
22.08.2018  20:15    <DIR>          Desktop
18.08.2018  22:13    <DIR>          Documents
03.04.2018  06:42    <DIR>          Dokumente
22.08.2018  19:34    <DIR>          Downloads
14.09.2017  02:28    <DIR>          Favorites
03.07.2017  05:35    <DIR>          Filme
04.06.2018  14:14    <DIR>          Jannik Noah
14.09.2017  02:28    <DIR>          Links
14.07.2018  09:08    <DIR>          Louis
14.09.2017  02:28    <DIR>          Music
19.05.2018  11:34    <DIR>          My Games
06.12.2014  16:07            10.381 Nikolaus.xlsx
16.04.2018  06:19    <DIR>          Pictures
21.08.2018  13:18    <DIR>          Sabrina
27.09.2016  06:02    <DIR>          Samsung Link
14.09.2017  02:28    <DIR>          Saved Games
06.04.2018  07:30    <DIR>          Scanner
14.09.2017  02:28    <DIR>          Searches
10.11.2017  07:30               364 Sti_Trace.log
21.08.2018  07:03    <DIR>          Sven
14.09.2017  02:28    <DIR>          Videos
               2 Datei(en),         10.745 Bytes
              23 Verzeichnis(se), 434.952.024.064 Bytes frei

========= Ende von CMD: =========


========= dir "C:\" =========

 Datentr„ger in Laufwerk C: ist Boot
 Volumeseriennummer: 204C-3CC0

 Verzeichnis von C:\

21.08.2018  12:53    <DIR>          AdwCleaner
11.06.2018  05:14    <DIR>          AeriaGames
21.08.2015  05:05    <DIR>          CorelDRAW Essentials X5
21.08.2018  13:17                57 dllme.txt
22.08.2018  20:15    <DIR>          FRST
07.11.2007  09:00             1.110 globdata.ini
15.04.2014  12:51    <DIR>          history
07.11.2007  09:03           562.688 install.exe
07.11.2007  09:00               843 install.ini
07.11.2007  09:03            76.304 install.res.1028.dll
07.11.2007  09:03            96.272 install.res.1031.dll
07.11.2007  09:03            91.152 install.res.1033.dll
07.11.2007  09:03            97.296 install.res.1036.dll
07.11.2007  09:03            95.248 install.res.1040.dll
07.11.2007  09:03            81.424 install.res.1041.dll
07.11.2007  09:03            79.888 install.res.1042.dll
07.11.2007  09:03            75.792 install.res.2052.dll
07.11.2007  09:03            96.272 install.res.3082.dll
20.08.2018  12:54    <DIR>          KVRT_Data
23.09.2005  00:39           894.976 msdia80.dll
21.08.2018  13:17           455.344 msvcp120.dll
18.10.2017  17:22                 0 NET.INI
20.08.2018  13:20    <DIR>          Program Files
21.08.2018  06:39    <DIR>          Program Files (x86)
22.03.2017  06:15                32 PS.log
27.09.2016  05:51    <DIR>          Upload
15.07.2015  11:30    <DIR>          Users
07.11.2007  09:00             5.686 vcredist.bmp
07.11.2007  09:09         1.442.522 VC_RED.cab
07.11.2007  09:12           232.960 VC_RED.MSI
22.08.2018  12:49    <DIR>          Windows
20.08.2018  12:52             2.604 XoristDecryptor.2.5.3.4_20.08.2018_12.47.54_log.txt
              21 Datei(en),      4.388.470 Bytes
              11 Verzeichnis(se), 434.951.962.624 Bytes frei

========= Ende von CMD: =========

================== ExportKey: ===================

[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]

=== Ende von ExportKey ===

========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22100761 B
Java, Flash, Steam htmlcache => 590 B
Windows/system/drivers => 692878876 B
Edge => 0 B
Chrome => 207975672 B
Firefox => 15453907 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42320605 B
systemprofile32 => 404820 B
LocalService => 0 B
NetworkService => 0 B
Arhelger => 4483613587 B
Kids => 134297 B

RecycleBin => 627709594 B
EmptyTemp: => 5.7 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 20:21:28 ====

Ich habe jetzt die Fixlog.txt Datei aufgeteilt. Ich hoffe das geht auch.

M-K-D-B · 23.08.2018, 11:04

Servus,

AdwCleaner bitte nochmal zur Kontrolle ausführen und die Logdatei posten:

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel löschen
- Prefetch-Dateien löschen
- Proxy wiederherstellen
- IE-Policies wiederherstellen
- Chrome-Policies wiederherstellen
- Winsock wiederherstellen
Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
Klicke nun auf Bereinigen & Reparieren und bestätige mit Jetzt bereinigen.

WICHTIG:
Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Jetzt bereinigen.
Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).

Sabrin@ · 23.08.2018, 11:55

Hallo,
hier die aktuelle Log-Datei:

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build:    07-17-2018
# Database: 2018-08-23.3
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-23-2018
# Duration: 00:00:02
# OS:       Windows 7 Home Premium
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1705 octets] - [21/08/2018 12:53:11]
AdwCleaner[C00].txt - [1795 octets] - [21/08/2018 12:53:51]
AdwCleaner[S01].txt - [1371 octets] - [22/08/2018 06:39:55]
AdwCleaner[C01].txt - [1656 octets] - [22/08/2018 06:44:57]
AdwCleaner[S02].txt - [1493 octets] - [23/08/2018 12:40:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

M-K-D-B · 23.08.2018, 19:41

Servus,

zeigt Kaspersky immer noch diese Malware an?
Gibt es dazu noch mehr Infos deinsereits?

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Sabrin@ · 24.08.2018, 05:06

Hallo,

Kaspersky zeigt immer noch die Malware an und lässt sich auch nicht desinfizieren.

Code:

ATTFilter

21.08.2018 21.23.32	Vollständige Untersuchung des Computers (angehalten)		Zeitpunkt: 21.08.2018 21:23
21.08.2018 21.17.45	Das Objekt (Systemspeicher) wurde nicht verarbeitet.	System Memory	Systemspeicher: System Memory	Objektname: Trojan.Multi.GenAutorunReg.a	Grund: Zurückgestellt
21.08.2018 21.17.45	Ein Objekt (Systemspeicher) wurde gefunden.	System Memory	Systemspeicher: System Memory	Objektname: Trojan.Multi.GenAutorunReg.a
21.08.2018 21.17.28	Vollständige Untersuchung des Computers	Die Aufgabe wurde gestartet.	Zeitpunkt: 21.08.2018 21:17

Logdatei FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
durchgeführt von Arhelger (Administrator) auf ARHELGER-PC (24-08-2018 05:56:08)
Gestartet von C:\Users\Arhelger\Desktop
Geladene Profile: Arhelger &  (Verfügbare Profile: Arhelger)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Salfeld Computer) C:\Windows\cc\WinCtlSvc.exe
(Salfeld Computer) C:\Windows\cc\CtlSysMgr.exe
(Salfeld Computer GmbH) C:\ProgramData\NFS\NFSccsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Salfeld Computer) C:\Windows\cc\CtlSysUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\...\RunServicesOnce: [WISO Finanz Update] => C:\Users\Arhelger\AppData\Local\Temp\Buhl\WISO Mein Geld 365 Professional\WISOFinanz365Update_24.0.0.100.exe "/Reduced" "/InstallDir=C:\Program Files (x86)\Buhl\WISO Mein Geld 365" "/ProcessID=3916" " (Der Dateneintrag hat 77 mehr Zeichen). <==== ACHTUNG
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ACHTUNG
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-07] (Google Inc.)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1023664 2016-03-25] (Samsung)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {28f75973-3991-11e8-a592-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\MountPoints2: {2d327e58-f154-11e7-bdac-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-07] (Google Inc.)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [Kies3PDLR.exe] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [1023664 2016-03-25] (Samsung)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\RunOnce: [Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64"
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\MountPoints2: {28f75973-3991-11e8-a592-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\MountPoints2: {2d327e58-f154-11e7-bdac-e0b9a5d47ad7} - F:\HiSuiteDownLoader.exe
IFEO\sethc.exe: [Debugger] logonui.exe
GroupPolicyUsers\S-1-5-21-2519664068-3109547711-38441924-1001\User: Beschränkung <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{2F1AB9F8-898F-464B-B9F8-BE087F0E4A2C}: [NameServer] 192.168.178.0
Tcpip\..\Interfaces\{E700DAEE-439D-4EE4-962B-7D3507F98C6A}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06
SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> {A7521B9F-4CC8-42E7-907C-2085ABD4F486} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg
SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446 -> {A7521B9F-4CC8-42E7-907C-2085ABD4F486} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-02-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-06-07] (Oracle Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-03-13] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-21] (AO Kaspersky Lab)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///E:/components/A9.ocx
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default [2018-08-22]
FF Homepage: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/
FF NewTab: Mozilla\Firefox\Profiles\muqiyzzu.default -> hxxp://home.1und1.de/
FF Extension: (Ciuvo Preisvergleich) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\extension@ciuvo.com.xpi [2016-04-19] [Legacy]
FF Extension: (Forecastfox (fix version)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\forecastfox@s3_fix_version.xpi [2016-04-19] [Legacy]
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\newtaboverride@agenedia.com.xpi [2016-04-19] [Legacy]
FF Extension: (S3.Google Translator) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\s3google@translator.xpi [2016-04-28] [Legacy]
FF Extension: (Flagfox) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-04-28] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Arhelger\AppData\Roaming\Mozilla\Firefox\Profiles\muqiyzzu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-19] [Legacy]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-08-21]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-10-29] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-07-25] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-06-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-06-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-10-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @protectdisc.com/NPPDLicenseHelper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Arhelger\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Arhelger\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Arhelger\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Arhelger\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei]

