Gruppenrichtlinie blockt Avira

the_slater · 15.11.2018, 10:02

Addition:

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14.11.2018
durchgeführt von Thomas Wegefahrt (15-11-2018 09:56:17)
Gestartet von C:\Users\Thomas Wegefahrt\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2018-11-13 10:47:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2859396644-2780658763-3459757247-500 - Administrator - Disabled)
Gast (S-1-5-21-2859396644-2780658763-3459757247-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2859396644-2780658763-3459757247-1002 - Limited - Enabled)
Thomas Wegefahrt (S-1-5-21-2859396644-2780658763-3459757247-1000 - Administrator - Enabled) => C:\Users\Thomas Wegefahrt
UpdatusUser (S-1-5-21-2859396644-2780658763-3459757247-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0407-1000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version:  - Microsoft) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
ABBYY PDF Transformer 3.0 (HKLM\...\{FA300000-0001-6400-0000-074957833700}) (Version: 3.00.317.68010 - ABBYY) Hidden
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 1.1.18.0 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Advantage Database Server for Windows v11.10 (HKLM-x32\...\{8F7F5EAD-7785-4246-83F0-C6A9204AF971}) (Version: 11.10.0001 - Sybase, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.)
Autodesk Express Viewer (HKLM-x32\...\Autodesk Express Viewer) (Version: 3.1 - Autodesk, Inc.)
B109n-z (HKLM-x32\...\{134EE273-0F1C-4A5B-817D-13111DB75B14}) (Version: 130.0.396.000 - Hewlett-Packard) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CustomerResearchQFolder (HKLM-x32\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}) (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM-x32\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DJ_AIO_03_F2200_Software (HKLM-x32\...\{db18dc72-cd20-4801-be82-f5d2caeec4d7}) (Version: 100.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2200_Software_Min (HKLM-x32\...\{c6922d7f-c698-4d9e-9671-8b3de04d1511}) (Version: 100.0.239.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2220_ProductContext (HKLM-x32\...\{eca3039b-e429-420f-bd5e-7dec0683fc32}) (Version: 100.0.292.000 - Hewlett-Packard) Hidden
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version:  - NCH Software)
Dropbox (HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
EasyBCD 2.0 (HKLM-x32\...\EasyBCD) (Version: 2.0 - NeoSmart Technologies)
eSupportQFolder (HKLM-x32\...\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
FoxTab Video To MP3 Converter (remove only) (HKLM-x32\...\Z0 - Video To Mp3) (Version:  - ) <==== ACHTUNG
GnuWin32: OpenSSL-0.9.8h-1 (HKLM-x32\...\OpenSSL-0.9.8h-1_is1) (Version: 0.9.8h-1 - GnuWin32)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM-x32\...\{18669FF9-C8FE-407a-9F70-E674896B1DB4}) (Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.5144.16 - PC-Doctor, Inc.)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
HP Active Support Library (HKLM-x32\...\{0295F89F-F698-4101-9A7D-49F407EC2D82}) (Version: 3.1.10.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.1000.1002 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{B84739A3-F943-47E4-95D8-96381EF5AC48}) (Version: 5.7.0.2945 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 (HKLM\...\{D77D43B5-ED55-426b-B67B-E21F804F6102}) (Version: 10.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{722B4A13-F24D-43AE-8813-5DB82C0B23C2}) (Version:  - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Information (HKLM-x32\...\{1CC069FA-1A86-402E-9787-3F04E652C67A}) (Version: 10.1.0001 - Hewlett-Packard)
HP Total Care Setup (HKLM-x32\...\{784BEA84-FA66-4B19-BB80-7B545F248AC6}) (Version: 1.2.2854.2975 - Hewlett-Packard)
HP Update (HKLM-x32\...\{47F36D92-E58E-456D-B73C-3382737E4C42}) (Version: 4.000.013.003 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 2.0.64.3 - Hewlett-Packard) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (HKLM-x32\...\{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}) (Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (HKLM-x32\...\{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}) (Version: 130.0.303.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Lager (HKLM-x32\...\{8F32C384-D237-4516-9F2B-223E8963A2FB}) (Version: 1.0.0.0 - Hewlett-Packard) Hidden
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mein Büro (HKLM-x32\...\{11CF3ABC-DFB0-47DE-B31F-71CB995A12D7}_is1) (Version: 11.0 - Buhl Data Service GmbH)
meinHausplaner (HKLM-x32\...\meinHausplaner) (Version:  - )
Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 60.3.0 ESR (x86 de) (HKLM-x32\...\Mozilla Firefox 60.3.0 ESR (x86 de)) (Version: 60.3.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.3.0.6864 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 305.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.93 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
orgaMAX Business Software (HKLM-x32\...\orgaMAX_is1) (Version: 15.0 - deltra Business Software)
Prism Videodatei-Konverter (HKLM-x32\...\Prism) (Version:  - NCH Software)
PS_AIO_06_B109n-z_SW_Min (HKLM-x32\...\{8466940C-84D8-484C-B1E3-C2E4D73FD5DD}) (Version: 130.0.396.000 - Hewlett-Packard) Hidden
PSSWCORE (HKLM-x32\...\{34BFB099-07B2-4E95-A673-7362D60866A2}) (Version: 2.02.0000 - Hewlett-Packard) Hidden
Python 2.6.1 (HKLM-x32\...\{9CC89170-000B-457D-91F1-53691F85B223}) (Version: 2.6.1150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.78 (28.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.60.00(23.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.3 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.08 (17.12.2013) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.10.15 (01.11.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.01.08.00 - Samsung Electronics Co., Ltd.) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SmartWebPrinting (HKLM-x32\...\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TopApps Service (HKLM-x32\...\{B2BB7D05-F646-41C7-9CE4-CE77469C0899}_is1) (Version: 2.5.0 - )
TopKontor Handwerk Version 5 (HKLM-x32\...\{640A92A1-9B8B-4C80-B412-9595460EBC53}_is1) (Version: 5 - )
TrayApp (HKLM-x32\...\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}) (Version: 130.0.376.000 - Hewlett-Packard) Hidden
UltiDev Web Server Pro (HKLM-x32\...\{F60DFD1A-209E-4E12-9CF1-70820249A0C3}) (Version: 2.0.18 - UltiDev LLC) Hidden
UnloadSupport (HKLM-x32\...\{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}) (Version: 10.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Vallox AIRplan Version 3.2.10 (HKLM-x32\...\21013C3A-2754-4E89-8355-804F2C5BDE0A_is1) (Version: 3.2.10 - Vallox GmbH)
VideoToolkit01 (HKLM-x32\...\{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}) (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinRAR 5.60 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{1365A45F-0C8F-4806-A26A-6B22AD37EC66}\localserver32 -> C:\Program Files (x86)\Autodesk Architectural Desktop 2004\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{8E75D913-3D21-11D2-85C4-080009A0C626}\localserver32 -> C:\Program Files (x86)\Autodesk Architectural Desktop 2004\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc.)
ContextMenuHandlers1-x32-x32: [PDFTransformer3ContextMenu] -> {2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\PDFTContextMenu.dll [2010-03-25] (ABBYY)
ContextMenuHandlers1-x32-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2013-10-31] ()
ContextMenuHandlers1-x32-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-11-05] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-08-18] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-11-05] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2859396644-2780658763-3459757247-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2859396644-2780658763-3459757247-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2859396644-2780658763-3459757247-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0EAC8936-46AA-427C-990E-F9B6ABE4D1FF} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02] (PC-Doctor, Inc.)
Task: {14644CA2-28A6-4654-A60D-DB3D78DA6187} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000UA => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {2D3C6FC9-020F-4F2A-A25B-7587B5C284E7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000Core => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {629ACFD4-9AF5-4B6F-8F16-525CDFF41A83} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe
Task: {77438676-AB05-4EA6-A620-58C93A920949} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {80AACBAD-EA28-4363-A457-FDADE5E67DE1} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-11-05] (Avira Operations GmbH & Co. KG)
Task: {8EBFB20D-1961-47B8-B9D7-060A8856C002} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A0DB3953-5EE9-4E06-A0DA-4F26FA4D14AC} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04] (Hewlett-Packard)
Task: {CBE7D6DF-6B39-47D0-8B99-0E43ECC5636D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {F23551B9-20BB-49EF-AB0D-36AD8B7D6962} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FF888DC6-C5FB-41B5-8B65-56DFB31DF3E4} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-03-25] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000Core.job => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000UA.job => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\Thomas Wegefahrt\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-11-13 22:05 - 2012-08-18 09:28 - 000086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-28 03:53 - 2016-09-28 03:53 - 000031248 _____ () C:\Windows\System32\ssm4mlm.dll
2012-03-09 08:58 - 2012-03-09 08:58 - 000462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 000057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2018-11-13 21:05 - 2018-11-13 21:05 - 000010752 _____ () C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\07504d0b\fa6973ba\App_Web_30cbvv4z.dll
2018-11-13 21:05 - 2018-11-13 21:05 - 000049152 _____ () C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\07504d0b\fa6973ba\App_Web_oetgbt7x.dll
2014-08-09 19:03 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 13:34 - 2006-09-18 22:37 - 000000761 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Network PC Fax.lnk => C:\Windows\pss\Samsung Network PC Fax.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Thomas Wegefahrt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^wkcalrem.LNK => C:\Windows\pss\wkcalrem.LNK.Startup
MSCONFIG\startupreg: ahnukuo => rundll32 "C:\Users\Thomas Wegefahrt\AppData\Local\ahnukuo.dll",ahnukuo
MSCONFIG\startupreg: bjyrger => rundll32 "C:\Users\Thomas Wegefahrt\AppData\Local\bjyrger.dll",bjyrger
MSCONFIG\startupreg: BrHelp => "C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe" /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => "C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
MSCONFIG\startupreg: BrStsMon01 => "C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
MSCONFIG\startupreg: Cheba => C:\Users\Thomas Wegefahrt\AppData\Local\Cheba\Cheba.exe
MSCONFIG\startupreg: cmd => C:\Users\Thomas Wegefahrt\AppData\Local\Temp\Shuka\UACGetter.exe C:\Users\Thomas Wegefahrt\AppData\Local\Temp\Shuka\PackerV2.exe
MSCONFIG\startupreg: ControlCenter4 => "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
MSCONFIG\startupreg: EfnuTsef => regsvr32.exe "C:\ProgramData\EfnuTsef\EfnuTsef.dat"
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OrpaKukhi => regsvr32.exe "
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: {983EDF81-1837-A116-31A4-0E5C9C17DFD5} => "C:\Users\Thomas Wegefahrt\AppData\Roaming\Gylyby\nioc.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A2B3BA7E-A508-46E9-95D3-ED570036A43D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A8361C7-C873-487C-B70C-76759226FFD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60060DD8-5776-4CC8-853B-4956ED7D1C51}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D08D7BE9-45AD-4E9B-8525-2DCC5FDA57AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8E9EAC86-F781-4FC9-8A6B-6503521D29ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6D21A1C2-1FC1-4AD3-A9C7-08A862FF9840}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A160CFBB-6BE2-48F3-A3D4-E92A4E2AFF39}] => (Allow) LPort=54925
FirewallRules: [{C2166B3D-E4A4-4372-9061-68CB88AC0FF8}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{1D4707B2-4972-4BA1-9562-6CD38727F1F6}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe
FirewallRules: [{C5D254A1-C99B-485D-BE4E-06D4EED28AD5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{194BCAF5-791E-4BE6-9D28-C89A2ED7EBE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{D29306BD-5EFB-43FB-8672-2B154B8CA851}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{3B74A503-EEB0-4913-9E76-B035173D4247}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{68FC8072-DFD5-41E2-8215-D3CA9BF055C8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{7080B5AA-BAF8-4301-9477-6A894F58C235}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{4A6EA753-84D2-4F60-B7AA-1DAFA81D39B8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{7486E744-DCF6-4702-A872-499C36224F03}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{81F4A6CA-7919-439B-BF29-BC6FE7279349}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{C97A6DFA-F09D-4098-B463-142004F51322}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{5FFA1BDA-BD08-4DBD-BF48-65C306BBA31F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{28D6F2F0-0435-4F78-B25F-98EC0D538F04}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{6B08D8B0-0E42-442C-975D-2EFAE58E86D9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{26F4E41C-2BB9-425B-9BB7-B39194683FE6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C580AA05-94C8-4DF4-A2A9-D72EB99FB77E}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{C8A110C6-78E9-4F26-8B15-4ED1FD72544A}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{68DF859B-6958-43BF-A531-BC734502CF50}] => (Allow) LPort=61256
FirewallRules: [{89959AA9-8F67-44CA-8DBD-27785682FF07}] => (Allow) LPort=61192
FirewallRules: [{ECAF90EA-D26D-4617-BC11-0549AB3865B7}] => (Allow) LPort=56777
FirewallRules: [{35BB451A-9315-4BC0-987D-8CB0E54D026A}] => (Allow) LPort=5677
FirewallRules: [{935384C3-FF3A-49FA-9E25-D4897A54B7EA}] => (Allow) LPort=7756
FirewallRules: [{A46A53AB-84D3-4899-9095-5293268D3708}] => (Allow) C:\ADVANTAGE\Server\ads.exe
FirewallRules: [{DAFADE67-5606-491C-84F0-83EB0C8E99C3}] => (Allow) C:\ADVANTAGE\Server\ads.exe
FirewallRules: [{59743124-A3EF-4F48-8D7B-36BD3E54B9AC}] => (Allow) C:\ADVANTAGE\Server\ads.exe
FirewallRules: [{2FF2B454-6C5A-42BF-A8D6-D88DB35156F2}] => (Allow) E:\install\Data\Disk1\Setup.exe
FirewallRules: [{2E5F6EF6-7F7B-4B19-8B25-D23659ABC8EB}] => (Allow) E:\install\Data\Disk1\Setup.exe
FirewallRules: [{BB33B9F4-1A6E-4C53-85A4-D1CF980B37D3}] => (Allow) C:\Users\Thomas Wegefahrt\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{761782C6-DF2B-4A95-9FDD-ADE8F4C8AFE6}] => (Allow) C:\Users\Thomas Wegefahrt\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{BF10E96A-1620-4F32-A9B3-D9B57C2FF69F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A907E49E-9902-4062-8E33-0746FD133AD3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6CB4A95F-6C52-4B59-BDE2-022CDB0D86C1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BF95278-ADFB-4EE8-A1C6-0AC30447EDC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4678694E-8A44-4C62-81BD-E7E3D9A1BDE6}] => (Allow) C:\Users\Thomas Wegefahrt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHHTP3ZR\VideoToMp3Setup[1].exe
FirewallRules: [{CF7ED5A6-B2CD-4B0D-A47B-47906A9B03E0}] => (Allow) C:\Users\Thomas Wegefahrt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHHTP3ZR\VideoToMp3Setup[1].exe
FirewallRules: [{BC2D1878-CE35-4552-A1A7-2B61F77DBAC7}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{7C3BFB1E-B50E-4679-993A-57A5FB932D60}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{97F5A3EE-7A11-49DC-AEDE-A01CF17D5CD2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{B7FD3762-5ED2-4F96-9FDC-826838F7FCD2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{F2805B85-AE9D-41D0-9285-EBA7E7057F06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1F2D0FCF-492D-49C5-B999-A09C8A8A6373}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{AC8FC4EA-E01E-4505-9B9B-7997589CEC37}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{3672923F-6F1A-4DD1-8571-8B9DC8360041}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{5FA23127-4251-454D-8018-F2BED3BE5F45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{F3F27392-0B75-48BA-8332-C6BA203FAF6E}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{0953E2FD-E9BA-4DDB-AB7E-740DBDC6994A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{38E740BF-BB88-4AE6-A908-7C9106D77EDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{674B00F5-5582-401B-BC26-52636EB6663B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{0B2CCD0D-230C-4C8C-B06C-F59714636543}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{13854AF7-FD9C-42DB-A6D8-934576643A96}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D68AC96B-0AAF-4205-8D32-AF3A6B2E4878}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B45A04DD-0C96-4C74-98E9-DD4058D89951}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{4BD3E5E4-A3B7-4FF9-B0EA-538B261A03A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\Lager\hpqkygrp.exe
FirewallRules: [{702BAC86-B46A-438D-BD08-083F3DB2A41B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\Lager\hpqkygrp.exe
FirewallRules: [{FEB7E9C0-0539-4FEE-9DA0-0DA4A5202951}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\Lager\hpiscnapp.exe
FirewallRules: [{94BE2BDF-BEAE-4D83-86A7-0092D6D4AB0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\Lager\hpiscnapp.exe
FirewallRules: [{15AEF791-A20E-4FCA-882A-064377CDCCFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{810523BA-B8EB-4293-84B5-007228820782}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{AC8852D3-EC14-4631-9A34-D9E74B373517}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{9CC9A613-AFF6-409A-A1A0-65A41B0D7893}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{344A4B0E-34BB-40BD-9825-CF808A0D492F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2CF0B15E-4FB5-4810-80A4-FF77CD7E62CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{805876B6-7E11-4205-B5EC-F40680DCBBFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{0704015A-04DA-4DEC-8E01-7400021A4CE7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{71B4820C-C87A-458B-B173-0372A1827D84}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{8C0AE6E7-D01A-401F-B3A2-AD0C1B45F9C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [TCP Query User{8EC00C54-F14B-481C-ACF6-B1E087795140}C:\users\thomas wegefahrt\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\thomas wegefahrt\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7091FD6C-0164-4F8E-8C3D-077DE2D7F45F}C:\users\thomas wegefahrt\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\thomas wegefahrt\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4CF79D87-12DE-4C54-8E0D-91ACD122D216}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8061A128-7D49-4879-9A5F-5E712E46E78F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0BF05DD7-B291-40DE-843E-F9E52104A669}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8A1B1076-8165-40BB-83F0-6054A05A072C}] => (Allow) C:\Windows\SysWOW64\explorer.exe
FirewallRules: [{489FFD55-F220-46B6-AA58-1C2EC30E9284}] => (Allow) C:\Windows\SysWOW64\explorer.exe
FirewallRules: [{FE8D3DAE-F80F-4B89-976D-912E6ACD259D}] => (Allow) LPort=1046
FirewallRules: [{D75819AE-8260-4BBB-B906-7F0391A86456}] => (Allow) LPort=5000