Chrome: 
=======
CHR HomePage: Default -> hxxp://home.1und1.de/?linkId=hd.nav.themenportal&ucuoId=PUAC:default.EUE.DE-20150617064232-9E49C81A815F50BE9E13B68A1F3A997C.TCpfix111b&ac=OM.PU.PUb48K85425T7073a
CHR StartupUrls: Default -> "hxxp://home.1und1.de/"
CHR NewTab: Default ->  Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Profile: C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default [2018-08-24]
CHR Extension: (Google Übersetzer) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-08-21]
CHR Extension: (Präsentationen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-21]
CHR Extension: (Kaspersky Protection) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-08-21]
CHR Extension: (Docs) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21]
CHR Extension: (Google Drive) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-21]
CHR Extension: (YouTube) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-08-21]
CHR Extension: (Tabellen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-21]
CHR Extension: (Google Docs Offline) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Google Kalender) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2018-08-21]
CHR Extension: (New Tab Redirect) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-08-21]
CHR Extension: (Drucken für Google Chrome) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd [2018-08-21]
CHR Extension: (Google Play) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-08-21]
CHR Extension: (Google Maps) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-08-21]
CHR Extension: (Google Mail-Checker) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-08-21]
CHR Extension: (IP-Domain-Markierungsfahne) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2018-08-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-21]
CHR Extension: (Google Mail) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-21]
CHR Extension: (Chrome Media Router) - C:\Users\Arhelger\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-21]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-2519664068-3109547711-38441924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arhelger\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Arhelger\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [caeaobpemokdfnidgaebncaooofnbfha] - C:\Users\Arhelger\ChromeExtensions\caeaobpemokdfnidgaebncaooofnbfha\amazon-icon-fwde.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [245760 2017-02-28] (AVM GmbH) [Datei ist nicht signiert]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R2 CC-Updater; C:\Windows\cc\WinCtlSvc.exe [7022192 2018-02-16] (Salfeld Computer) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-01-18] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [416560 2018-08-21] (AO Kaspersky Lab)
S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
R2 SCC-Dienst; C:\Windows\cc\ctlsysmgr.exe [6626464 2018-08-21] (Salfeld Computer)
S2 sfrem01; C:\Windows\system32\sfrem01.exe [601208 2006-07-05] (Protection Technology (StarForce))
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [Datei ist nicht signiert]
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-02-13] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2016-04-26] (AVM Berlin)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [836288 2018-05-27] (EasyAntiCheat Oy)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72904 2017-12-27] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122056 2018-02-02] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [87752 2018-07-20] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [219328 2018-08-21] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1193160 2018-08-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1127104 2018-08-21] (AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [58056 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [161592 2018-07-20] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-08-24] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-08-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-24] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94328 2018-08-24] (Malwarebytes)
R1 netfltcc; C:\Windows\System32\drivers\netfltcc.sys [64680 2017-11-25] (Windows (R) Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce))
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 cpuz134; \??\C:\Users\Arhelger\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-24 05:53 - 2018-08-24 05:53 - 000000558 _____ C:\Users\Arhelger\Downloads\Bericht Kaspersky.txt
2018-08-22 20:38 - 2018-08-22 20:38 - 000003288 ____N C:\bootsqm.dat
2018-08-22 20:15 - 2018-08-22 20:21 - 000129528 _____ C:\Users\Arhelger\Desktop\Fixlog.txt
2018-08-22 19:55 - 2018-08-24 05:55 - 000000000 ____D C:\Users\Arhelger\Desktop\FRST-OlderVersion
2018-08-22 19:34 - 2018-08-22 19:34 - 000030060 _____ C:\Users\Arhelger\Desktop\SpyHunterCleaner.bat
2018-08-22 12:47 - 2018-08-22 20:52 - 000067426 _____ C:\Users\Arhelger\Desktop\Addition.txt
2018-08-22 12:42 - 2018-08-24 05:58 - 000039086 _____ C:\Users\Arhelger\Desktop\FRST.txt
2018-08-22 12:42 - 2018-08-24 05:56 - 000000000 ____D C:\FRST
2018-08-22 12:41 - 2018-08-24 05:55 - 002413056 _____ (Farbar) C:\Users\Arhelger\Desktop\FRST64.exe
2018-08-22 06:33 - 2018-08-22 06:35 - 007417040 _____ (Malwarebytes) C:\Users\Arhelger\Desktop\adwcleaner_7.2.2.exe
2018-08-21 21:05 - 2018-08-21 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2018-08-21 21:04 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2018-08-21 21:03 - 2018-08-21 21:03 - 001193160 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 001127104 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 000219328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2018-08-21 21:03 - 2018-08-21 21:03 - 000152360 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2018-08-21 21:00 - 2018-08-21 21:00 - 002509880 _____ (Kaspersky Lab) C:\Users\Arhelger\Downloads\kis19.0.0.1088de_14081.exe
2018-08-21 20:36 - 2018-08-21 20:36 - 008896960 _____ C:\Users\Arhelger\Downloads\kpm.exe
2018-08-21 20:25 - 2018-08-21 20:27 - 000484760 _____ C:\Windows\Minidump\082118-50669-01.dmp
2018-08-21 15:21 - 2018-08-21 15:32 - 579815424 _____ C:\Users\Arhelger\Downloads\krd (1).iso
2018-08-21 15:17 - 2018-08-21 15:19 - 147283752 _____ (Kaspersky Lab ZAO) C:\Users\Arhelger\Downloads\KVRT.exe
2018-08-21 14:19 - 2018-08-21 14:19 - 000380928 _____ C:\Users\Arhelger\Downloads\rb3crkqy.exe
2018-08-21 14:11 - 2018-08-21 14:14 - 579815424 _____ C:\Users\Arhelger\Downloads\krd.iso
2018-08-21 06:39 - 2018-08-21 06:39 - 000002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-21 05:46 - 2018-08-21 06:01 - 000073318 _____ C:\Windows\ntbtlog.txt
2018-08-21 05:16 - 2018-08-21 13:17 - 000455344 _____ (Microsoft Corporation) C:\msvcp120.dll
2018-08-21 05:16 - 2018-08-21 13:17 - 000000057 _____ C:\dllme.txt
2018-08-20 13:21 - 2018-08-24 05:48 - 000094328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-08-20 13:21 - 2018-08-24 05:46 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-20 13:21 - 2018-08-24 05:46 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-08-20 13:21 - 2018-08-24 05:46 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-08-20 13:20 - 2018-08-20 13:20 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-20 13:20 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-08-20 12:53 - 2018-08-20 12:54 - 000000000 ____D C:\KVRT_Data
2018-08-20 12:47 - 2018-08-20 12:52 - 000002604 _____ C:\XoristDecryptor.2.5.3.4_20.08.2018_12.47.54_log.txt
2018-08-18 22:08 - 2018-08-18 22:13 - 000010330 _____ C:\Users\Arhelger\Documents\Toreliste.xlsx
2018-08-16 05:36 - 2018-08-16 05:36 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-16 05:36 - 2018-08-16 05:36 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-16 05:36 - 2018-08-16 05:36 - 000004378 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-15 18:37 - 2018-08-15 18:48 - 000009821 _____ C:\Users\Arhelger\Documents\Waschliste.xlsx
2018-08-05 19:16 - 2018-08-05 19:16 - 000291784 _____ C:\Windows\Minidump\080518-57829-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-08-24 05:58 - 2017-07-26 05:35 - 000000334 __RSH C:\Users\Arhelger\ntuser.pol
2018-08-24 05:58 - 2012-02-07 07:28 - 000000000 ____D C:\Users\Arhelger
2018-08-24 05:52 - 2012-02-09 06:43 - 000003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{39A51ED7-4797-424D-AF39-0B9550252DFD}
2018-08-24 05:46 - 2014-04-09 06:42 - 000000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-08-24 05:46 - 2012-04-25 13:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-08-24 05:44 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-24 05:40 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\dl
2018-08-23 16:15 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-23 16:15 - 2009-07-14 06:45 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-23 13:44 - 2017-07-25 14:44 - 000000911 _____ C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job
2018-08-22 20:17 - 2013-07-04 06:50 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Temp
2018-08-21 21:06 - 2016-09-19 08:04 - 000000000 ____D C:\Program Files\Common Files\AV
2018-08-21 21:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-21 21:04 - 2016-09-19 07:57 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-08-21 21:01 - 2018-06-06 05:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-08-21 20:25 - 2012-05-17 07:21 - 000000000 ____D C:\Windows\Minidump
2018-08-21 20:24 - 2018-07-10 20:11 - 1557671786 _____ C:\Windows\MEMORY.DMP
2018-08-21 13:18 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sabrina
2018-08-21 12:53 - 2014-09-15 12:27 - 000000000 ____D C:\AdwCleaner
2018-08-21 07:03 - 2012-02-08 06:23 - 000000000 ____D C:\Users\Arhelger\Sven
2018-08-21 06:39 - 2012-02-07 07:31 - 000000000 ____D C:\Users\Arhelger\AppData\Local\Google
2018-08-21 06:38 - 2012-02-07 07:22 - 000000000 ____D C:\Program Files (x86)\Google
2018-08-20 14:29 - 2017-04-07 06:42 - 000000000 ____D C:\Windows\cc
2018-08-18 21:52 - 2015-04-30 06:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-18 16:51 - 2012-11-05 09:37 - 000058051 _____ C:\Users\Arhelger\Documents\Wanderwege Dietzhölztal - Eschenburg.xlsx
2018-08-18 16:29 - 2017-05-12 18:14 - 000000000 ____D C:\Users\Arhelger\AppData\LocalLow\Mozilla
2018-08-18 16:29 - 2016-11-27 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-08-18 16:29 - 2015-04-30 06:04 - 000001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2018-08-18 16:29 - 2014-03-25 09:07 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Thunderbird
2018-08-18 16:29 - 2014-02-04 09:04 - 000000000 ____D C:\Users\Arhelger\AppData\Roaming\Mozilla
2018-08-16 06:12 - 2012-02-08 07:22 - 000000000 ____D C:\Users\Arhelger\Documents\WISO Mein Geld
2018-08-16 06:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-08-16 05:36 - 2018-05-21 15:14 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-08-16 05:36 - 2011-10-14 14:15 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-16 05:36 - 2011-07-18 23:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-15 05:15 - 2015-06-26 05:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-07 05:45 - 2011-05-16 16:04 - 000699884 _____ C:\Windows\system32\perfh007.dat
2018-08-07 05:45 - 2011-05-16 16:04 - 000149766 _____ C:\Windows\system32\perfc007.dat
2018-08-07 05:45 - 2009-07-14 07:13 - 001622300 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-01 20:07 - 2012-02-08 07:17 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-23 06:21 - 2015-04-23 06:21 - 004218880 _____ (Piriform Ltd) C:\Program Files (x86)\ccsetup504_slim.exe
2015-04-06 10:47 - 2015-04-06 10:47 - 000000132 _____ () C:\Users\Arhelger\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2015-01-15 08:53 - 2015-01-15 08:53 - 000001456 _____ () C:\Users\Arhelger\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2016-07-16 15:12 - 2016-07-16 15:12 - 000009728 _____ () C:\Users\Arhelger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-20 14:40 - 2015-04-20 14:40 - 000000000 ___SH () C:\Users\Arhelger\AppData\Local\LumaEmu
2013-10-18 03:23 - 2013-10-18 03:23 - 000007605 _____ () C:\Users\Arhelger\AppData\Local\Resmon.ResmonCfg
2012-02-07 09:12 - 2012-02-07 09:12 - 000017408 _____ () C:\Users\Arhelger\AppData\Local\WebpageIcons.db