==================== Wiederherstellungspunkte =========================

13-11-2018 11:54:06 Windows Update
13-11-2018 13:06:44 TopKontor Handwerk wird installiert
13-11-2018 14:07:54 TopKontor Handwerk wird installiert
13-11-2018 15:48:45 Windows Update
13-11-2018 21:34:02 Windows Update
13-11-2018 23:01:00 Windows Update
13-11-2018 23:16:09 Windows Update
13-11-2018 23:56:01 Windows Update
14-11-2018 00:03:06 TopKontor Handwerk wird installiert
14-11-2018 00:17:35 TopKontor Handwerk wird installiert
14-11-2018 01:04:28 Windows Update
14-11-2018 03:00:49 Windows Update
14-11-2018 07:39:53 Windows Update
14-11-2018 09:00:53 TopKontor Handwerk wird installiert
14-11-2018 09:19:37 Removed Bonjour
14-11-2018 09:22:29 Removed iTunes
14-11-2018 09:27:17 Microsoft Works wird entfernt
14-11-2018 09:27:33 Removed Motorola Driver Installation 4.4.0
14-11-2018 09:56:48 Removed MotoConnect
14-11-2018 13:37:32 Revo Uninstaller's restore point - Avira
14-11-2018 13:39:00 Revo Uninstaller's restore point - Avira
14-11-2018 13:40:28 Revo Uninstaller's restore point - Adobe Flash Player 31 ActiveX
14-11-2018 13:50:34 Revo Uninstaller's restore point - Adobe Shockwave Player 11.5
14-11-2018 13:52:06 Revo Uninstaller's restore point - Avira
14-11-2018 13:54:16 Revo Uninstaller's restore point - Avira
14-11-2018 13:55:41 Revo Uninstaller's restore point - Avira Antivirus
14-11-2018 13:58:28 Revo Uninstaller's restore point - OpenOffice.org 3.2
14-11-2018 13:58:45 OpenOffice.org 3.2 wird entfernt
14-11-2018 14:03:50 Revo Uninstaller's restore point - Java(TM) 6 Update 18
14-11-2018 14:04:15 Removed Java(TM) 6 Update 18
14-11-2018 14:07:38 Revo Uninstaller's restore point - PDFCreator
14-11-2018 14:09:04 Revo Uninstaller's restore point - Avira
14-11-2018 14:11:56 Revo Uninstaller's restore point - Avira Antivirus
14-11-2018 14:34:14 Revo Uninstaller's restore point - CyberLink DVD Suite Deluxe
14-11-2018 14:34:39 Konfiguriert PowerStarter
14-11-2018 14:37:46 Revo Uninstaller's restore point - LabelPrint
14-11-2018 14:38:11 Konfiguriert LabelPrint
14-11-2018 19:24:36 Revo Uninstaller's restore point - Avira
14-11-2018 19:32:01 Revo Uninstaller's restore point - FoxTab Video To MP3 Converter (remove only)
14-11-2018 21:51:38 Revo Uninstaller's restore point - DarkWave Studio 3.7.7
14-11-2018 21:58:17 Revo Uninstaller's restore point - Autodesk Architectural Desktop 2004
14-11-2018 22:01:05 Autodesk Architectural Desktop 2004 wird entfernt
15-11-2018 09:12:48 Revo Uninstaller's restore point - Autodesk Design Review 2011
15-11-2018 09:14:23 Revo Uninstaller's restore point - Autodesk Revit Architecture 2011 x64
15-11-2018 09:26:29 Revo Uninstaller's restore point - Microsoft Works
15-11-2018 09:27:10 Microsoft Works wird entfernt
15-11-2018 09:32:39 Revo Uninstaller's restore point - Autodesk Design Review 2011
15-11-2018 09:34:09 Revo Uninstaller's restore point - Autodesk Express Viewer
15-11-2018 09:35:33 Revo Uninstaller's restore point - Autodesk Material Library 2011 Medium Image library
15-11-2018 09:36:06 Removed Autodesk Material Library 2011 Medium Image library.
15-11-2018 09:39:16 Revo Uninstaller's restore point - Autodesk Material Library 2011 Base Image library
15-11-2018 09:39:35 Removed Autodesk Material Library 2011 Base Image library.

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/15/2018 09:54:21 AM) (Source: MsiInstaller) (EventID: 11721) (User: ThomasWegefa-PC)
Description: Product: Autodesk Material Library 2011 Base Image library -- Error 1721.There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: LaunchLuc.exe_Removal, location: C:\Program Files (x86)\Common Files\Autodesk Shared\Materials2011\AssetFiles\Luc.exe, command: -l -r "C:\Program Files (x86)\Common Files\Autodesk Shared\Materials2011\assetlibrary_base.adsklib"

Error: (11/15/2018 09:33:10 AM) (Source: MsiInstaller) (EventID: 10005) (User: ThomasWegefa-PC)
Description: Produkt: Autodesk Design Review 2011 --Microsoft Visual C++ 2005 SP1-Redistributable ist erforderlich, um mit der Installation fortzufahren. Besuchen Sie die Microsoft-Website für den Download, um das Redistributable Package zu erhalten.

Error: (11/15/2018 09:13:17 AM) (Source: MsiInstaller) (EventID: 10005) (User: ThomasWegefa-PC)
Description: Produkt: Autodesk Design Review 2011 --Microsoft Visual C++ 2005 SP1-Redistributable ist erforderlich, um mit der Installation fortzufahren. Besuchen Sie die Microsoft-Website für den Download, um das Redistributable Package zu erhalten.

Error: (11/14/2018 07:24:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {c7ad4775-eda0-42f8-b85d-bf73f121baa9}

Error: (11/14/2018 07:23:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/14/2018 02:47:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/14/2018 01:37:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {7e5c88a1-3de3-4098-9d3a-829a39065a42}

Error: (11/14/2018 11:53:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (11/14/2018 10:29:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/14/2018 10:29:07 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/14/2018 10:23:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/14/2018 07:27:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP Network Devices Support" wurde nicht richtig gestartet.

Error: (11/14/2018 07:23:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (11/14/2018 07:22:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (11/14/2018 07:22:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HP CUE DeviceDiscovery Service erreicht.

Error: (11/14/2018 07:20:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.


Windows Defender:
===================================
Date: 2018-11-13 11:31:34.729
Description: 
Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Versuchte Signaturen:Aktuell
Fehlercode:0x80070003
Fehlerbeschreibung:Das System kann den angegebenen Pfad nicht finden. 
Signaturversion:0.0.0.0
Modulversion:0.0.0.0

CodeIntegrity:
===================================

Date: 2018-09-20 22:06:15.181
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2018-09-20 22:06:15.086
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2018-09-20 22:06:14.983
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2018-09-20 22:06:14.892
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2018-09-20 22:06:14.793
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2017-01-12 13:05:39.420
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2017-01-12 13:05:34.329
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\NISx64\1008030.006\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2017-01-09 11:15:41.092
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 4095.18 MB
Verfügbarer physikalischer RAM: 1769.22 MB
Summe virtueller Speicher: 8188.5 MB
Verfügbarer virtueller Speicher: 5980.96 MB

==================== Laufwerke ================================

Drive c: (COMPAQ) (Fixed) (Total:581.64 GB) (Free:404.12 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.53 GB) (Free:2.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]


==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=581.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

cosinus · 15.11.2018, 12:40

da muss noch mehr runter

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Adobe Acrobat Reader DC
FoxTab Video To MP3 Converter
GnuWin32: OpenSSL-0.9.8h-1
MarketResearch
Microsoft Office Professional Plus 2007
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

the_slater · 15.11.2018, 13:43

Hab ich nun auch deinstalliert. Hier die neuen Logs:

Teil 1:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14.11.2018
durchgeführt von Thomas Wegefahrt (Administrator) auf THOMASWEGEFA-PC (15-11-2018 13:39:33)
Gestartet von C:\Users\Thomas Wegefahrt\Downloads
Geladene Profile: Thomas Wegefahrt & UpdatusUser (Verfügbare Profile: Thomas Wegefahrt & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Akamai Technologies, Inc.) C:\Users\Thomas Wegefahrt\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Akamai Technologies, Inc.) C:\Users\Thomas Wegefahrt\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(blue:solution software GmbH) C:\blue solution\Handwerk 5\daten\TopAppService\TopDnsService.exe
(UltiDev LLC) C:\Program Files (x86)\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe
(UltiDev LLC) C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe
(deltra Business Software GmbH & Co. KG) C:\orgaMAX\orgamaxmobil_service.exe
(UltiDev LLC) C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe
(iAnywhere Solutions, Inc.) C:\ADVANTAGE\Server\ads.exe
(UltiDev LLC) C:\Program Files (x86)\UltiDev\Web Server\UWS.AppHost.Clr4.x86.exe
(UltiDev LLC) C:\Program Files (x86)\UltiDev\Web Server\UWS.AppHost.Clr2.AnyCpu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [] => [X]
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Symantec <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <==== ACHTUNG
HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Thomas Wegefahrt\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Run: [Dropbox Update] => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [163328 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Run: [] => [X]
HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Policies\Explorer: [NoLogoff] 0
GroupPolicy\User: Beschränkung ? <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{90007ED5-66B0-402E-B6FA-C1038607B52D}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A0EA3E07-4716-4DF2-AD89-6CBD70C1F409}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt
HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.de/
SearchScopes: HKLM -> DefaultScope {017A66CC-3985-4911-A97F-FECB0BCC95B0} URL = 
SearchScopes: HKLM -> {58235107-16C5-49E2-98F1-21B363368353} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM -> {9E85F70F-E0D6-4AD4-823C-1BC5B6AE763C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {58235107-16C5-49E2-98F1-21B363368353} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {9E85F70F-E0D6-4AD4-823C-1BC5B6AE763C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000 -> {2F16B31B-95E7-4032-9A07-BE3A01AE30CA} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADSA_deDE365
SearchScopes: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000 -> {58235107-16C5-49E2-98F1-21B363368353} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000 -> {806EED28-EF2D-4BBA-B1B2-73A551F00068} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000 -> {9E85F70F-E0D6-4AD4-823C-1BC5B6AE763C} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldde-de.cab