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-08-16 17:16

==================== Ende von FRST.txt ============================

Logdatei Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23.08.2018
durchgeführt von Arhelger (24-08-2018 05:59:18)
Gestartet von C:\Users\Arhelger\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-07 05:28:37)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2519664068-3109547711-38441924-500 - Administrator - Disabled)
Arhelger (S-1-5-21-2519664068-3109547711-38441924-1001 - Administrator - Enabled) => C:\Users\Arhelger
Gast (S-1-5-21-2519664068-3109547711-38441924-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2519664068-3109547711-38441924-1026 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (HKLM\...\{66CF1DF9-1715-4325-89BC-76B1CA2EE3BE}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Ahnenblatt 2.98 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.98.1.1 - Dirk Böttcher)
AMD Catalyst Install Manager (HKLM\...\{0348F1C7-2092-A05D-DC67-8ECA9EA72C20}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Apowersoft Online Launcher Version 1.4.6 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{D2DCF339-7EBC-4D88-B515-A504297796EA}) (Version: 3.6.0 - Kovid Goyal)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (HKLM-x32\...\{D0BEB150-2046-4F94-AE7B-EA76772592F6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (HKLM-x32\...\{4433CEC6-DA32-4D7B-BA95-B47C68498287}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (HKLM-x32\...\{2F14F550-0FFC-4285-B673-880744D428A3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (HKLM-x32\...\{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (HKLM-x32\...\{85E8F38F-0303-401E-A518-0302DF88EB07}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (HKLM-x32\...\{FA6AF809-9A80-423A-A57A-C7D726A04E4C}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (HKLM-x32\...\{E7BE4D1A-B529-448B-8407-889705B65185}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (HKLM-x32\...\{E4BE9367-168B-4B30-B198-EE37C99FB147}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (HKLM-x32\...\{D7E60152-6C65-4982-8840-B6D28BF881BD}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (HKLM-x32\...\{666D7CED-12E0-4BA3-B594-5681961E7B02}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (HKLM-x32\...\{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (HKLM-x32\...\{89BA6E81-B60A-49BC-B283-80560A9E60DF}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (HKLM-x32\...\{34809713-7886-4F6A-B9D5-CC74DBC1C77E}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (HKLM-x32\...\{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (HKLM-x32\...\{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (HKLM-x32\...\{834F4E2F-E9DF-4FA9-8499-FF6B91012898}) (Version: 15.3 - Corel Corporation) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER CD-DVD Druckerei 7 (HKLM-x32\...\CD-DVD Druckerei 7_is1) (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Druckerdeinstallation für EPSON XP-540 Series (HKLM\...\EPSON XP-540 Series) (Version:  - Seiko Epson Corporation)
Easy Photo Scan (HKLM-x32\...\{93AEF2AF-86FB-42AD-8392-5DAEC0638B1A}) (Version: 1.00.0012 - Seiko Epson Corporation)
EG*Headlight 1 e-Workbook (HKLM-x32\...\{94D858E3-1BE9-4D81-94A4-FF1695F61CAB}) (Version: 1.0.7.0 - Cornelsen Verlag)
Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Ihr Firmenname) Hidden
Epic Games Launcher (HKLM-x32\...\{AF7881ED-41D7-4ECA-8C7C-AE10DFA0E489}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{29F4F2C2-CB73-418D-BA99-7BB5ECD9F7BF}) (Version: 4.4.6 - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FRITZ!Powerline (HKLM-x32\...\{EB579783-79C4-461A-9493-B9F19EAA23B2}) (Version: 01.02.00 - AVM GmbH)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpg4000 (HKLM-x32\...\{2814D1CB-7038-4EE4-8421-9C18FD571014}) (Version: 13.0.0.0 - Ihr Firmenname) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kindersicherung 2017 (HKLM-x32\...\Salfeld-Kindersicherung_is1) (Version:  - )
Landwirtschafts Simulator 2011 (HKLM-x32\...\FarmingSimulator2011_PLATINUMDE_is1) (Version: 1.0 - GIANTS Software)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
MAGIX Foto Manager 10 (HKLM-x32\...\{5F2380C8-5443-40E4-8FD5-DE0AEC16B4BC}) (Version: 8.0.1.136 - MAGIX AG) Hidden
MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG)
MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\{340912AA-1A68-4D7F-9604-E3520FF69B98}) (Version: 10.5.0.12 - MAGIX AG) Hidden
MAGIX Fotos auf CD & DVD 10 Deluxe (Sonderedition) (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx_SE) (Version: 10.5.0.12 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\{A6338038-539C-3896-C692-1D33BBB01D46}) (Version: 1.1.0 - myphotobook GmbH) Hidden
MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH)
MAGIX Screenshare (HKLM-x32\...\{129D4434-B9AB-4C09-BCE1-110E6C8E10E9}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B69F7303-DD59-4F32-B477-F8F78D7A9937}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 2014 (HKLM\...\{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{146DFB48-B585-48B9-A407-16DD6F686550}) (Version: 13.0.2.8 - MAGIX AG)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5041.1001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
Mozilla Thunderbird 60.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 60.0 (x86 de)) (Version: 60.0 - Mozilla)
Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{45FF54A4-ECD4-455D-89A2-D209737AD726}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{125D677D-7C65-4660-8E1C-68EF9F32F291}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PRE11 STI 64Installer (HKLM-x32\...\{B614E5FA-6DA4-45A1-845C-52F870240A89}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\.DEFAULT\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-2519664068-3109547711-38441924-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory) Hidden
SILKYPIX Developer Studio 4.1 SE (HKLM-x32\...\InstallShield_{7FA26D45-84D8-49EB-80BE-B7AD0A0C4497}) (Version: 4 - Ichikawa Soft Laboratory)
Sinner Kochbuch-CD (HKLM-x32\...\Sinner Kochbuch-CD) (Version: 1.0 - Computerstudio Lemmer & Ernst GmbH)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sounds für Video- und Foto Shows DELUXE (HKLM-x32\...\Sounds für Video- und Foto Shows DELUXE) (Version:  - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Versandhelfer (HKLM-x32\...\{7189F66A-1560-1573-05C9-DE53613AEA1A}) (Version: 0.9.511 - Deutsche Post AG) Hidden
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionpc.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WISO Mein Geld 365 Professional (HKLM-x32\...\{36C0BA39-2207-4146-BD4E-3146DF7B9147}) (Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden
WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version:  - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{E2049356-A0DB-404A-A8FA-521981BE9736}) (Version: 24.00.1375 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{2827FF45-D53F-4E56-B4A7-AB71F58A3945}) (Version: 25.00.1359 - Buhl Data Service GmbH)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arhelger\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-2519664068-3109547711-38441924-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arhelger\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-08-26] (Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-15] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-08-21] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {27A9B751-54B1-4C34-80FD-671C0D15FDD5} - System32\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {33FBFA83-E6EA-43C5-9C4F-C9BE0F7F4440} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {3975816E-C543-4A8E-97CB-45685403F54C} - System32\Tasks\{6A91FDCB-94AF-4D97-9C80-E46395E39257} => C:\Windows\system32\pcalua.exe -a "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster\12400-annihilator-v09.exe" -d "C:\Users\Arhelger\Desktop\Beam NG\Car Dragster"
Task: {41867780-87F0-41F4-93CE-27EC26702487} - System32\Tasks\AdobeAAMUpdater-1.0-Arhelger-PC-Arhelger => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {69960CA3-BF20-46D1-A185-697EB5E88195} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {C41E458A-066F-4949-988C-ADA1DFB53FC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C4F77D83-E9BE-4623-93C1-1EA03A7BA6B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DAF4BB1B-2E9A-4774-9840-7DD25D2DC585} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {E0A9F752-14E5-4F98-B6D1-AD7F21DDA114} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-16] (Adobe Systems Incorporated)
Task: {E5105AE2-05D1-4016-BFCB-CF159E6BD14C} - System32\Tasks\{B0FE20F0-FF1A-43F8-A424-FE83AB4A359E} => C:\Program Files (x86)\epson\Epson Scan 2\Core\es2launcher.exe [2016-12-13] (Seiko Epson Corporation)
Task: {F0560587-8336-4E42-BB5D-640F637F5D6D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-08-16] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\EPSON XP-540 Series Update {43713E83-749E-4B66-AFC6-AA2EF8550266}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRIE.EXE:/EXE:{43713E83-749E-4B66-AFC6-AA2EF8550266} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e9d7ba33b467ddc1\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8" --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\Jannik - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eafae96818e1883\Google Mail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Sven - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Arhelger\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Louis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-04-14 06:59 - 2006-02-23 11:35 - 000020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2014-04-14 06:59 - 2006-02-22 10:39 - 000020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-09-15 22:44 - 2011-09-15 22:44 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-10-09 09:30 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-10-07 12:23 - 2011-10-07 12:23 - 000070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2012-02-07 07:22 - 2012-02-07 07:22 - 000058880 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.7.0.12__f722db7bec59a14b\Tvd.Remote.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000032768 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\2.7.0.12__f722db7bec59a14b\Tvd.Tools.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.7.0.12__f722db7bec59a14b\Tvd.Reporting.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000152576 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.7.0.12__f722db7bec59a14b\Tvd.Aprico.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000029696 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Config\2.7.0.12__f722db7bec59a14b\Tvd.Config.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 000112640 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\ApricoIJW.dll
2012-02-07 07:22 - 2012-02-07 07:22 - 006936576 _____ () C:\Windows\assembly\GAC_64\ApricoIJW\2.7.0.0__f722db7bec59a14b\axelspringer.dll
2011-09-15 22:44 - 2011-09-15 22:44 - 000103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-09-15 23:00 - 2011-09-15 23:00 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2018-08-20 13:20 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-20 13:20 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-07 06:42 - 2016-04-13 13:18 - 000178968 _____ () C:\ProgramData\Software\CC\sse.dll
2017-04-07 06:55 - 2017-11-25 14:40 - 000131072 _____ () C:\ProgramData\NFS\nfccapi.dll
2017-04-07 06:55 - 2017-11-25 14:40 - 000376832 _____ () C:\ProgramData\NFS\protflt.dll
2017-04-07 06:42 - 2016-10-31 14:08 - 000249456 _____ () C:\ProgramData\Software\CC\v2\wdrvhook.dll
2018-08-21 21:04 - 2018-08-21 21:04 - 000864112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Public\AppData:CSM [232]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2519664068-3109547711-38441924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arhelger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2519664068-3109547711-38441924-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054847446\Control Panel\Desktop\\Wallpaper -> C:\Users\Arhelger\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2519664068-3109547711-38441924-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2519664068-3109547711-38441924-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08242018054854389\Control Panel\Desktop\\Wallpaper -> C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{5D361A38-5498-4331-B111-132C538EC5B9}] => (Allow) E:\fsetup.exe
FirewallRules: [{A00308AE-8E41-48B4-A796-05F7A7EC7482}] => (Allow) E:\fsetup.exe
FirewallRules: [{CE46EE81-7714-42C7-8041-69C83EA8436F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{765D66BE-F09F-4923-A789-38D494A6121A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{DFE9DC56-7B3D-4AAC-B46A-52D0B8A9AF61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{63F90E36-F39A-495D-A93A-C5A52DD66F78}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{FC1FA289-2AA2-4D6F-8F1E-0519695C58F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{B5090DE8-9AF7-49CF-9BC6-822239F6B4D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{7D7A3876-BD96-47E2-87A1-B40AEF6D0FB8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F97EAD12-3756-4A61-A1F5-E03A9F45DD25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B44A455B-4183-466D-A13C-4E3AB9CB91CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{4B0C2595-2171-435C-BCC2-62C5DF32776D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5E4AE683-1F68-4FA4-A7F3-F5BDE57F653F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{16B70705-EC2B-4A58-8BDC-21B71DBBEF90}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{36FC00FA-A056-40DC-8E6F-2F5157443BA8}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{64842565-BBC4-4E8B-A5E4-A528247576F0}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{9EE153AF-E7BD-41D5-9FD9-1EA4C886D48C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe
FirewallRules: [{16C08C33-DD75-4EAD-86FE-A6AC7F47B91A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe
FirewallRules: [{518C6F44-A86C-4DA1-9C2E-DA80D1E33C86}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe
FirewallRules: [{D27684F6-43EC-416A-AA16-617A3C6FC155}] => (Allow) C:\Program Files (x86)\FRITZ!\fboxset.exe
FirewallRules: [{7EA9C506-8B8F-4FA3-899C-7B53B73652D7}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{D4F457AE-F913-44AD-B940-08685D9388AB}] => (Allow) C:\Program Files (x86)\FRITZ!\igd_finder.exe
FirewallRules: [{3A0307A1-6B13-4CF0-BFFE-39FEE3331263}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1032E88E-BCBA-4B4D-BAA4-BE28ED64843D}] => (Allow) LPort=2869
FirewallRules: [{58FBDCE0-332E-4594-8624-478516053E1F}] => (Allow) LPort=1900
FirewallRules: [{417C6553-2C5E-4570-812F-E8969030A2E2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BD892735-C166-45B0-806E-20961954A31B}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe
FirewallRules: [{ACBA402D-1CE4-42C4-8C4B-A2895D305F5F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apps\2.0\23B79H7C.0JA\DR2Q2B9R.ZDZ\frit..tion_b5355c80db433451_0002.0003_6ff5e44d5e38db65\fritzbox-usb-fernanschluss.exe
FirewallRules: [{9C39DC11-AF1E-4875-8125-B9531BB85880}] => (Allow) LPort=8743
FirewallRules: [{A956D535-DF15-498C-909B-10A0527A61B0}] => (Allow) LPort=8643
FirewallRules: [{20CBC063-52F8-4F25-90DB-8EF17FE8F5D5}] => (Allow) LPort=7676
FirewallRules: [{29A60709-655D-40F7-8A78-E3375B7F2FA8}] => (Allow) LPort=7679
FirewallRules: [{96144A4C-86AC-473F-8F51-7FE4CF1E1350}] => (Allow) LPort=24234
FirewallRules: [{5CD6ACFA-6713-4F62-B336-36C2AED59855}] => (Allow) LPort=7900
FirewallRules: [{2CCB2DBC-F498-417F-A996-B3ED6D58D53B}] => (Allow) LPort=1900
FirewallRules: [{47FF4180-27FE-4A39-9C9D-71697001C15E}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{F49484E6-540A-42F6-8FC8-7D9C916003ED}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{02474A9C-02D2-4DA8-B3DA-00DA33909D4D}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe
FirewallRules: [{52B440E1-C299-4448-AA20-D31560AD999F}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe
FirewallRules: [{18DD90AA-0FAB-48FD-92BE-B6B59BC6F2F6}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{98C608F0-EF9F-43CF-9762-1CC95025E450}] => (Allow) C:\Users\Arhelger\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [TCP Query User{ACB93035-9656-42CF-81D6-4CABF9077D0F}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [UDP Query User{0E59C1ED-2482-4C3F-AFA5-8C7BD65B3B47}C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [{A870AFC8-A03C-4D46-A553-14FF7207E1AB}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [{B33558FD-473A-49EB-BC63-F6149C275D5E}] => (Block) C:\users\arhelger\sabrina\fritzbox\neu\fritz.box_7490.06.60.recover-image.exe
FirewallRules: [TCP Query User{E52A09B1-7344-4E4B-A3F2-D203296262D1}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [UDP Query User{54F8861F-374D-4D90-8FAE-82061F8A4AE0}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [TCP Query User{DF63CED5-6898-4B8A-B135-FFE85EB22B82}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [UDP Query User{C1981E0B-04CF-498E-8AAA-F4C64BF8689F}C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe] => (Allow) C:\users\arhelger\sabrina\fritzbox\neu\powerline\fritz.powerline_546e.06.50.recover-image.exe
FirewallRules: [{45AD1EAE-E04A-464E-AF72-58D0B56B602B}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{F0AD9EB0-A809-49C8-BDAB-C14A9211EE2C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{CD173555-A1AF-47D4-9121-89397355486C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{DE6FA034-B2F9-4186-87C7-E4E4AE83839D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{760E7544-CC9D-4960-A00E-CF8C3A481CE8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

22-08-2018 13:34:27 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/24/2018 05:50:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce85b
ID des fehlerhaften Prozesses: 0x1ba0
Startzeit der fehlerhaften Anwendung: 0x01d43b5d88610ddf
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: c8b911cf-a750-11e8-93f0-e0b9a5d47ad7

Error: (08/24/2018 05:45:08 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/23/2018 12:50:16 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/23/2018 12:38:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce85b
ID des fehlerhaften Prozesses: 0x1ea0
Startzeit der fehlerhaften Anwendung: 0x01d43acd7799a6f5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: b684b998-a6c0-11e8-a1bd-e0b9a5d47ad7

Error: (08/23/2018 12:33:56 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/23/2018 05:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.3.8, Zeitstempel: 0x4cd2c1c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23915, Zeitstempel: 0x59b94a16
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce85b
ID des fehlerhaften Prozesses: 0x1070
Startzeit der fehlerhaften Anwendung: 0x01d43a92926aca26
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DATA BECKER Shared\DATA BECKER Update Service.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: e58f24fc-a685-11e8-9e63-e0b9a5d47ad7

Error: (08/23/2018 05:32:34 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (08/22/2018 08:39:14 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)


Systemfehler:
=============
Error: (08/24/2018 05:50:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (08/24/2018 05:46:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sfdrv01a
sfsync04

Error: (08/24/2018 05:46:06 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: Arhelger-PC)
Description: Fehler bei der Verarbeitung der Gruppenrichtlinie. Es wurde versucht, registrierungsbasierte Richtlinieneinstellungen für das Gruppenrichtlinienobjekt "LocalGPO-S-1-5-21-2519664068-3109547711-38441924-1001" zu lesen. Die Gruppenrichtlinieneinstellungen dürfen nicht erzwungen werden, bis dieses Ereignis behoben ist. Weitere Informationen über den Dateinamen und -pfad, der den Fehler verursacht hat, können den Ereignisdetails entnommen werden.

Error: (08/24/2018 05:45:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM FRITZ!Powerline Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/24/2018 05:45:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AVM FRITZ!Powerline Service erreicht.

Error: (08/24/2018 05:43:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde nicht richtig gestartet.

Error: (08/24/2018 05:43:40 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Automatische Konfiguration (verkabelt)" wurde nicht richtig gestartet.

Error: (08/24/2018 05:43:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioEndpointBuilder erreicht.


CodeIntegrity:
===================================

Date: 2015-02-12 06:03:46.313
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 06:03:46.250
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 05:51:58.542
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 05:51:58.480
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:13:06.691
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:13:06.676
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:11:24.261
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-12 18:11:24.246
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Speicherinformationen =========================== 

Prozessor: AMD A8-3820 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3576.13 MB
Verfügbarer physikalischer RAM: 1071.23 MB
Summe virtueller Speicher: 7150.45 MB
Verfügbarer virtueller Speicher: 4195.21 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:409.76 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:48.77 GB) NTFS

\\?\Volume{bc107e45-5195-11e1-bc72-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende von Addition.txt ============================

Gruß Sabrin@

M-K-D-B · 24.08.2018, 19:47

Servus,

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Sabrin@ · 24.08.2018, 20:07

Hallo,
hier das Ergebnis von TDSSKiller:

Code:

ATTFilter

21:02:12.0531 0x23f0  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
21:02:30.0884 0x23f0  ============================================================
21:02:30.0884 0x23f0  Current date / time: 2018/08/24 21:02:30.0884
21:02:30.0884 0x23f0  SystemInfo:
21:02:30.0884 0x23f0  
21:02:30.0884 0x23f0  OS Version: 6.1.7601 ServicePack: 1.0
21:02:30.0884 0x23f0  Product type: Workstation
21:02:30.0900 0x23f0  ComputerName: ARHELGER-PC
21:02:30.0900 0x23f0  UserName: Arhelger
21:02:30.0900 0x23f0  Windows directory: C:\Windows
21:02:30.0900 0x23f0  System windows directory: C:\Windows
21:02:30.0900 0x23f0  Running under WOW64
21:02:30.0900 0x23f0  Processor architecture: Intel x64
21:02:30.0900 0x23f0  Number of processors: 4
21:02:30.0900 0x23f0  Page size: 0x1000
21:02:30.0900 0x23f0  Boot type: Normal boot
21:02:30.0900 0x23f0  CodeIntegrityOptions = 0x00000001
21:02:30.0900 0x23f0  ============================================================
21:02:36.0969 0x23f0  KLMD registered as C:\Windows\system32\drivers\22701369.sys
21:02:36.0969 0x23f0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23915, osProperties = 0x1
21:02:39.0169 0x23f0  System UUID: {8F458E77-B195-5AC9-FDBC-9D9E21085F9A}
21:02:40.0183 0x23f0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
21:02:40.0230 0x23f0  ============================================================
21:02:40.0230 0x23f0  \Device\Harddisk0\DR0:
21:02:40.0261 0x23f0  MBR partitions:
21:02:40.0261 0x23f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:02:40.0261 0x23f0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6E0D3800
21:02:40.0261 0x23f0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6E106000, BlocksNum 0x6400000
21:02:40.0261 0x23f0  ============================================================
21:02:40.0354 0x23f0  C: <-> \Device\Harddisk0\DR0\Partition2
21:02:40.0432 0x23f0  D: <-> \Device\Harddisk0\DR0\Partition3
21:02:40.0432 0x23f0  ============================================================
21:02:40.0432 0x23f0  Initialize success
21:02:40.0432 0x23f0  ============================================================
21:04:06.0226 0x23a4  ============================================================
21:04:06.0226 0x23a4  Scan started
21:04:06.0226 0x23a4  Mode: Manual; SigCheck; TDLFS; 
21:04:06.0226 0x23a4  ============================================================
21:04:06.0226 0x23a4  KSN ping started
21:04:27.0269 0x23a4  KSN ping finished: true
21:04:31.0013 0x23a4  ================ Scan system memory ========================
21:04:31.0013 0x23a4  System memory - ok
21:04:31.0013 0x23a4  ================ Scan services =============================
21:04:31.0153 0x23a4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:04:31.0278 0x23a4  1394ohci - ok
21:04:31.0356 0x23a4  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
21:04:31.0418 0x23a4  acedrv11 - ok
21:04:31.0434 0x23a4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:04:31.0465 0x23a4  ACPI - ok
21:04:31.0496 0x23a4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:04:31.0559 0x23a4  AcpiPmi - ok
21:04:31.0777 0x23a4  [ BF3818B441955E4D438EC72F06F1FE61, 091A80D6A8887B4B5AFF8D12CB5A96AF4A04B125C13BED815B3A776778CD3190 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
21:04:31.0793 0x23a4  AdobeActiveFileMonitor11.0 - ok
21:04:31.0871 0x23a4  [ AE86FE2A70C377C0F1AD5B20E66F4C2F, EE5BABAA9AFF720DE6599A4F33A44A01D291F642F1FFBD428E273CB06CEABE50 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:04:31.0918 0x23a4  AdobeARMservice - ok
21:04:32.0042 0x23a4  [ 0D826CA15244F7916FADC73B4A3BF52F, 490BF7633D37D3DADDF5E00F53C3FB382DDD4437A0F40D5EFDDF87474BDA200E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:04:32.0089 0x23a4  AdobeFlashPlayerUpdateSvc - ok
21:04:32.0136 0x23a4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:04:32.0167 0x23a4  adp94xx - ok
21:04:32.0214 0x23a4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:04:32.0230 0x23a4  adpahci - ok
21:04:32.0261 0x23a4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:04:32.0276 0x23a4  adpu320 - ok
21:04:32.0354 0x23a4  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:04:32.0386 0x23a4  AeLookupSvc - ok
21:04:32.0464 0x23a4  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD             C:\Windows\system32\drivers\afd.sys
21:04:32.0526 0x23a4  AFD - ok
21:04:32.0573 0x23a4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:04:32.0588 0x23a4  agp440 - ok
21:04:32.0620 0x23a4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:04:32.0651 0x23a4  ALG - ok
21:04:32.0682 0x23a4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:04:32.0698 0x23a4  aliide - ok
21:04:32.0776 0x23a4  [ 3349F39F53993CEE03A6EDCC1F7B8242, 6B87590C9FF76F2252E99F554C7C3B813E3F1D2003EA7CE1D6A8B2F33932A161 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:04:32.0822 0x23a4  AMD External Events Utility - ok
21:04:32.0900 0x23a4  AMD FUEL Service - ok
21:04:32.0932 0x23a4  [ F1A84D67A03F7536EBDA9DB426EF0E00, 616F34041CA837706B0EC566C75AB28C9426998E049CE8EE8E628880422F3ABB ] amdhub30        C:\Windows\system32\drivers\amdhub30.sys
21:04:32.0947 0x23a4  amdhub30 - ok
21:04:32.0963 0x23a4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:04:32.0978 0x23a4  amdide - ok
21:04:33.0025 0x23a4  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\drivers\amdiox64.sys
21:04:33.0041 0x23a4  amdiox64 - ok
21:04:33.0072 0x23a4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:04:33.0088 0x23a4  AmdK8 - ok
21:04:33.0478 0x23a4  [ 579B3E8C7B599815A4E615FD21E651F0, BD0E9DACC8E22BB4FB2527FAD807271E29AC1F8CC23B21902F6F380D8CDC1A88 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:04:33.0852 0x23a4  amdkmdag - ok
21:04:34.0070 0x23a4  [ 77E54953A21E9E7CC316006E3DBAA7B9, D6D9CCD7D1932FBBAE1E23B37A87F8B430F7A000FC8F5C389B00EFDD78064C3F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:04:34.0133 0x23a4  amdkmdap - ok
21:04:34.0180 0x23a4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:04:34.0196 0x23a4  AmdPPM - ok
21:04:34.0243 0x23a4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:04:34.0259 0x23a4  amdsata - ok
21:04:34.0290 0x23a4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:04:34.0305 0x23a4  amdsbs - ok
21:04:34.0321 0x23a4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:04:34.0337 0x23a4  amdxata - ok
21:04:34.0399 0x23a4  [ D8C25FF90E2E8FC7CBE26E2203EC4757, D1F52DEE2A799E526818A683BCB0DA5B5A3A0B119334D5988888E319719C4943 ] amdxhc          C:\Windows\system32\drivers\amdxhc.sys
21:04:34.0415 0x23a4  amdxhc - ok
21:04:34.0430 0x23a4  [ BB4FE7889DB9CBBE61A308E99697F53C, 0B6B301EC8C2B9CBDBAEEBC54E3D3E6FE6A3A51F71E75FFE71AE30ADF8FC5E23 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
21:04:34.0446 0x23a4  amd_sata - ok
21:04:34.0539 0x23a4  [ 5631CBA53F1CBEA3F9E88348E6723391, 5F20FF4F651733A097990DDC3748CD00F3310B0B55BC975FA3654CDA740E0A3D ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
21:04:34.0555 0x23a4  amd_xata - ok
21:04:34.0602 0x23a4  [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
21:04:34.0617 0x23a4  Apowersoft_AudioDevice - ok
21:04:34.0680 0x23a4  [ C16B5B379A2A79702CC5FF923EAAE3FD, FD6A1E3C46282CF77AFA9FB4B4ACE2DB6295DFB0C69EA07BE7160538041CDB2F ] AppID           C:\Windows\system32\drivers\appid.sys
21:04:34.0758 0x23a4  AppID - ok
21:04:34.0773 0x23a4  [ 5152D6B29C61EF59537DBDA92BFE2978, 6D426A0FEE016A8899ADE864DD84BE019C5B5DB7E1DB295ED720239877FCB3EF ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:04:34.0805 0x23a4  AppIDSvc - ok
21:04:34.0851 0x23a4  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
21:04:34.0883 0x23a4  Appinfo - ok
21:04:34.0914 0x23a4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:04:34.0929 0x23a4  arc - ok
21:04:34.0961 0x23a4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:04:34.0976 0x23a4  arcsas - ok
21:04:35.0132 0x23a4  [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:04:35.0226 0x23a4  aspnet_state - ok
21:04:35.0304 0x23a4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:04:35.0335 0x23a4  AsyncMac - ok
21:04:35.0366 0x23a4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:04:35.0382 0x23a4  atapi - ok
21:04:35.0444 0x23a4  [ EE672EACF3CBEDAB390E0655BF5A11AB, DFAFB55584CED9ECF499067D113F81BE51D492627FD36784C4BED06AE0BECC52 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:04:35.0460 0x23a4  AtiHDAudioService - ok
21:04:35.0569 0x23a4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:04:35.0616 0x23a4  AudioEndpointBuilder - ok
21:04:35.0647 0x23a4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:04:35.0678 0x23a4  AudioSrv - ok
21:04:35.0865 0x23a4  [ BD39D7CFD9D6A73396B618113A8E8D57, E78FC40AE8107F9E65D484332B1AB3FE3BB21BE0D723B31EE869CA82D678CBE1 ] avmaudio        C:\Windows\system32\DRIVERS\avmaudio.sys
21:04:36.0021 0x23a4  avmaudio - ok
21:04:36.0068 0x23a4  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura         C:\Windows\system32\DRIVERS\avmaura.sys
21:04:36.0131 0x23a4  avmaura - ok
21:04:36.0177 0x23a4  [ 3004DC0D3A30F86D440681DC043F36AA, A3DBBBAEF94C44B316F6D96E55892DF88EA4A36F589CC1DC1CD254BC5DAF281C ] AVMPowerlineService C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
21:04:36.0209 0x23a4  AVMPowerlineService - detected UnsignedFile.Multi.Generic ( 1 )
21:04:37.0815 0x23a4  Detect skipped due to KSN trusted
21:04:37.0815 0x23a4  AVMPowerlineService - ok
21:04:37.0925 0x23a4  [ E5D432E9BCEB5CB71B71258F1046DD67, D570C986831DD9CF77C8A6B120F6D527FEA9C3D6A3B304E3EA986F7A83CB1D3C ] AVP19.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
21:04:37.0971 0x23a4  AVP19.0.0 - ok
21:04:38.0018 0x23a4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:04:38.0065 0x23a4  AxInstSV - ok
21:04:38.0112 0x23a4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:04:38.0159 0x23a4  b06bdrv - ok
21:04:38.0190 0x23a4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:04:38.0252 0x23a4  b57nd60a - ok
21:04:38.0283 0x23a4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:04:38.0315 0x23a4  BDESVC - ok
21:04:38.0346 0x23a4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:04:38.0393 0x23a4  Beep - ok
21:04:38.0439 0x23a4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:04:38.0502 0x23a4  BFE - ok
21:04:38.0580 0x23a4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:04:38.0720 0x23a4  BITS - ok
21:04:38.0751 0x23a4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:04:38.0798 0x23a4  blbdrive - ok
21:04:38.0814 0x23a4  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:04:38.0876 0x23a4  bowser - ok
21:04:38.0923 0x23a4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:04:38.0954 0x23a4  BrFiltLo - ok
21:04:38.0985 0x23a4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:04:39.0001 0x23a4  BrFiltUp - ok
21:04:39.0032 0x23a4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:04:39.0048 0x23a4  Browser - ok
21:04:39.0079 0x23a4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:04:39.0141 0x23a4  Brserid - ok
21:04:39.0157 0x23a4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:04:39.0204 0x23a4  BrSerWdm - ok
21:04:39.0219 0x23a4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:04:39.0266 0x23a4  BrUsbMdm - ok
21:04:39.0297 0x23a4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:04:39.0313 0x23a4  BrUsbSer - ok
21:04:39.0375 0x23a4  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
21:04:39.0438 0x23a4  BthEnum - ok
21:04:39.0469 0x23a4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:04:39.0516 0x23a4  BTHMODEM - ok
21:04:39.0563 0x23a4  [ 5A8951D195AFEF979C4AB02A129EBC37, 48FD4A921E51B6DD306A1248EB9A1A6AEC5F59E49528423BF2F40600B3AF1D08 ] BthPan          C:\Windows\system32\drivers\bthpan.sys
21:04:39.0625 0x23a4  BthPan - ok
21:04:39.0656 0x23a4  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:04:39.0703 0x23a4  BTHPORT - ok
21:04:39.0719 0x23a4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:04:39.0781 0x23a4  bthserv - ok
21:04:39.0812 0x23a4  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:04:39.0843 0x23a4  BTHUSB - ok
21:04:40.0639 0x23a4  [ F374694B9FA0FA88C9BBCFB1167E2D70, 13B827DF97679FD9B8D319B10F50E2BA623C1E7D73CE0BFE99C1BE4FD771CE13 ] CC-Updater      C:\Windows\cc\WinCtlSvc.exe
21:04:40.0982 0x23a4  CC-Updater - detected UnsignedFile.Multi.Generic ( 1 )
21:04:42.0607 0x23a4  Detect skipped due to KSN trusted
21:04:42.0607 0x23a4  CC-Updater - ok
21:04:42.0716 0x23a4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:04:42.0856 0x23a4  cdfs - ok
21:04:43.0059 0x23a4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:04:43.0121 0x23a4  cdrom - ok
21:04:43.0153 0x23a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:04:43.0184 0x23a4  CertPropSvc - ok
21:04:43.0246 0x23a4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:04:43.0293 0x23a4  circlass - ok
21:04:43.0355 0x23a4  [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS            C:\Windows\system32\CLFS.sys
21:04:43.0387 0x23a4  CLFS - ok
21:04:43.0652 0x23a4  [ 1C0DD335FE0E3AE4A8244EF6D6BD6347, F02C96B811027107F954FC8259319860BD9CD16601A93899A4BD69E77AADC6FA ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:04:43.0777 0x23a4  ClickToRunSvc - ok
21:04:43.0839 0x23a4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:04:43.0886 0x23a4  clr_optimization_v2.0.50727_32 - ok
21:04:44.0042 0x23a4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:04:44.0073 0x23a4  clr_optimization_v2.0.50727_64 - ok
21:04:44.0198 0x23a4  [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:04:44.0447 0x23a4  clr_optimization_v4.0.30319_32 - ok
21:04:44.0572 0x23a4  [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:04:44.0962 0x23a4  clr_optimization_v4.0.30319_64 - ok
21:04:45.0071 0x23a4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:04:45.0103 0x23a4  CmBatt - ok
21:04:45.0212 0x23a4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:04:45.0243 0x23a4  cmdide - ok
21:04:45.0539 0x23a4  [ A9E736A8187CAE2F6B915F96C774AAB8, DFBCD2ED51BB5F5A9D2B2EC341DE36250A05B5FE094A7219B16E8CE2DCAAF4FE ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
21:04:45.0649 0x23a4  cm_km - ok
21:04:45.0727 0x23a4  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:04:45.0805 0x23a4  CNG - ok