FireFox:
========
FF ProfilePath: C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default [2018-11-14]
FF user.js: detected! => C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\user.js [2018-11-14]
FF Homepage: Mozilla\Firefox\Profiles\bprv7lbc.default -> hxxps://reisser.sct.de/cgi-bin/reisser/Hauptmenue.sd/CXEHLJJF/181111130958/ANMELDUNG/181111130958
FF NewTab: Mozilla\Firefox\Profiles\bprv7lbc.default -> hxxp://feed.snapdo.com/?publisher=Chew&co=&userid=42300388-b08f-40e3-9423-7e1734cb4695&barcodeid=22&installDate=01/01/2014&searchtype=nt
FF Extension: (Avira Browser Safety) - C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\Extensions\abs@avira.com [2018-11-14]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2018-11-13] [Legacy] [ist nicht signiert]
FF ProfilePath: C:\Users\Thomas Wegefahrt\AppData\Roaming\Marmiko IT-Solutions GmbH\Browser 7\Profiles\5z1e69in.default [2018-11-13]
FF Extension: (Firefox ESR configurer for OLDJAWS screen reader ) - C:\Program Files (x86)\Mozilla Firefox\browser\features\jaws-esr@mozilla.org.xpi [2018-11-13] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2018-11-13] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2018-11-13] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => nicht gefunden
FF HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [Keine Datei]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-20] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default [2018-11-14]
CHR Extension: (Präsentationen) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-13]
CHR Extension: (Docs) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-13]
CHR Extension: (Google Drive) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-13]
CHR Extension: (YouTube) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-13]
CHR Extension: (Google-Suche) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2018-11-13]
CHR Extension: (Tabellen) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-13]
CHR Extension: (Google Mail) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\Thomas Wegefahrt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
R2 Advantage; C:\ADVANTAGE\Server\ads.exe [3530752 2012-11-27] (iAnywhere Solutions, Inc.) [Datei ist nicht signiert]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [Datei ist nicht signiert]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S4 msvsmon90; c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 orgaMAXMobileService; C:\orgaMAX\orgamaxmobil_service.exe [4125864 2015-10-05] (deltra Business Software GmbH & Co. KG)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [508464 2013-11-01] (Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
R2 TopDNS; C:\blue solution\Handwerk 5\daten\TopAppService\TopDnsService.exe [2779648 2013-01-30] (blue:solution software GmbH) [Datei ist nicht signiert]
R2 UltiDev Web Server Pro; C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe [64512 2012-09-28] (UltiDev LLC) [Datei ist nicht signiert]
R2 UWS HiPriv Services; C:\Program Files (x86)\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe [48128 2012-09-28] (UltiDev LLC) [Datei ist nicht signiert]
R2 UWS LoPriv Services; C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe [44032 2012-09-28] (UltiDev LLC) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [73240 2018-11-05] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2018-11-05] (Avira Operations GmbH & Co. KG)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [45928 2017-06-29] (SteelSeries ApS)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-11-15 10:15 - 2018-11-15 10:15 - 000003282 _____ C:\Windows\System32\Tasks\{25C813FA-3F24-46EE-AA4B-395A89A890FB}
2018-11-15 09:54 - 2018-11-15 09:54 - 000000000 ____D C:\Users\Thomas Wegefahrt\Downloads\FRST-OlderVersion
2018-11-14 20:11 - 2018-11-14 20:11 - 000147807 _____ C:\Users\Thomas Wegefahrt\Downloads\0592838968303108.PDF
2018-11-14 20:11 - 2018-11-14 20:11 - 000067873 _____ C:\Users\Thomas Wegefahrt\Downloads\0592856768303108.PDF
2018-11-14 20:05 - 2018-11-14 20:05 - 000058734 _____ C:\Users\Thomas Wegefahrt\Downloads\0592912168303108.PDF
2018-11-14 14:41 - 2018-11-14 14:41 - 003191760 _____ (Avira Operations GmbH & Co. KG) C:\Users\Thomas Wegefahrt\Downloads\avira_registry_cleaner_de.exe
2018-11-14 13:35 - 2018-11-14 13:35 - 007197480 _____ (VS Revo Group ) C:\Users\Thomas Wegefahrt\Downloads\revosetup205.exe
2018-11-14 13:35 - 2018-11-14 13:35 - 000001040 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-11-14 13:35 - 2018-11-14 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-11-14 13:35 - 2018-11-14 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-11-14 13:35 - 2018-11-14 13:35 - 000000000 ____D C:\Program Files\VS Revo Group
2018-11-14 13:16 - 2018-11-14 13:16 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\CEF
2018-11-14 12:57 - 2018-11-14 12:57 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-14 11:58 - 2018-11-14 19:34 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-14 10:23 - 2018-11-15 09:56 - 000068910 _____ C:\Users\Thomas Wegefahrt\Downloads\Addition.txt
2018-11-14 10:20 - 2018-11-15 13:39 - 000019272 _____ C:\Users\Thomas Wegefahrt\Downloads\FRST.txt
2018-11-14 10:20 - 2018-11-15 13:39 - 000000000 ____D C:\FRST
2018-11-14 10:19 - 2018-11-15 09:54 - 002416128 _____ (Farbar) C:\Users\Thomas Wegefahrt\Downloads\FRST64.exe
2018-11-14 10:04 - 2018-11-14 14:45 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-11-14 10:04 - 2018-11-14 10:04 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-11-14 10:03 - 2018-11-05 10:24 - 000199920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-11-14 10:03 - 2018-11-05 10:24 - 000153040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-11-14 10:03 - 2018-11-05 10:24 - 000078600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2018-11-14 10:03 - 2018-11-05 10:24 - 000073240 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2018-11-14 10:03 - 2018-11-05 10:24 - 000035328 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2018-11-14 10:03 - 2018-11-05 10:24 - 000034128 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2018-11-14 09:57 - 2018-11-14 09:59 - 000000000 ____D C:\AdwCleaner
2018-11-14 09:57 - 2018-11-14 09:57 - 007592144 _____ (Malwarebytes) C:\Users\Thomas Wegefahrt\Downloads\adwcleaner_7.2.4.0.exe
2018-11-14 09:44 - 2018-11-14 09:51 - 000000008 __RSH C:\Users\Thomas Wegefahrt\ntuser.pol
2018-11-14 01:03 - 2018-11-11 02:29 - 005551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-14 01:03 - 2018-11-11 02:25 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-14 01:03 - 2018-11-11 02:25 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-14 01:03 - 2018-11-11 02:11 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-14 01:03 - 2018-11-11 02:10 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-14 01:03 - 2018-10-27 04:05 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-14 01:03 - 2018-10-18 03:48 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-14 01:03 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-14 01:03 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-14 01:03 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-14 01:03 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-14 01:03 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-14 01:03 - 2018-10-12 03:12 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-14 01:03 - 2018-10-12 03:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-14 01:03 - 2018-10-12 02:25 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-14 01:03 - 2018-10-12 02:19 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-14 01:03 - 2018-10-06 17:02 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-14 01:03 - 2018-09-23 03:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-14 01:03 - 2018-09-23 03:54 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-14 01:03 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-14 01:03 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-14 01:03 - 2018-09-23 03:34 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-14 01:03 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-14 01:02 - 2018-11-11 02:28 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-14 01:02 - 2018-11-11 02:28 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-11-14 01:02 - 2018-11-11 02:28 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-14 01:02 - 2018-11-11 02:28 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-14 01:02 - 2018-11-11 02:27 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-14 01:02 - 2018-11-11 02:27 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-14 01:02 - 2018-11-11 02:26 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-14 01:02 - 2018-11-11 02:26 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-14 01:02 - 2018-11-11 02:25 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:14 - 004054248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-11-14 01:02 - 2018-11-11 02:14 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-11-14 01:02 - 2018-11-11 02:12 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-14 01:02 - 2018-11-11 02:11 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-11-14 01:02 - 2018-11-11 02:11 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-14 01:02 - 2018-11-11 02:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-11-14 01:02 - 2018-11-11 02:11 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-14 01:02 - 2018-11-11 02:11 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-11-14 01:02 - 2018-11-11 02:11 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-11-14 01:02 - 2018-11-11 02:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-11-14 01:02 - 2018-11-11 02:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-11-14 01:02 - 2018-11-11 02:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 01:53 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-11-14 01:02 - 2018-11-11 01:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-11-14 01:02 - 2018-11-11 01:53 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-11-14 01:02 - 2018-11-11 01:52 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-11-14 01:02 - 2018-11-11 01:48 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-11-14 01:02 - 2018-11-11 01:48 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-11-14 01:02 - 2018-11-11 01:47 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-11-14 01:02 - 2018-11-11 01:47 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-11-14 01:02 - 2018-11-11 01:45 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-11-14 01:02 - 2018-11-11 01:44 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-11-14 01:02 - 2018-11-11 01:44 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-11-14 01:02 - 2018-11-11 01:44 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-11-14 01:02 - 2018-11-11 01:43 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-11-14 01:02 - 2018-11-11 01:43 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-11-14 01:02 - 2018-11-11 01:43 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-11-14 01:02 - 2018-11-11 01:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-11-14 01:02 - 2018-11-11 01:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-11-14 01:02 - 2018-11-11 01:43 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-14 01:02 - 2018-11-11 01:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-11-14 01:02 - 2018-11-11 01:41 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-11-14 01:02 - 2018-11-11 01:41 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-11-14 01:02 - 2018-11-11 01:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-11-14 01:02 - 2018-11-11 01:40 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-11-14 01:02 - 2018-11-11 01:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 01:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-14 01:02 - 2018-11-11 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-11-14 01:02 - 2018-10-27 04:42 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-14 01:02 - 2018-10-27 04:42 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-14 01:02 - 2018-10-27 04:42 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-14 01:02 - 2018-10-27 04:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2018-11-14 01:02 - 2018-10-27 04:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-14 01:02 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-14 01:02 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-14 01:02 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-14 01:02 - 2018-10-27 04:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-14 01:02 - 2018-10-27 04:11 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-14 01:02 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-14 01:02 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-14 01:02 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2018-11-14 01:02 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dispex.dll
2018-11-14 01:02 - 2018-10-18 20:49 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-14 01:02 - 2018-10-18 19:51 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-14 01:02 - 2018-10-12 21:36 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-11-14 01:02 - 2018-10-12 21:25 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-11-14 01:02 - 2018-10-12 21:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-11-14 01:02 - 2018-10-12 21:25 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-11-14 01:02 - 2018-10-12 21:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-11-14 01:02 - 2018-10-12 21:20 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-11-14 01:02 - 2018-10-12 21:20 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-11-14 01:02 - 2018-10-12 21:18 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-11-14 01:02 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-14 01:02 - 2018-10-12 21:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-14 01:02 - 2018-10-12 21:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-11-14 01:02 - 2018-10-12 21:11 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-11-14 01:02 - 2018-10-12 21:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-11-14 01:02 - 2018-10-12 21:07 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-11-14 01:02 - 2018-10-12 21:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-11-14 01:02 - 2018-10-12 21:05 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-11-14 01:02 - 2018-10-12 21:04 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-11-14 01:02 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-14 01:02 - 2018-10-12 21:03 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-11-14 01:02 - 2018-10-12 21:02 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-11-14 01:02 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-14 01:02 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-14 01:02 - 2018-10-12 20:55 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-11-14 01:02 - 2018-10-12 20:55 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-11-14 01:02 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-14 01:02 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-14 01:02 - 2018-10-12 03:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-11-14 01:02 - 2018-10-12 03:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-11-14 01:02 - 2018-10-12 03:11 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-11-14 01:02 - 2018-10-12 03:10 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-11-14 01:02 - 2018-10-12 03:10 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-11-14 01:02 - 2018-10-12 03:10 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-11-14 01:02 - 2018-10-12 03:04 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-11-14 01:02 - 2018-10-12 03:03 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-11-14 01:02 - 2018-10-12 03:01 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-14 01:02 - 2018-10-12 03:00 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-11-14 01:02 - 2018-10-12 03:00 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-11-14 01:02 - 2018-10-12 02:59 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-14 01:02 - 2018-10-12 02:59 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-14 01:02 - 2018-10-12 02:59 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-14 01:02 - 2018-10-12 02:54 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-14 01:02 - 2018-10-12 02:51 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-11-14 01:02 - 2018-10-12 02:46 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-14 01:02 - 2018-10-12 02:45 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-11-14 01:02 - 2018-10-12 02:44 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-11-14 01:02 - 2018-10-12 02:42 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-11-14 01:02 - 2018-10-12 02:42 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-11-14 01:02 - 2018-10-12 02:40 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-11-14 01:02 - 2018-10-12 02:38 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-11-14 01:02 - 2018-10-12 02:30 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-14 01:02 - 2018-10-12 02:27 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-14 01:02 - 2018-10-12 02:27 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-14 01:02 - 2018-10-12 02:26 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-11-14 01:02 - 2018-10-12 02:26 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-11-14 01:02 - 2018-10-12 02:06 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-14 01:02 - 2018-10-12 01:55 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-14 01:02 - 2018-10-06 14:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-14 01:02 - 2018-10-06 14:05 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-14 01:02 - 2018-09-23 03:54 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-14 01:02 - 2018-09-23 03:54 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-14 01:02 - 2018-09-23 03:54 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-14 01:02 - 2018-09-23 03:54 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-11-14 01:02 - 2018-09-23 03:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-14 01:02 - 2018-09-23 03:54 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-11-14 01:02 - 2018-09-23 03:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-11-14 01:02 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-14 01:02 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-14 01:02 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2018-11-14 01:02 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2018-11-14 01:02 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2018-11-14 01:02 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-11-14 01:02 - 2018-09-23 03:34 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-14 01:02 - 2018-09-23 03:33 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-14 01:02 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-14 01:02 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-14 01:02 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2018-11-14 01:02 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2018-11-14 01:02 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\system32\locale.nls
2018-11-14 01:00 - 2016-05-12 16:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2018-11-14 00:59 - 2015-07-16 20:12 - 006131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-11-14 00:59 - 2015-07-16 20:12 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-11-14 00:59 - 2015-07-16 20:12 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2018-11-14 00:59 - 2015-07-16 20:11 - 007077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-11-14 00:59 - 2015-07-16 20:11 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-11-14 00:59 - 2015-07-16 20:11 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2018-11-14 00:59 - 2015-07-11 14:15 - 000429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2018-11-14 00:59 - 2014-07-09 03:03 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2018-11-14 00:59 - 2014-07-09 03:03 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2018-11-14 00:59 - 2014-07-09 03:03 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2018-11-14 00:59 - 2014-07-09 03:03 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2018-11-14 00:59 - 2014-07-09 03:03 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2018-11-14 00:59 - 2014-07-09 02:31 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2018-11-14 00:59 - 2014-07-09 02:31 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2018-11-14 00:59 - 2014-07-09 02:31 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2018-11-14 00:59 - 2014-07-09 02:31 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2018-11-14 00:59 - 2014-07-09 02:31 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2018-11-14 00:59 - 2013-11-26 09:16 - 003419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2018-11-14 00:59 - 2013-11-22 23:48 - 003928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2018-11-14 00:58 - 2014-12-11 18:47 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2018-11-14 00:48 - 2011-03-11 07:41 - 000410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2018-11-14 00:48 - 2011-03-11 07:41 - 000166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2018-11-14 00:48 - 2011-03-11 07:41 - 000148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2018-11-14 00:48 - 2011-03-11 07:41 - 000107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2018-11-14 00:48 - 2011-03-11 07:41 - 000027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2018-11-14 00:48 - 2011-03-11 07:33 - 002565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2018-11-14 00:48 - 2011-03-11 07:30 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2018-11-14 00:48 - 2011-03-11 06:33 - 001699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2018-11-14 00:48 - 2011-03-11 06:31 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2018-11-13 22:05 - 2018-11-14 19:22 - 000000000 ____D C:\Users\UpdatusUser
2018-11-13 22:05 - 2018-11-13 22:05 - 000000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Startmenü
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Videos
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2018-11-13 22:05 - 2018-11-13 22:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-13 22:05 - 2018-11-13 11:00 - 000000000 ____D C:\Users\UpdatusUser\Documents\Visual Studio 2008
2018-11-13 22:05 - 2018-11-13 11:00 - 000000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2018-11-13 22:05 - 2011-04-12 08:54 - 000000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Media Center Programs
2018-11-13 22:04 - 2012-09-28 15:43 - 000058488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-11-13 22:04 - 2012-09-28 15:42 - 000052584 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-11-13 22:03 - 2018-11-13 22:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-11-13 22:03 - 2018-11-13 22:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-11-13 21:59 - 2016-04-14 14:49 - 000603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2018-11-13 21:59 - 2016-04-14 14:21 - 000647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2018-11-13 21:58 - 2018-08-30 02:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-11-13 21:58 - 2018-08-30 02:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-11-13 21:58 - 2017-05-12 17:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-11-13 21:58 - 2017-05-12 16:58 - 001648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-11-13 21:58 - 2017-05-12 16:58 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-11-13 21:58 - 2017-03-07 15:05 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-11-13 21:58 - 2016-10-11 14:33 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2018-11-13 21:58 - 2016-10-11 14:06 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2018-11-13 21:58 - 2016-03-23 23:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-11-13 21:58 - 2016-03-23 23:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-11-13 21:56 - 2015-12-08 22:54 - 002285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-11-13 21:56 - 2015-12-08 20:07 - 002777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-11-13 21:54 - 2013-10-02 03:22 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2018-11-13 21:54 - 2013-10-02 03:11 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-11-13 21:54 - 2013-10-02 03:08 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-11-13 21:54 - 2013-10-02 02:48 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2018-11-13 21:54 - 2013-10-02 02:48 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2018-11-13 21:54 - 2013-10-02 02:10 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-11-13 21:54 - 2013-10-02 01:14 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2018-11-13 21:54 - 2013-10-02 01:14 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2018-11-13 21:54 - 2013-10-02 00:31 - 001147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-11-13 21:54 - 2013-10-01 23:34 - 001068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-11-13 21:44 - 2018-11-14 09:19 - 000000000 ____D C:\Windows\system32\appmgmt
2018-11-13 21:44 - 2015-02-04 04:16 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2018-11-13 21:44 - 2015-02-04 03:54 - 000417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2018-11-13 21:41 - 2012-08-23 15:12 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\terminpt.sys
2018-11-13 21:41 - 2012-08-23 15:10 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2018-11-13 21:41 - 2012-08-23 15:08 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2018-11-13 21:41 - 2012-08-23 12:12 - 000192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2018-11-13 21:41 - 2012-08-23 11:51 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2018-11-13 21:40 - 2018-11-13 21:40 - 002146496 _____ (Panda Security, S.L.) C:\Users\Thomas Wegefahrt\Downloads\PANDAFREEAV.exe
2018-11-13 21:39 - 2018-11-13 21:39 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_sshid_01011.Wdf
2018-11-13 21:19 - 2015-12-16 19:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2018-11-13 21:19 - 2015-12-16 19:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2018-11-13 21:19 - 2015-12-16 19:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2018-11-13 21:19 - 2015-12-16 19:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2018-11-13 21:19 - 2015-12-16 19:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2018-11-13 21:19 - 2015-12-16 19:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2018-11-13 20:56 - 2018-11-13 20:56 - 000000000 ___SD C:\Windows\system32\CompatTel
2018-11-13 20:56 - 2018-11-13 20:56 - 000000000 ____D C:\Windows\system32\appraiser
2018-11-13 19:08 - 2015-07-30 14:13 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2018-11-13 19:08 - 2015-07-30 14:13 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2018-11-13 18:58 - 2018-11-13 18:58 - 000616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2018-11-13 18:58 - 2018-11-13 18:58 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2018-11-13 18:58 - 2018-11-13 18:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2018-11-13 18:58 - 2018-11-13 18:58 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2018-11-13 18:57 - 2018-11-13 18:57 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-11-13 18:57 - 2018-11-13 18:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2018-11-13 18:57 - 2018-11-13 18:57 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2018-11-13 18:57 - 2018-11-13 18:57 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2018-11-13 18:27 - 2018-11-13 18:27 - 001682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 001238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 001158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 001080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