21:04:45.0836 0x23a4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:04:45.0851 0x23a4  Compbatt - ok
21:04:45.0883 0x23a4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:04:45.0914 0x23a4  CompositeBus - ok
21:04:45.0929 0x23a4  COMSysApp - ok
21:04:46.0210 0x23a4  cpuz134 - ok
21:04:46.0319 0x23a4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:04:46.0366 0x23a4  crcdisk - ok
21:04:46.0475 0x23a4  [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:04:46.0507 0x23a4  CryptSvc - ok
21:04:47.0084 0x23a4  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:04:47.0131 0x23a4  cvhsvc - ok
21:04:47.0474 0x23a4  [ BD989CFC6E296373A7EA59514E17A199, 2259B966B8780B08EF6B8E27039C8125D5A751E3C01AB92F20E77F5467B40DEC ] DBService       C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
21:04:47.0614 0x23a4  DBService - detected UnsignedFile.Multi.Generic ( 1 )
21:04:49.0252 0x23a4  Detect skipped due to KSN trusted
21:04:49.0252 0x23a4  DBService - ok
21:04:49.0330 0x23a4  [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:04:49.0393 0x23a4  DcomLaunch - ok
21:04:49.0439 0x23a4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:04:49.0486 0x23a4  defragsvc - ok
21:04:49.0533 0x23a4  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:04:49.0549 0x23a4  DfsC - ok
21:04:49.0611 0x23a4  [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:04:49.0642 0x23a4  dg_ssudbus - ok
21:04:49.0720 0x23a4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:04:49.0751 0x23a4  Dhcp - ok
21:04:49.0892 0x23a4  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:04:49.0985 0x23a4  DiagTrack - ok
21:04:50.0017 0x23a4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:04:50.0065 0x23a4  discache - ok
21:04:50.0112 0x23a4  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
21:04:50.0143 0x23a4  Disk - ok
21:04:50.0190 0x23a4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:04:50.0268 0x23a4  Dnscache - ok
21:04:50.0346 0x23a4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:04:50.0487 0x23a4  dot3svc - ok
21:04:50.0518 0x23a4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:04:50.0549 0x23a4  DPS - ok
21:04:50.0580 0x23a4  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:04:50.0689 0x23a4  drmkaud - ok
21:04:50.0799 0x23a4  [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:04:50.0845 0x23a4  DXGKrnl - ok
21:04:50.0877 0x23a4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:04:50.0939 0x23a4  EapHost - ok
21:04:51.0048 0x23a4  [ 684D2F465DFA098CE7DB76D9084D9AC9, C769C66EA6133C249F126CB9A7EE40332D44753A7D06D6218E4B0EC8F2ADE906 ] EasyAntiCheat   C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
21:04:51.0177 0x23a4  EasyAntiCheat - ok
21:04:51.0317 0x23a4  [ 78AC59B45CFBFCC68DA7D397D6819D03, C423C3A49D8F9BF931C694309AA982A2A554E7F2CEEC44F9AA1C13F98F9D6FBF ] EasyAntiCheatSys C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys
21:04:51.0380 0x23a4  EasyAntiCheatSys - ok
21:04:51.0598 0x23a4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:04:51.0801 0x23a4  ebdrv - ok
21:04:51.0863 0x23a4  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] EFS             C:\Windows\System32\lsass.exe
21:04:51.0895 0x23a4  EFS - ok
21:04:51.0957 0x23a4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:04:52.0051 0x23a4  ehRecvr - ok
21:04:52.0066 0x23a4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:04:52.0129 0x23a4  ehSched - ok
21:04:52.0175 0x23a4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:04:52.0207 0x23a4  elxstor - ok
21:04:52.0269 0x23a4  [ 859DF918E0B44E764D394E940C4717AD, 818E6C4D08FCDCA9B2B90EDE68E093359A03E20F368B4484618FC356700DB125 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
21:04:52.0285 0x23a4  EpsonScanSvc - ok
21:04:52.0378 0x23a4  [ 86032A47AD0105130FE7808C903E2086, ACCCA35483B7E8F9FC72A65031E024C469DF94FCCF2C5CC37C9B3BED4F1C676E ] EPSON_PM_RPCV4_06 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
21:04:52.0394 0x23a4  EPSON_PM_RPCV4_06 - ok
21:04:52.0425 0x23a4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:04:52.0441 0x23a4  ErrDev - ok
21:04:52.0534 0x23a4  [ 1E01F509048BEF78831AC89401B172BD, 34558F56D9AEA8527B84B2BE2A752D181A5D825622EB4B90D454F6D4F971BFED ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
21:04:52.0565 0x23a4  ESProtectionDriver - ok
21:04:52.0612 0x23a4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:04:52.0675 0x23a4  EventSystem - ok
21:04:52.0737 0x23a4  [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:04:52.0815 0x23a4  exfat - ok
21:04:52.0831 0x23a4  Fabs - ok
21:04:52.0864 0x23a4  [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:04:52.0911 0x23a4  fastfat - ok
21:04:52.0957 0x23a4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:04:53.0004 0x23a4  Fax - ok
21:04:53.0051 0x23a4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:04:53.0051 0x23a4  fdc - ok
21:04:53.0082 0x23a4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:04:53.0176 0x23a4  fdPHost - ok
21:04:53.0191 0x23a4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:04:53.0238 0x23a4  FDResPub - ok
21:04:53.0254 0x23a4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:04:53.0269 0x23a4  FileInfo - ok
21:04:53.0285 0x23a4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:04:53.0347 0x23a4  Filetrace - ok
21:04:53.0488 0x23a4  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
21:04:53.0581 0x23a4  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
21:04:55.0206 0x23a4  Detect skipped due to KSN trusted
21:04:55.0206 0x23a4  FirebirdServerMAGIXInstance - ok
21:04:55.0268 0x23a4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:04:55.0299 0x23a4  flpydisk - ok
21:04:55.0362 0x23a4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:04:55.0409 0x23a4  FltMgr - ok
21:04:55.0565 0x23a4  [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache       C:\Windows\system32\FntCache.dll
21:04:55.0658 0x23a4  FontCache - ok
21:04:55.0752 0x23a4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:04:55.0783 0x23a4  FontCache3.0.0.0 - ok
21:04:55.0799 0x23a4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:04:55.0814 0x23a4  FsDepends - ok
21:04:55.0861 0x23a4  [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:04:55.0923 0x23a4  fssfltr - ok
21:04:56.0142 0x23a4  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:04:56.0235 0x23a4  fsssvc - ok
21:04:56.0267 0x23a4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:04:56.0267 0x23a4  Fs_Rec - ok
21:04:56.0329 0x23a4  [ 13799CB7521A39724FFDEA2E5D9C8305, 14FDF6273CEAD3E4E391F538D0FF4E3E258FC34B1B1074C73B72961E640377E0 ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
21:04:56.0376 0x23a4  FTDIBUS - ok
21:04:56.0407 0x23a4  [ F1544BBC7E08BB5B9E9E97996C3FA04B, 2D998E4DCF7EA918B537119583BE678121148DB314BDC338925D8588A30F4BE0 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
21:04:56.0454 0x23a4  FTSER2K - ok
21:04:56.0532 0x23a4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:04:56.0579 0x23a4  fvevol - ok
21:04:56.0594 0x23a4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:04:56.0610 0x23a4  gagp30kx - ok
21:04:56.0657 0x23a4  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
21:04:56.0922 0x23a4  gpsvc - ok
21:04:57.0187 0x23a4  [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
21:04:57.0296 0x23a4  grmnusb - ok
21:04:57.0359 0x23a4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:04:57.0374 0x23a4  gupdate - ok
21:04:57.0390 0x23a4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:04:57.0405 0x23a4  gupdatem - ok
21:04:57.0483 0x23a4  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:04:57.0530 0x23a4  gusvc - ok
21:04:57.0577 0x23a4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:04:57.0639 0x23a4  hcw85cir - ok
21:04:57.0702 0x23a4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:04:57.0749 0x23a4  HdAudAddService - ok
21:04:57.0795 0x23a4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:04:57.0827 0x23a4  HDAudBus - ok
21:04:57.0889 0x23a4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:04:57.0983 0x23a4  HidBatt - ok
21:04:58.0014 0x23a4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:04:58.0045 0x23a4  HidBth - ok
21:04:58.0076 0x23a4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:04:58.0092 0x23a4  HidIr - ok
21:04:58.0139 0x23a4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:04:58.0185 0x23a4  hidserv - ok
21:04:58.0263 0x23a4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:04:58.0310 0x23a4  HidUsb - ok
21:04:58.0326 0x23a4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:04:58.0373 0x23a4  hkmsvc - ok
21:04:58.0404 0x23a4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:04:58.0419 0x23a4  HomeGroupListener - ok
21:04:58.0451 0x23a4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:04:58.0466 0x23a4  HomeGroupProvider - ok
21:04:58.0576 0x23a4  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:04:58.0592 0x23a4  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
21:05:00.0417 0x23a4  Detect skipped due to KSN trusted
21:05:00.0417 0x23a4  hpqcxs08 - ok
21:05:00.0448 0x23a4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:05:00.0495 0x23a4  HpSAMD - ok
21:05:00.0589 0x23a4  [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:05:00.0792 0x23a4  HTTP - ok
21:05:00.0838 0x23a4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:05:00.0854 0x23a4  hwpolicy - ok
21:05:00.0901 0x23a4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:05:00.0916 0x23a4  i8042prt - ok
21:05:00.0979 0x23a4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:05:01.0010 0x23a4  iaStorV - ok
21:05:01.0104 0x23a4  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:05:01.0135 0x23a4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:05:02.0788 0x23a4  Detect skipped due to KSN trusted
21:05:02.0788 0x23a4  IDriverT - ok
21:05:02.0913 0x23a4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:05:02.0991 0x23a4  idsvc - ok
21:05:03.0022 0x23a4  IEEtwCollectorService - ok
21:05:03.0303 0x23a4  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:05:03.0553 0x23a4  igfx - ok
21:05:03.0615 0x23a4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:05:03.0646 0x23a4  iirsp - ok
21:05:03.0740 0x23a4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:05:03.0802 0x23a4  IKEEXT - ok
21:05:03.0958 0x23a4  [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:05:04.0208 0x23a4  IntcAzAudAddService - ok
21:05:04.0333 0x23a4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:05:04.0380 0x23a4  intelide - ok
21:05:04.0504 0x23a4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:05:04.0551 0x23a4  intelppm - ok
21:05:04.0660 0x23a4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:05:04.0723 0x23a4  IPBusEnum - ok
21:05:04.0863 0x23a4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:05:04.0972 0x23a4  IpFilterDriver - ok
21:05:05.0097 0x23a4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:05:05.0253 0x23a4  iphlpsvc - ok
21:05:05.0362 0x23a4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:05:05.0409 0x23a4  IPMIDRV - ok
21:05:05.0440 0x23a4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:05:05.0503 0x23a4  IPNAT - ok
21:05:05.0534 0x23a4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:05:05.0581 0x23a4  IRENUM - ok
21:05:05.0628 0x23a4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:05:05.0643 0x23a4  isapnp - ok
21:05:05.0690 0x23a4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:05:05.0706 0x23a4  iScsiPrt - ok
21:05:05.0752 0x23a4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:05:05.0768 0x23a4  kbdclass - ok
21:05:05.0799 0x23a4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:05:05.0815 0x23a4  kbdhid - ok
21:05:05.0815 0x23a4  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] KeyIso          C:\Windows\system32\lsass.exe
21:05:05.0830 0x23a4  KeyIso - ok
21:05:05.0893 0x23a4  [ 169272E71198BF7AFEFC5D7C5D928EDA, DD040485C68D39939517EF1047501DBCF0B4BF301CF2BC686D72BFE157C792F4 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
21:05:05.0924 0x23a4  kl1 - ok
21:05:05.0955 0x23a4  [ 424146EC434A4DA36F00512F7FE3CBEC, 9FCF7079B19C3CB7C12FC2F2D6D202FEF5117F0BFB7F147A150ADC86A4A79C7E ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
21:05:05.0986 0x23a4  klbackupdisk - ok
21:05:06.0049 0x23a4  [ 5E1D689F31632B07CC2324E748C1A999, F7A10B40B04D9145355497E0D942F2F7FFDC9C5D2EBB01DE8224DDDC44BEB140 ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
21:05:06.0064 0x23a4  klbackupflt - ok
21:05:06.0127 0x23a4  [ 739A56AA19474B6F38EC1A0EA087B774, 533C7D015257E1A0565E475B59C29C3EA31E11096D3EED764EF2D4A883448EEE ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
21:05:06.0189 0x23a4  kldisk - ok
21:05:06.0252 0x23a4  [ E282FAEEC2C5F83C922CDA0134D03995, 45E2A466F3881B821E143C524BF0D3C0B9A232CF764D823F632B84F0A07DF3B6 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
21:05:06.0283 0x23a4  klflt - ok
21:05:06.0330 0x23a4  [ 5257998857707DA4BCC86420CDDFED18, C4DC3CB2F807CF094010A147FAE736C3B7E9E3F9C4F41030A7CE26ADF4B229AC ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
21:05:06.0408 0x23a4  klhk - ok
21:05:06.0470 0x23a4  [ 5165F284BCBD8F43A6F625512D55BABE, CED66D0A7B69D6FB7819E6E3F48F28BA583AF31ED974B59F2D8E863138696EDD ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
21:05:06.0532 0x23a4  KLIF - ok
21:05:06.0548 0x23a4  [ AAC68576EF93EF1BD17FE0B777D411E0, 40FD272F9876223BB0439085F5B07D53D4FC6CC2468583542428D8389335F120 ] klim6           C:\Windows\system32\DRIVERS\klim6.sys
21:05:06.0579 0x23a4  klim6 - ok
21:05:06.0579 0x23a4  [ 9D42BBF1BDB28AF1927BAA0A73647BF3, 2106045B7ADF552B788D364AD9E8776F09C58FBAD1AE51ECC90B35A26F2D74B3 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
21:05:06.0595 0x23a4  klkbdflt - ok
21:05:06.0610 0x23a4  [ 440AFB292037D890AC8CAF20CE7E429E, 62994410C2911A0CE9EF3601648F813B08316DF78AD13C75CCA085B1D4567527 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
21:05:06.0642 0x23a4  klmouflt - ok
21:05:06.0673 0x23a4  [ 3B69B9FF8B0B99333016B0B9D1DB1742, 586C1E0B4E8308EFE195A77EE8C7CA6B742F54B68A80C16EBC39790DDE038EBE ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
21:05:06.0688 0x23a4  klpd - ok
21:05:06.0782 0x23a4  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\Windows\system32\DRIVERS\kltap.sys
21:05:06.0829 0x23a4  kltap - ok
21:05:06.0860 0x23a4  [ D4D67FDAFC981E3FCC376B4548697EB8, 78AD738EFFF8D45A5988B69E3B99C68D8FF38F8A72FB7B4374DE874808AA932D ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
21:05:06.0891 0x23a4  kltdi - ok
21:05:07.0000 0x23a4  [ 5E465826E78C6753BD88B7B766521ACA, 0C0D06FF096BD05D373B7A63EAFC2CA73E51F6FCA82DDACBD97D42FA562CB6DB ] klvssbridge64_19.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe
21:05:07.0047 0x23a4  klvssbridge64_19.0.0 - ok
21:05:07.0078 0x23a4  [ 5053C642DB87B00C75BB2124517B1FA2, C7FD6BFDE422B9C9E7AEDFAE68F0D59A74D8AC3FC0E4F13EF8FF8504F473B645 ] klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
21:05:07.0110 0x23a4  klwtp - ok
21:05:07.0125 0x23a4  [ AAA0543A0E55548E8C66FEFE13D2EFE5, 13623619D219142BD61DC2F632E84F7AC5729462E35DF26AC9BD4471B6530EE1 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
21:05:07.0156 0x23a4  kneps - ok
21:05:07.0266 0x23a4  [ 4DCE20849E789DC24A867E7D7B15CE5B, 0F6236E0F99709FF628DB0568E673DA80292874D78AB89CA6C3BB07E4813786E ] KSDE2.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
21:05:07.0297 0x23a4  KSDE2.0.0 - ok
21:05:07.0344 0x23a4  [ DFE85B031220F8E0271716BBB3C4C8FF, 531AB0851AE2F2B25D751605529C483B4734E5D26F94F56DEC0191730DD6A9A4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:05:07.0390 0x23a4  KSecDD - ok
21:05:07.0406 0x23a4  [ 70D7302DD70B979637179BFD8295C924, 7A3498C8A90AC5D7A070E9BCAF1BC0D16F478A7160A9333C58247034C5B3B59F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:05:07.0422 0x23a4  KSecPkg - ok
21:05:07.0437 0x23a4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:05:07.0484 0x23a4  ksthunk - ok
21:05:07.0515 0x23a4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:05:07.0562 0x23a4  KtmRm - ok
21:05:07.0624 0x23a4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:05:07.0671 0x23a4  LanmanServer - ok
21:05:07.0718 0x23a4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:05:07.0765 0x23a4  LanmanWorkstation - ok
21:05:07.0874 0x23a4  [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:05:07.0921 0x23a4  LBTServ - ok
21:05:07.0936 0x23a4  [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:05:07.0968 0x23a4  LHidFilt - ok
21:05:07.0983 0x23a4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:05:08.0030 0x23a4  lltdio - ok
21:05:08.0108 0x23a4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:05:08.0170 0x23a4  lltdsvc - ok
21:05:08.0186 0x23a4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:05:08.0264 0x23a4  lmhosts - ok
21:05:08.0280 0x23a4  [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:05:08.0295 0x23a4  LMouFilt - ok
21:05:08.0326 0x23a4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:05:08.0342 0x23a4  LSI_FC - ok
21:05:08.0373 0x23a4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:05:08.0389 0x23a4  LSI_SAS - ok
21:05:08.0420 0x23a4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:05:08.0436 0x23a4  LSI_SAS2 - ok
21:05:08.0467 0x23a4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:05:08.0482 0x23a4  LSI_SCSI - ok
21:05:08.0529 0x23a4  [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:05:08.0576 0x23a4  luafv - ok
21:05:08.0654 0x23a4  [ 30531264292DBC7507AA1FF4123F1F39, AD27317BFAB1D5C1B332000DF51336424B4B80AF725392EB4A0FE53DC0695C41 ] MBAMFarflt      C:\Windows\system32\DRIVERS\farflt.sys
21:05:08.0701 0x23a4  MBAMFarflt - ok
21:05:08.0732 0x23a4  [ 0987B4BB03FA1F3C0C7D37347B707D4E, EDEA667695A680B955F42024AD349A9B795A2365C59312EDCC3FE5BF362F59E6 ] MBAMProtection  C:\Windows\system32\DRIVERS\mbam.sys
21:05:08.0748 0x23a4  MBAMProtection - ok
21:05:09.0075 0x23a4  [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
21:05:09.0247 0x23a4  MBAMService - ok
21:05:09.0309 0x23a4  [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy   C:\Windows\System32\Drivers\mbamswissarmy.sys
21:05:09.0325 0x23a4  MBAMSwissArmy - ok
21:05:09.0387 0x23a4  [ BB59E29ADA772551DAE87B980DC1425C, BBC24338AF20AC0DC0AAC87F96E1BE8E8CDB1DD8E2F43108C3DD4D915FB8E6CB ] MBAMWebProtection C:\Windows\system32\DRIVERS\mwac.sys
21:05:09.0403 0x23a4  MBAMWebProtection - ok
21:05:09.0434 0x23a4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:05:09.0450 0x23a4  Mcx2Svc - ok
21:05:09.0481 0x23a4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:05:09.0496 0x23a4  megasas - ok
21:05:09.0512 0x23a4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:05:09.0543 0x23a4  MegaSR - ok
21:05:09.0637 0x23a4  [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
21:05:09.0652 0x23a4  MemeoBackgroundService - ok
21:05:09.0684 0x23a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:05:09.0746 0x23a4  MMCSS - ok
21:05:09.0777 0x23a4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:05:09.0871 0x23a4  Modem - ok
21:05:09.0886 0x23a4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:05:09.0933 0x23a4  monitor - ok
21:05:09.0980 0x23a4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:05:09.0996 0x23a4  mouclass - ok
21:05:10.0011 0x23a4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:05:10.0027 0x23a4  mouhid - ok
21:05:10.0089 0x23a4  [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:05:10.0136 0x23a4  mountmgr - ok
21:05:10.0198 0x23a4  [ 7152F2150B49D16467FA9FCE3E092F07, B6F52E387FDBFAF47340629BA7201746CC1A9A51A1159A5EA235F294B6DFB9E0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:05:10.0245 0x23a4  MozillaMaintenance - ok
21:05:10.0292 0x23a4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:05:10.0323 0x23a4  mpio - ok
21:05:10.0339 0x23a4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:05:10.0401 0x23a4  mpsdrv - ok
21:05:10.0432 0x23a4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:05:10.0510 0x23a4  MpsSvc - ok
21:05:10.0557 0x23a4  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:05:10.0588 0x23a4  MRxDAV - ok
21:05:10.0635 0x23a4  [ 767C6DF04C5758B9F0790D400541B44F, BFC38D7BCF19F7246BCAD3E04273A403F6B973432EE0EF6E25B16BA3826A21B7 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:05:10.0713 0x23a4  mrxsmb - ok
21:05:10.0744 0x23a4  [ BD55F604FFABC911F8E5500186AE70E5, 3719EDB070E6FFE9781337A05CA0309C3CD5CD38A292DF091E05C9BA3D5A479F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:05:10.0807 0x23a4  mrxsmb10 - ok
21:05:10.0885 0x23a4  [ 92EECFB046D4706A4B8D699A4069B6EC, 3B3E232DABA913A500CE55AD8600D8DD8F28E32B0276B9B6C8FD6239688833A4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:05:10.0963 0x23a4  mrxsmb20 - ok
21:05:10.0994 0x23a4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:05:11.0041 0x23a4  msahci - ok
21:05:11.0088 0x23a4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:05:11.0119 0x23a4  msdsm - ok
21:05:11.0150 0x23a4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:05:11.0181 0x23a4  MSDTC - ok
21:05:11.0212 0x23a4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:05:11.0259 0x23a4  Msfs - ok
21:05:11.0275 0x23a4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:05:11.0322 0x23a4  mshidkmdf - ok
21:05:11.0353 0x23a4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:05:11.0353 0x23a4  msisadrv - ok
21:05:11.0384 0x23a4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:05:11.0415 0x23a4  MSiSCSI - ok
21:05:11.0431 0x23a4  msiserver - ok
21:05:11.0462 0x23a4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:05:11.0493 0x23a4  MSKSSRV - ok
21:05:11.0524 0x23a4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:05:11.0556 0x23a4  MSPCLOCK - ok
21:05:11.0571 0x23a4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:05:11.0602 0x23a4  MSPQM - ok
21:05:11.0618 0x23a4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:05:11.0649 0x23a4  MsRPC - ok
21:05:11.0665 0x23a4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:05:11.0680 0x23a4  mssmbios - ok
21:05:11.0712 0x23a4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:05:11.0758 0x23a4  MSTEE - ok
21:05:11.0790 0x23a4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:05:11.0821 0x23a4  MTConfig - ok
21:05:11.0852 0x23a4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:05:11.0868 0x23a4  Mup - ok
21:05:12.0026 0x23a4  [ B7B4BF008EE836D24C245F6A71A42C82, F6B8BF65494D042B06405F3B8A62A5FF5F2B7A238794C91DE51A2EE95D30E024 ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
21:05:12.0072 0x23a4  MyEpson Portal Service - ok
21:05:12.0119 0x23a4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:05:12.0150 0x23a4  napagent - ok
21:05:12.0213 0x23a4  [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:05:12.0228 0x23a4  NativeWifiP - ok
21:05:12.0338 0x23a4  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:05:12.0384 0x23a4  NDIS - ok
21:05:12.0416 0x23a4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:05:12.0462 0x23a4  NdisCap - ok
21:05:12.0509 0x23a4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:05:12.0556 0x23a4  NdisTapi - ok
21:05:12.0572 0x23a4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:05:12.0618 0x23a4  Ndisuio - ok
21:05:12.0650 0x23a4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:05:12.0681 0x23a4  NdisWan - ok
21:05:12.0728 0x23a4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:05:12.0759 0x23a4  NDProxy - ok
21:05:12.0790 0x23a4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:05:12.0837 0x23a4  NetBIOS - ok
21:05:12.0884 0x23a4  [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:05:12.0899 0x23a4  NetBT - ok
21:05:12.0962 0x23a4  [ 0AACF89E5FD35CF07CD4E649C6591423, 786E000239FCE114DB83A3914C75E011A3AA15B60EC87AF9C871208C508520A1 ] netfltcc        C:\Windows\system32\drivers\netfltcc.sys
21:05:12.0962 0x23a4  netfltcc - ok
21:05:12.0977 0x23a4  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] Netlogon        C:\Windows\system32\lsass.exe
21:05:12.0993 0x23a4  Netlogon - ok
21:05:13.0008 0x23a4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:05:13.0055 0x23a4  Netman - ok
21:05:13.0149 0x23a4  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:05:13.0227 0x23a4  NetMsmqActivator - ok
21:05:13.0258 0x23a4  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:05:13.0274 0x23a4  NetPipeActivator - ok
21:05:13.0305 0x23a4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:05:13.0352 0x23a4  netprofm - ok
21:05:13.0352 0x23a4  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:05:13.0383 0x23a4  NetTcpActivator - ok
21:05:13.0383 0x23a4  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:05:13.0398 0x23a4  NetTcpPortSharing - ok
21:05:13.0430 0x23a4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:05:13.0445 0x23a4  nfrd960 - ok
21:05:13.0492 0x23a4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:05:13.0539 0x23a4  NlaSvc - ok
21:05:13.0570 0x23a4  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf             C:\Windows\system32\drivers\npf.sys
21:05:13.0586 0x23a4  npf - ok
21:05:13.0586 0x23a4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:05:13.0632 0x23a4  Npfs - ok
21:05:13.0679 0x23a4  [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi             C:\Windows\system32\nsisvc.dll
21:05:13.0695 0x23a4  nsi - ok
21:05:13.0726 0x23a4  [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:05:13.0757 0x23a4  nsiproxy - ok
21:05:13.0882 0x23a4  [ 1065D9AFE491706EB00AD3CBB76C9E54, 7014029663FC61932EACC07682A66EE5483F11968EF58DE9766A9D77238C6812 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:05:13.0960 0x23a4  Ntfs - ok
21:05:13.0976 0x23a4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:05:14.0069 0x23a4  Null - ok
21:05:14.0163 0x23a4  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
21:05:14.0225 0x23a4  NVENETFD - ok
21:05:14.0646 0x23a4  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:05:15.0083 0x23a4  nvlddmkm - ok
21:05:15.0146 0x23a4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:05:15.0192 0x23a4  nvraid - ok
21:05:15.0224 0x23a4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:05:15.0255 0x23a4  nvstor - ok
21:05:15.0286 0x23a4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:05:15.0302 0x23a4  nv_agp - ok
21:05:15.0317 0x23a4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:05:15.0333 0x23a4  ohci1394 - ok
21:05:15.0411 0x23a4  [ BF869F329392C7E76FC959B1206A432F, 909879B7432283C1F6D44843FC5CEB598798EE6560DCD4B4EF8B4935E94FB934 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:05:15.0458 0x23a4  ose - ok
21:05:15.0754 0x23a4  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:05:16.0004 0x23a4  osppsvc - ok
21:05:16.0050 0x23a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:05:16.0191 0x23a4  p2pimsvc - ok
21:05:16.0222 0x23a4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:05:16.0284 0x23a4  p2psvc - ok
21:05:16.0316 0x23a4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:05:16.0331 0x23a4  Parport - ok
21:05:16.0362 0x23a4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:05:16.0378 0x23a4  partmgr - ok
21:05:16.0425 0x23a4  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:05:16.0472 0x23a4  PcaSvc - ok
21:05:16.0487 0x23a4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:05:16.0518 0x23a4  pci - ok
21:05:16.0550 0x23a4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:05:16.0565 0x23a4  pciide - ok
21:05:16.0612 0x23a4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:05:16.0628 0x23a4  pcmcia - ok
21:05:16.0659 0x23a4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:05:16.0674 0x23a4  pcw - ok
21:05:16.0706 0x23a4  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:05:16.0768 0x23a4  PEAUTH - ok
21:05:16.0846 0x23a4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:05:16.0877 0x23a4  PerfHost - ok
21:05:17.0049 0x23a4  [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla             C:\Windows\system32\pla.dll
21:05:17.0142 0x23a4  pla - ok
21:05:17.0236 0x23a4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:05:17.0298 0x23a4  PlugPlay - ok
21:05:17.0314 0x23a4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:05:17.0408 0x23a4  PNRPAutoReg - ok
21:05:17.0439 0x23a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:05:17.0470 0x23a4  PNRPsvc - ok
21:05:17.0517 0x23a4  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:05:17.0564 0x23a4  PolicyAgent - ok