the_slater · 15.11.2018, 13:44

Teil 2:

Code:

ATTFilter

2018-11-13 18:27 - 2018-11-13 18:27 - 000010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2018-11-13 18:27 - 2018-11-13 18:27 - 000002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2018-11-13 17:18 - 2018-11-13 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-11-13 17:18 - 2018-11-13 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-11-13 17:17 - 2018-11-13 17:17 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-11-13 17:17 - 2018-11-13 17:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-11-13 16:34 - 2012-07-26 04:08 - 000744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2018-11-13 16:34 - 2012-07-26 04:08 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2018-11-13 16:34 - 2012-07-26 04:08 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2018-11-13 16:34 - 2012-07-26 04:08 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2018-11-13 16:34 - 2012-07-26 04:08 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2018-11-13 16:34 - 2012-07-26 03:26 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2018-11-13 16:34 - 2012-07-26 03:26 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2018-11-13 16:34 - 2012-06-02 15:57 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2018-11-13 16:19 - 2018-11-14 01:26 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-13 16:08 - 2012-03-01 07:46 - 000023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2018-11-13 16:08 - 2012-03-01 07:28 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2018-11-13 16:08 - 2012-03-01 06:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2018-11-13 16:05 - 2017-04-27 23:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2018-11-13 16:05 - 2017-04-12 14:05 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2018-11-13 15:51 - 2014-06-30 23:24 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2018-11-13 15:51 - 2014-06-30 23:14 - 000008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2018-11-13 15:51 - 2014-03-09 22:48 - 001389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2018-11-13 15:51 - 2014-03-09 22:48 - 000171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2018-11-13 15:51 - 2014-03-09 22:47 - 000619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2018-11-13 15:51 - 2014-03-09 22:47 - 000099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2018-11-13 15:50 - 2014-06-06 07:16 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2018-11-13 15:50 - 2014-06-06 07:12 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2018-11-13 15:46 - 2015-11-14 00:09 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2018-11-13 15:46 - 2015-11-14 00:09 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2018-11-13 15:46 - 2015-11-14 00:08 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2018-11-13 15:46 - 2015-11-13 23:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2018-11-13 15:46 - 2015-11-13 23:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2018-11-13 15:46 - 2015-11-13 23:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2018-11-13 15:46 - 2015-01-09 04:14 - 000950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2018-11-13 15:46 - 2015-01-09 04:14 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2018-11-13 15:46 - 2015-01-09 04:14 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2018-11-13 15:46 - 2015-01-09 03:48 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2018-11-13 15:45 - 2018-09-19 09:08 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2018-11-13 15:45 - 2018-09-09 02:02 - 001680072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-11-13 15:45 - 2018-09-09 02:02 - 000986824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-13 15:45 - 2018-09-09 02:02 - 000265416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-13 15:45 - 2018-09-09 01:59 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-11-13 15:45 - 2018-09-09 01:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-11-13 15:45 - 2018-09-09 01:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-11-13 15:45 - 2018-09-09 01:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2018-11-13 15:45 - 2018-09-09 01:44 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-11-13 15:45 - 2018-09-09 01:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-11-13 15:45 - 2018-09-09 01:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-11-13 15:45 - 2018-08-31 16:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-11-13 15:45 - 2018-08-31 16:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-11-13 15:45 - 2018-08-28 07:24 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-11-13 15:45 - 2018-08-28 07:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-11-13 15:45 - 2018-08-28 07:09 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-11-13 15:45 - 2018-08-28 06:52 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-11-13 15:45 - 2018-08-28 06:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-11-13 15:45 - 2018-08-28 06:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-11-13 15:45 - 2018-08-28 06:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-11-13 15:45 - 2018-08-16 03:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2018-11-13 15:45 - 2018-08-13 22:49 - 001391856 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-11-13 15:45 - 2018-08-13 16:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-11-13 15:45 - 2018-08-13 16:54 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2018-11-13 15:45 - 2018-08-13 16:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-11-13 15:45 - 2018-08-13 16:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-11-13 15:45 - 2018-08-13 16:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-11-13 15:45 - 2018-08-13 16:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-11-13 15:45 - 2018-08-13 16:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-11-13 15:45 - 2018-08-13 16:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-11-13 15:45 - 2018-08-12 21:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-11-13 15:45 - 2018-08-12 21:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-11-13 15:45 - 2018-08-12 21:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-11-13 15:45 - 2018-08-12 21:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-11-13 15:45 - 2018-08-12 21:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-11-13 15:45 - 2018-08-10 16:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-11-13 15:45 - 2018-08-10 16:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-11-13 15:45 - 2018-08-10 16:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-11-13 15:45 - 2018-08-10 16:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-11-13 15:45 - 2018-08-10 16:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-11-13 15:45 - 2018-08-10 16:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-11-13 15:45 - 2018-08-10 16:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-11-13 15:45 - 2018-08-10 16:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-11-13 15:45 - 2018-08-10 16:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-11-13 15:45 - 2018-08-10 16:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-11-13 15:45 - 2018-08-08 16:54 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-11-13 15:45 - 2018-08-08 16:40 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-11-13 15:45 - 2018-08-03 16:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-11-13 15:45 - 2018-07-29 16:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-11-13 15:45 - 2018-07-18 16:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-11-13 15:45 - 2018-07-06 17:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-11-13 15:45 - 2018-06-29 16:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-11-13 15:45 - 2018-06-29 16:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-11-13 15:45 - 2018-06-29 16:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-11-13 15:45 - 2018-06-29 16:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-11-13 15:45 - 2018-06-29 16:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-11-13 15:45 - 2018-06-29 16:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-11-13 15:45 - 2018-06-27 16:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-11-13 15:45 - 2018-06-27 16:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-11-13 15:45 - 2018-06-27 16:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-11-13 15:45 - 2018-06-27 16:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-11-13 15:45 - 2018-06-27 16:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-11-13 15:45 - 2018-06-27 16:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-11-13 15:45 - 2018-06-27 16:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-11-13 15:45 - 2018-06-27 16:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-11-13 15:45 - 2018-06-27 16:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-11-13 15:45 - 2018-06-27 16:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-11-13 15:45 - 2018-06-27 16:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-11-13 15:45 - 2018-06-27 16:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-11-13 15:45 - 2018-06-21 04:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-11-13 15:45 - 2018-06-21 04:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-11-13 15:45 - 2018-06-08 17:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-11-13 15:45 - 2018-06-08 17:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-11-13 15:45 - 2018-06-08 16:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-11-13 15:45 - 2018-06-08 16:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-11-13 15:45 - 2018-06-08 16:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-11-13 15:45 - 2018-06-08 14:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-11-13 15:45 - 2018-05-30 14:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-11-13 15:45 - 2018-05-15 04:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-11-13 