21:05:17.0595 0x23a4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:05:17.0642 0x23a4  Power - ok
21:05:17.0688 0x23a4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:05:17.0720 0x23a4  PptpMiniport - ok
21:05:17.0751 0x23a4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:05:17.0766 0x23a4  Processor - ok
21:05:17.0829 0x23a4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:05:17.0922 0x23a4  ProfSvc - ok
21:05:17.0938 0x23a4  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:05:17.0954 0x23a4  ProtectedStorage - ok
21:05:17.0969 0x23a4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:05:18.0016 0x23a4  Psched - ok
21:05:18.0063 0x23a4  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:05:18.0078 0x23a4  PSI_SVC_2 - ok
21:05:18.0156 0x23a4  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
21:05:18.0188 0x23a4  PxHlpa64 - ok
21:05:18.0266 0x23a4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:05:18.0375 0x23a4  ql2300 - ok
21:05:18.0390 0x23a4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:05:18.0406 0x23a4  ql40xx - ok
21:05:18.0422 0x23a4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:05:18.0453 0x23a4  QWAVE - ok
21:05:18.0468 0x23a4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:05:18.0500 0x23a4  QWAVEdrv - ok
21:05:18.0562 0x23a4  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
21:05:18.0593 0x23a4  RapiMgr - ok
21:05:18.0609 0x23a4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:05:18.0656 0x23a4  RasAcd - ok
21:05:18.0687 0x23a4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:05:18.0780 0x23a4  RasAgileVpn - ok
21:05:18.0796 0x23a4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:05:18.0858 0x23a4  RasAuto - ok
21:05:18.0890 0x23a4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:05:18.0952 0x23a4  Rasl2tp - ok
21:05:18.0968 0x23a4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:05:19.0030 0x23a4  RasMan - ok
21:05:19.0046 0x23a4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:05:19.0092 0x23a4  RasPppoe - ok
21:05:19.0124 0x23a4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:05:19.0155 0x23a4  RasSstp - ok
21:05:19.0186 0x23a4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:05:19.0233 0x23a4  rdbss - ok
21:05:19.0248 0x23a4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:05:19.0264 0x23a4  rdpbus - ok
21:05:19.0280 0x23a4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:05:19.0311 0x23a4  RDPCDD - ok
21:05:19.0326 0x23a4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:05:19.0373 0x23a4  RDPENCDD - ok
21:05:19.0389 0x23a4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:05:19.0436 0x23a4  RDPREFMP - ok
21:05:19.0607 0x23a4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:05:19.0763 0x23a4  RdpVideoMiniport - ok
21:05:19.0826 0x23a4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:05:19.0904 0x23a4  RDPWD - ok
21:05:19.0966 0x23a4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:05:20.0013 0x23a4  rdyboost - ok
21:05:20.0044 0x23a4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:05:20.0106 0x23a4  RemoteAccess - ok
21:05:20.0138 0x23a4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:05:20.0184 0x23a4  RemoteRegistry - ok
21:05:20.0247 0x23a4  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:05:20.0262 0x23a4  RFCOMM - ok
21:05:20.0294 0x23a4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:05:20.0349 0x23a4  RpcEptMapper - ok
21:05:20.0381 0x23a4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:05:20.0427 0x23a4  RpcLocator - ok
21:05:20.0505 0x23a4  [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] RpcSs           C:\Windows\system32\rpcss.dll
21:05:20.0537 0x23a4  RpcSs - ok
21:05:20.0552 0x23a4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:05:20.0599 0x23a4  rspndr - ok
21:05:20.0693 0x23a4  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:05:20.0755 0x23a4  RTL8167 - ok
21:05:20.0833 0x23a4  [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
21:05:20.0880 0x23a4  RTL8192su - ok
21:05:20.0911 0x23a4  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] SamSs           C:\Windows\system32\lsass.exe
21:05:20.0927 0x23a4  SamSs - ok
21:05:20.0942 0x23a4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:05:20.0958 0x23a4  sbp2port - ok
21:05:20.0973 0x23a4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:05:21.0036 0x23a4  SCardSvr - ok
21:05:21.0410 0x23a4  [ DE48E8808653E1CEEBA850BE57798388, 5255F6727F840232D6873AE899B10503A14F0365508657EC8230F35D74E8CB52 ] SCC-Dienst      C:\Windows\cc\ctlsysmgr.exe
21:05:21.0724 0x23a4  SCC-Dienst - ok
21:05:21.0771 0x23a4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:05:21.0802 0x23a4  scfilter - ok
21:05:21.0911 0x23a4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
21:05:22.0021 0x23a4  Schedule - ok
21:05:22.0052 0x23a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:05:22.0083 0x23a4  SCPolicySvc - ok
21:05:22.0114 0x23a4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:05:22.0161 0x23a4  SDRSVC - ok
21:05:22.0192 0x23a4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:05:22.0255 0x23a4  secdrv - ok
21:05:22.0286 0x23a4  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
21:05:22.0364 0x23a4  seclogon - ok
21:05:22.0379 0x23a4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:05:22.0473 0x23a4  SENS - ok
21:05:22.0489 0x23a4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:05:22.0535 0x23a4  SensrSvc - ok
21:05:22.0567 0x23a4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:05:22.0582 0x23a4  Serenum - ok
21:05:22.0613 0x23a4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
21:05:22.0629 0x23a4  Serial - ok
21:05:22.0660 0x23a4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:05:22.0676 0x23a4  sermouse - ok
21:05:22.0707 0x23a4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:05:22.0769 0x23a4  SessionEnv - ok
21:05:22.0847 0x23a4  [ DDA1B38A59DE5096E2619D4CFDE01F4A, 95E2244EC8FD87741169B75A25458C788A9355EBC7D12C5CD6509DBBB89D4EE6 ] sfdrv01a        C:\Windows\system32\drivers\sfdrv01a.sys
21:05:22.0880 0x23a4  sfdrv01a - ok
21:05:22.0911 0x23a4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:05:23.0020 0x23a4  sffdisk - ok
21:05:23.0036 0x23a4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:05:23.0067 0x23a4  sffp_mmc - ok
21:05:23.0082 0x23a4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:05:23.0116 0x23a4  sffp_sd - ok
21:05:23.0147 0x23a4  [ 17F6BD95BF04B924F4C05CE78BEF8AE6, 68D38DC04349DA476B62F853B165EE6B6F42054BCAF2B8F615A6E6BAACD35EB4 ] sfhlp02         C:\Windows\system32\drivers\sfhlp02.sys
21:05:23.0178 0x23a4  sfhlp02 - ok
21:05:23.0209 0x23a4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:05:23.0225 0x23a4  sfloppy - ok
21:05:23.0256 0x23a4  sfrem01 - ok
21:05:23.0272 0x23a4  [ C2FC1E7B64D844251A1AF6BCADFE4C14, F1944F303981A64EE109B244BFD333A661C0940EB3A7F28726A61A9422022831 ] sfsync04        C:\Windows\system32\drivers\sfsync04.sys
21:05:23.0287 0x23a4  sfsync04 - ok
21:05:23.0334 0x23a4  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
21:05:23.0365 0x23a4  Sftfs - ok
21:05:23.0506 0x23a4  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:05:23.0537 0x23a4  sftlist - ok
21:05:23.0568 0x23a4  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:05:23.0599 0x23a4  Sftplay - ok
21:05:23.0615 0x23a4  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:05:23.0630 0x23a4  Sftredir - ok
21:05:23.0646 0x23a4  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
21:05:23.0662 0x23a4  Sftvol - ok
21:05:23.0677 0x23a4  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:05:23.0693 0x23a4  sftvsa - ok
21:05:23.0724 0x23a4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:05:23.0786 0x23a4  SharedAccess - ok
21:05:23.0833 0x23a4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:05:23.0833 0x232c  Object required for P2P: [ 5257998857707DA4BCC86420CDDFED18 ] klhk
21:05:23.0880 0x23a4  ShellHWDetection - ok
21:05:23.0911 0x23a4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:05:23.0927 0x23a4  SiSRaid2 - ok
21:05:23.0958 0x23a4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:05:23.0974 0x23a4  SiSRaid4 - ok
21:05:24.0020 0x23a4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:05:24.0067 0x23a4  Smb - ok
21:05:24.0083 0x23a4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:05:24.0114 0x23a4  SNMPTRAP - ok
21:05:24.0130 0x23a4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:05:24.0145 0x23a4  spldr - ok
21:05:24.0176 0x23a4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:05:24.0239 0x23a4  Spooler - ok
21:05:24.0348 0x23a4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:05:24.0488 0x23a4  sppsvc - ok
21:05:24.0520 0x23a4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:05:24.0566 0x23a4  sppuinotify - ok
21:05:24.0629 0x23a4  [ 72E6A150A8C8530B201832D1C801CDE6, EFBDD5D1FB924979E63D829A6970CB5552A746BEBB7C4D41066684CA16A374E0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:05:24.0660 0x23a4  srv - ok
21:05:24.0707 0x23a4  [ C4F67ABCC5033D334613F28F9E782809, A19E32E2EF790E88E7013C298AF0A34A9957A7CE55DF19FBD7BDF688D3767BA5 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:05:24.0769 0x23a4  srv2 - ok
21:05:24.0832 0x23a4  [ C53CB62B0E57488AAE41FDA0FF8A0AB9, 93614C72C578E348B66690585F8AC2B53C0C19D2C96AAD3E776D3389CA5E43B6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:05:24.0863 0x23a4  srvnet - ok
21:05:24.0894 0x23a4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:05:24.0941 0x23a4  SSDPSRV - ok
21:05:24.0972 0x23a4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:05:25.0005 0x23a4  SstpSvc - ok
21:05:25.0099 0x23a4  [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:05:25.0146 0x23a4  ssudmdm - ok
21:05:25.0302 0x23a4  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
21:05:25.0333 0x23a4  ss_conn_service - ok
21:05:25.0364 0x23a4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:05:25.0380 0x23a4  stexstor - ok
21:05:25.0426 0x23a4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:05:25.0458 0x23a4  stisvc - ok
21:05:25.0489 0x23a4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:05:25.0504 0x23a4  swenum - ok
21:05:25.0520 0x23a4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:05:25.0567 0x23a4  swprv - ok
21:05:25.0707 0x23a4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
21:05:25.0816 0x23a4  SysMain - ok
21:05:25.0848 0x23a4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:05:25.0863 0x23a4  TabletInputService - ok
21:05:25.0894 0x23a4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:05:25.0957 0x23a4  TapiSrv - ok
21:05:26.0082 0x23a4  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:05:26.0160 0x23a4  Tcpip - ok
21:05:26.0222 0x23a4  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:05:26.0284 0x23a4  TCPIP6 - ok
21:05:26.0331 0x23a4  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:05:26.0378 0x23a4  tcpipreg - ok
21:05:26.0394 0x23a4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:05:26.0472 0x23a4  TDPIPE - ok
21:05:26.0503 0x23a4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:05:26.0550 0x23a4  TDTCP - ok
21:05:26.0596 0x23a4  [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:05:26.0674 0x23a4  tdx - ok
21:05:26.0706 0x23a4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:05:26.0721 0x23a4  TermDD - ok
21:05:26.0799 0x23a4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:05:26.0893 0x23a4  TermService - ok
21:05:26.0924 0x23a4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:05:26.0986 0x23a4  Themes - ok
21:05:27.0018 0x23a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:05:27.0064 0x23a4  THREADORDER - ok
21:05:27.0080 0x23a4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:05:27.0127 0x23a4  TrkWks - ok
21:05:27.0220 0x23a4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:05:27.0283 0x23a4  TrustedInstaller - ok
21:05:27.0298 0x23a4  [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:05:27.0314 0x23a4  tssecsrv - ok
21:05:27.0376 0x23a4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:05:27.0486 0x23a4  TsUsbFlt - ok
21:05:27.0501 0x23a4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:05:27.0548 0x23a4  TsUsbGD - ok
21:05:27.0564 0x232c  Object send P2P result: true
21:05:27.0579 0x23a4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:05:27.0642 0x23a4  tunnel - ok
21:05:27.0673 0x23a4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:05:27.0688 0x23a4  uagp35 - ok
21:05:27.0720 0x23a4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:05:27.0766 0x23a4  udfs - ok
21:05:27.0829 0x23a4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:05:27.0860 0x23a4  UI0Detect - ok
21:05:27.0891 0x23a4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:05:27.0922 0x23a4  uliagpkx - ok
21:05:27.0954 0x23a4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:05:27.0985 0x23a4  umbus - ok
21:05:28.0000 0x23a4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:05:28.0047 0x23a4  UmPass - ok
21:05:28.0094 0x23a4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:05:28.0203 0x23a4  upnphost - ok
21:05:28.0250 0x23a4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:05:28.0328 0x23a4  usbaudio - ok
21:05:28.0375 0x23a4  [ 9E68E917FB4B5C983438969643F53BEF, 7148BF1E7AFAFA025A51AA9A26B90ED85328B41C7F7791CB3460D9CF53245985 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:05:28.0453 0x23a4  usbccgp - ok
21:05:28.0500 0x23a4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:05:28.0562 0x23a4  usbcir - ok
21:05:28.0593 0x23a4  [ 3F9D3902CE931E2A28DD8452AE915B67, C8BF042DD84FB2E3AE7FCDBA65923611FCBDAFD6410E42A5E58F8995D99AE16C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:05:28.0656 0x23a4  usbehci - ok
21:05:28.0702 0x23a4  [ B7037444DC5138FC7D3D3968B4DE5C4B, DD9E3E40766A3F3B708DA341B7280E447788218ED677E1A24EC0CD04B04281B2 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:05:28.0718 0x23a4  usbfilter - ok
21:05:28.0749 0x23a4  [ 86B65EEBC03B936DE8B26E5A18D98FA2, 2981CF5A0FB6B6FE0A38363EA4804DB743C45E3E6E72DC3A2260F583377717C8 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
21:05:28.0780 0x23a4  usbhub - ok
21:05:28.0812 0x23a4  [ 099C2931C6F73EB1B9E13C560F61B50D, 83B64A52173243526E380C8FA0D913C7B07C2AF1806ECC4EC0D0B5523A7CBFAA ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:05:28.0827 0x23a4  usbohci - ok
21:05:28.0874 0x23a4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:05:28.0936 0x23a4  usbprint - ok
21:05:28.0968 0x23a4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:05:29.0014 0x23a4  usbscan - ok
21:05:29.0046 0x23a4  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:05:29.0139 0x23a4  USBSTOR - ok
21:05:29.0155 0x23a4  [ 5D7651347C7D702F4A5DE53603DC024F, F55532D13AB2FF6D4B6058113AF2710AC5C87059C9000942CF517198BABCD6F5 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:05:29.0233 0x23a4  usbuhci - ok
21:05:29.0264 0x23a4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:05:29.0326 0x23a4  UxSms - ok
21:05:29.0342 0x23a4  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] VaultSvc        C:\Windows\system32\lsass.exe
21:05:29.0358 0x23a4  VaultSvc - ok
21:05:29.0373 0x23a4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:05:29.0389 0x23a4  vdrvroot - ok
21:05:29.0420 0x23a4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:05:29.0514 0x23a4  vds - ok
21:05:29.0545 0x23a4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:05:29.0560 0x23a4  vga - ok
21:05:29.0560 0x23a4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:05:29.0623 0x23a4  VgaSave - ok
21:05:29.0654 0x23a4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:05:29.0685 0x23a4  vhdmp - ok
21:05:29.0701 0x23a4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:05:29.0732 0x23a4  viaide - ok
21:05:29.0763 0x23a4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:05:29.0779 0x23a4  volmgr - ok
21:05:29.0826 0x23a4  [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:05:29.0857 0x23a4  volmgrx - ok
21:05:29.0872 0x23a4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:05:29.0888 0x23a4  volsnap - ok
21:05:29.0935 0x23a4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:05:29.0950 0x23a4  vsmraid - ok
21:05:29.0997 0x23a4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:05:30.0091 0x23a4  VSS - ok
21:05:30.0122 0x23a4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:05:30.0138 0x23a4  vwifibus - ok
21:05:30.0153 0x23a4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:05:30.0169 0x23a4  vwififlt - ok
21:05:30.0200 0x23a4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:05:30.0247 0x23a4  vwifimp - ok
21:05:30.0278 0x23a4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:05:30.0340 0x23a4  W32Time - ok
21:05:30.0387 0x23a4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:05:30.0418 0x23a4  WacomPen - ok
21:05:30.0434 0x23a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:05:30.0481 0x23a4  WANARP - ok
21:05:30.0512 0x23a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:05:30.0543 0x23a4  Wanarpv6 - ok
21:05:30.0715 0x23a4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:05:30.0840 0x23a4  WatAdminSvc - ok
21:05:30.0902 0x23a4  [ 261A725F8ACEDDA695C7FFF6D6EDE6B5, 7DE18FDD707F073909FC990F6755CBF562020B6F3D5C698D90C7907EE0F3B420 ] watchmi         C:\Program Files (x86)\watchmi\TvdService.exe
21:05:30.0902 0x23a4  watchmi - detected UnsignedFile.Multi.Generic ( 1 )
21:05:32.0524 0x23a4  Detect skipped due to KSN trusted
21:05:32.0524 0x23a4  watchmi - ok
21:05:32.0634 0x23a4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:05:32.0790 0x23a4  wbengine - ok
21:05:32.0821 0x23a4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:05:32.0868 0x23a4  WbioSrvc - ok
21:05:32.0961 0x23a4  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
21:05:32.0992 0x23a4  WcesComm - ok
21:05:33.0024 0x23a4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:05:33.0055 0x23a4  wcncsvc - ok
21:05:33.0102 0x23a4  [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:05:33.0133 0x23a4  WcsPlugInService - ok
21:05:33.0164 0x23a4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:05:33.0180 0x23a4  Wd - ok
21:05:33.0258 0x23a4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:05:33.0304 0x23a4  Wdf01000 - ok
21:05:33.0351 0x23a4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:05:33.0445 0x23a4  WdiServiceHost - ok
21:05:33.0445 0x23a4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:05:33.0476 0x23a4  WdiSystemHost - ok
21:05:33.0538 0x23a4  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
21:05:33.0601 0x23a4  WebClient - ok
21:05:33.0632 0x23a4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:05:33.0694 0x23a4  Wecsvc - ok
21:05:33.0710 0x23a4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:05:33.0741 0x23a4  wercplsupport - ok
21:05:33.0757 0x23a4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:05:33.0804 0x23a4  WerSvc - ok
21:05:33.0850 0x23a4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:05:33.0882 0x23a4  WfpLwf - ok
21:05:33.0897 0x23a4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:05:33.0913 0x23a4  WIMMount - ok
21:05:33.0944 0x23a4  WinDefend - ok
21:05:33.0960 0x23a4  WinHttpAutoProxySvc - ok
21:05:34.0022 0x23a4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:05:34.0069 0x23a4  Winmgmt - ok
21:05:34.0178 0x23a4  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:05:34.0318 0x23a4  WinRM - ok
21:05:34.0365 0x23a4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:05:34.0396 0x23a4  WinUsb - ok
21:05:34.0490 0x23a4  [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:05:34.0537 0x23a4  Wlansvc - ok
21:05:34.0724 0x23a4  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:05:34.0833 0x23a4  wlidsvc - ok
21:05:34.0864 0x23a4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:05:34.0880 0x23a4  WmiAcpi - ok
21:05:34.0896 0x23a4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:05:34.0927 0x23a4  wmiApSrv - ok
21:05:34.0958 0x23a4  WMPNetworkSvc - ok
21:05:34.0989 0x23a4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:05:35.0036 0x23a4  WPCSvc - ok
21:05:35.0067 0x23a4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:05:35.0083 0x23a4  WPDBusEnum - ok
21:05:35.0098 0x23a4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:05:35.0192 0x23a4  ws2ifsl - ok
21:05:35.0223 0x23a4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:05:35.0254 0x23a4  wscsvc - ok
21:05:35.0270 0x23a4  WSearch - ok
21:05:35.0286 0x23a4  [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
21:05:35.0301 0x23a4  wsvd - ok
21:05:35.0473 0x23a4  [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:05:35.0644 0x23a4  wuauserv - ok
21:05:35.0676 0x23a4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:05:35.0691 0x23a4  WudfPf - ok
21:05:35.0722 0x23a4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:05:35.0754 0x23a4  WUDFRd - ok
21:05:35.0769 0x23a4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:05:35.0800 0x23a4  wudfsvc - ok
21:05:35.0847 0x23a4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:05:35.0925 0x23a4  WwanSvc - ok
21:05:35.0956 0x23a4  ================ Scan global ===============================
21:05:36.0003 0x23a4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:05:36.0050 0x23a4  [ 66A8A9412337B08E1735204B8ADEE58C, 766429FBB014A9CA6AEFD39579C3F33625335A3DFD88AB324E4534978695B887 ] C:\Windows\system32\winsrv.dll
21:05:36.0097 0x23a4  [ 66A8A9412337B08E1735204B8ADEE58C, 766429FBB014A9CA6AEFD39579C3F33625335A3DFD88AB324E4534978695B887 ] C:\Windows\system32\winsrv.dll
21:05:36.0112 0x23a4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:05:36.0144 0x23a4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:05:36.0144 0x23a4  [ Global ] - ok
21:05:36.0144 0x23a4  ================ Scan MBR ==================================
21:05:36.0159 0x23a4  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
21:05:38.0936 0x23a4  \Device\Harddisk0\DR0 - ok
21:05:38.0936 0x23a4  ================ Scan VBR ==================================
21:05:38.0936 0x23a4  [ AD22454585C8B20832E592BB0BD6CF66 ] \Device\Harddisk0\DR0\Partition1
21:05:38.0936 0x23a4  \Device\Harddisk0\DR0\Partition1 - ok
21:05:38.0952 0x23a4  [ 4993626D5E885B3541AE4E9A7F708F20 ] \Device\Harddisk0\DR0\Partition2
21:05:38.0952 0x23a4  \Device\Harddisk0\DR0\Partition2 - ok
21:05:38.0952 0x23a4  [ 8A9F068D45CF78CC93224F17216DC2DE ] \Device\Harddisk0\DR0\Partition3
21:05:38.0952 0x23a4  \Device\Harddisk0\DR0\Partition3 - ok
21:05:38.0952 0x23a4  ================ Scan generic autorun ======================
21:05:39.0373 0x23a4  [ 5DADA908E14051D65DB1991CB0B1F58D, DC02EDA032CEC2241F302995BF010B0376D5421A3E97583CB8A13A80993290B4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:05:39.0810 0x23a4  RTHDVCPL - ok
21:05:39.0950 0x23a4  [ F9C48B76DA59CF5FF2ED937B62F5ED39, BABC2638F6C92947C79C918DFD3E605B196672B23745226DFA64F68867B7C257 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:05:39.0981 0x23a4  AdobeAAMUpdater-1.0 - ok
21:05:40.0044 0x23a4  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
21:05:40.0075 0x23a4  Windows Mobile Device Center - ok
21:05:40.0247 0x23a4  [ 948EB9C552C05DF39F79587E6979D9F5, 402B155395C32005A8D78C8B0F00F2391542CB41188AF944FF17ADE6BE97A62D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
21:05:40.0356 0x23a4  EvtMgr6 - ok
21:05:40.0496 0x23a4  [ 4CD463EF28D7345EBFD123D407712D02, FD9DEAE9CAB602E8100E1000C7D9CEA2FC662E875CBAF02EA56E933C666F0567 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:05:40.0527 0x23a4  StartCCC - ok
21:05:40.0590 0x23a4  [ FF473648E7B1B37C7F3249A6549FAC72, 632825038F5975415D129CCB84682243360821857D250D7827E21A08DE855BCC ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
21:05:40.0621 0x23a4  hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
21:05:42.0245 0x23a4  Detect skipped due to KSN trusted
21:05:42.0245 0x23a4  hpqSRMon - ok
21:05:42.0323 0x23a4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:05:42.0339 0x23a4  HP Software Update - ok
21:05:42.0401 0x23a4  [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
21:05:42.0417 0x23a4  PDFPrint - ok
21:05:42.0511 0x23a4  [ EE8626BAD390E3F3EBCA5816F133F14A, 2E6331418F6EE99539822E18FCACE74EEEC9A4970BBFB392C89AF32088753525 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
21:05:42.0526 0x23a4  KiesTrayAgent - ok
21:05:42.0713 0x23a4  [ F17FFAF69E1AF3D0A010FD4749148981, 7486A1EFE378BFCEE30D169BD0189CABD6935EBEE556BF0328330B120975EA03 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
21:05:42.0791 0x23a4  EEventManager - ok
21:05:42.0901 0x23a4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:05:43.0088 0x23a4  Sidebar - ok
21:05:43.0103 0x23a4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:05:43.0150 0x23a4  mctadmin - ok
21:05:43.0213 0x23a4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:05:43.0244 0x23a4  Sidebar - ok
21:05:43.0259 0x23a4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:05:43.0291 0x23a4  mctadmin - ok
21:05:43.0353 0x23a4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:05:43.0415 0x23a4  Sidebar - ok
21:05:43.0618 0x23a4  [ CE504C7463B7616A737E0C30C58FF138, 46D80A9B17A1F196A2A3029E28991A99C9833B6B61FB979BE4727ACDA5D7BE60 ] C:\Program Files (x86)\Adobe\Photoshop Elements 11\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
21:05:43.0649 0x23a4  CAHeadless - ok
21:05:43.0681 0x23a4  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
21:05:43.0696 0x23a4  swg - ok
21:05:43.0790 0x23a4  [ 3DCC4C062FEF19028E5FCC002781C9BB, CE016713365A64680C6211D66CF3D62929785EF08784D984CB8E29A95C2D78B8 ] C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe
21:05:43.0837 0x23a4  Kies3PDLR.exe - ok
21:05:43.0961 0x23a4  [ 61F761A0C9361645F3AA0DE5FECBE491, C2A6A585FC088589302D008713F9B85B2E2891920854A5BD06B302958E56D7C3 ] C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
21:05:44.0008 0x23a4  SmartSwitchPDLR.exe - ok
21:05:44.0086 0x23a4  [ 97BFD4C3591EDD7A9EA1772DBE0202E6, 31DA37709522C8B8DE2784B3AA3C1A8503E92D084E2C695A303D4D09D5FD2C88 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRIE.EXE
21:05:44.0149 0x23a4  EPLTarget\P0000000000000000 - ok
21:05:44.0180 0x23a4  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
21:05:44.0242 0x23a4  Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok
21:05:44.0258 0x23a4  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
21:05:44.0289 0x23a4  Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64 - ok
21:05:44.0305 0x23a4  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
21:05:44.0351 0x23a4  Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64 - ok
21:05:44.0367 0x23a4  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
21:05:44.0398 0x23a4  Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64 - ok
21:05:44.0414 0x23a4  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
21:05:44.0461 0x23a4  Uninstall C:\Users\Arhelger\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64 - ok
21:05:44.0507 0x23a4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:05:44.0554 0x23a4  Sidebar - ok
21:05:44.0570 0x23a4  Waiting for KSN requests completion. In queue: 25
21:05:45.0584 0x23a4  Waiting for KSN requests completion. In queue: 25
21:05:46.0925 0x23a4  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated )
21:05:46.0988 0x23a4  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\wmiav.exe ( 19.0.0.1088 ), 0x41000 ( enabled : updated )
21:05:46.0988 0x23a4  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\wmiav.exe ( 19.0.0.1088 ), 0x41010 ( enabled )
21:05:57.0669 0x23a4  ============================================================
21:05:57.0669 0x23a4  Scan finished
21:05:57.0669 0x23a4  ============================================================
21:05:57.0669 0x19bc  Detected object count: 0
21:05:57.0669 0x19bc  Actual detected object count: 0

M-K-D-B · 24.08.2018, 20:13

Servus,

Downloade Dir bitte RogueKiller - Portable 64 bits auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die RogueKiller.exe mit einem Doppelklick.
Akzeptiere die Nutzungsbedingungen.
Klicke oben auf Scan und anschließend auf Scan starten.
Klicke am Ende des Suchlaufs auf Bericht öffnen und dann auf TXT Öffnen.
Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
Schließe RogueKiller wieder. Entferne keine Funde ohne Anweisung!

Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory

Log-Analyse und Auswertung: Kaspersky findet Trojan.Multi.GenAutorunReg.a in System Memory