15:45 - 2018-05-15 04:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-11-13 15:45 - 2018-05-15 04:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-11-13 15:45 - 2018-05-15 04:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-11-13 15:45 - 2018-05-15 04:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-11-13 15:45 - 2018-05-15 04:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-11-13 15:45 - 2018-05-15 04:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-11-13 15:45 - 2018-05-15 04:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-11-13 15:45 - 2018-05-15 04:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-11-13 15:45 - 2018-05-15 04:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-11-13 15:45 - 2018-05-15 04:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-11-13 15:45 - 2018-05-15 04:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-11-13 15:45 - 2018-05-12 03:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-11-13 15:45 - 2018-05-11 22:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-11-13 15:45 - 2018-05-11 22:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-11-13 15:45 - 2018-05-11 01:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-11-13 15:45 - 2018-05-11 01:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-11-13 15:45 - 2018-05-02 16:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-11-13 15:45 - 2018-05-02 16:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-11-13 15:45 - 2018-05-02 16:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-11-13 15:45 - 2018-05-02 16:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-11-13 15:45 - 2018-04-26 14:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-11-13 15:45 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-11-13 15:45 - 2018-04-25 17:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-11-13 15:45 - 2018-04-25 16:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-11-13 15:45 - 2018-04-23 01:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-11-13 15:45 - 2018-04-23 00:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-11-13 15:45 - 2018-04-18 17:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-11-13 15:45 - 2018-04-18 16:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-11-13 15:45 - 2018-04-10 17:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-11-13 15:45 - 2018-04-10 17:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-11-13 15:45 - 2018-04-10 17:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-11-13 15:45 - 2018-04-10 17:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-11-13 15:45 - 2018-04-10 17:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-11-13 15:45 - 2018-04-10 17:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-11-13 15:45 - 2018-04-10 17:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-11-13 15:45 - 2018-04-10 16:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-11-13 15:45 - 2018-04-10 16:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-11-13 15:45 - 2018-04-10 16:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-11-13 15:45 - 2018-04-07 17:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-11-13 15:45 - 2018-03-14 18:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-11-13 15:45 - 2018-03-14 18:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-11-13 15:45 - 2018-03-14 18:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-11-13 15:45 - 2018-03-14 18:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-11-13 15:45 - 2018-03-14 17:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-11-13 15:45 - 2018-03-14 17:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-11-13 15:45 - 2018-03-14 17:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-11-13 15:45 - 2018-03-14 17:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-11-13 15:45 - 2018-03-14 17:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-13 15:45 - 2018-03-14 17:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-11-13 15:45 - 2018-03-14 17:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-11-13 15:45 - 2018-03-14 17:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-11-13 15:45 - 2018-03-14 17:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-11-13 15:45 - 2018-03-14 17:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-11-13 15:45 - 2018-03-14 17:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-11-13 15:45 - 2018-03-06 19:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-11-13 15:45 - 2018-03-06 19:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-11-13 15:45 - 2018-03-06 19:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-11-13 15:45 - 2018-03-06 19:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-11-13 15:45 - 2018-03-06 19:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-11-13 15:45 - 2018-03-06 19:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-11-13 15:45 - 2018-02-22 04:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-11-13 15:45 - 2018-02-22 04:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-11-13 15:45 - 2018-02-10 19:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-11-13 15:45 - 2018-02-10 19:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-11-13 15:45 - 2018-02-10 19:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-11-13 15:45 - 2018-02-10 19:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-11-13 15:45 - 2018-02-10 19:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-11-13 15:45 - 2018-02-10 19:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-11-13 15:45 - 2018-02-10 19:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-11-13 15:45 - 2018-02-10 19:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-11-13 15:45 - 2018-02-10 19:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-11-13 15:45 - 2018-02-10 19:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-11-13 15:45 - 2018-02-10 19:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-11-13 15:45 - 2018-02-10 19:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-11-13 15:45 - 2018-02-10 19:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-11-13 15:45 - 2018-02-10 19:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-11-13 15:45 - 2018-02-10 19:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-11-13 15:45 - 2018-02-10 19:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-11-13 15:45 - 2018-02-10 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-11-13 15:45 - 2018-02-10 18:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-11-13 15:45 - 2018-02-10 18:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-11-13 15:45 - 2018-02-10 18:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-11-13 15:45 - 2018-02-10 18:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-11-13 15:45 - 2018-01-12 17:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-11-13 15:45 - 2018-01-12 17:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-11-13 15:45 - 2018-01-12 17:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-11-13 15:45 - 2018-01-11 17:41 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-11-13 15:45 - 2018-01-11 17:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2018-11-13 15:45 - 2018-01-01 03:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-11-13 15:45 - 2018-01-01 03:18 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-11-13 15:45 - 2018-01-01 03:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-11-13 15:45 - 2018-01-01 03:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-11-13 15:45 - 2018-01-01 03:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-11-13 15:45 - 2018-01-01 03:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-11-13 15:45 - 2018-01-01 03:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-11-13 15:45 - 2018-01-01 03:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-11-13 15:45 - 2018-01-01 03:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-11-13 15:45 - 2018-01-01 03:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-11-13 15:45 - 2018-01-01 02:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-11-13 15:45 - 2018-01-01 02:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-11-13 15:45 - 2018-01-01 02:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-11-13 15:45 - 2018-01-01 02:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-11-13 15:45 - 2018-01-01 02:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-11-13 15:45 - 2018-01-01 02:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-11-13 15:45 - 2018-01-01 02:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-11-13 15:45 - 2018-01-01 02:47 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2018-11-13 15:45 - 2018-01-01 02:46 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2018-11-13 15:45 - 2018-01-01 02:46 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-11-13 15:45 - 2018-01-01 02:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-11-13 15:45 - 2018-01-01 02:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-11-13 15:45 - 2018-01-01 02:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-11-13 15:45 - 2018-01-01 02:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-11-13 15:45 - 2018-01-01 02:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-11-13 15:45 - 2018-01-01 02:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-11-13 15:45 - 2017-12-05 18:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-11-13 15:45 - 2017-12-05 18:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-11-13 15:45 - 2017-12-05 18:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-11-13 15:45 - 2017-12-05 18:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-11-13 15:45 - 2017-12-05 18:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-11-13 15:45 - 2017-12-05 18:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-11-13 15:45 - 2017-12-05 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-11-13 15:45 - 2017-12-05 18:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-11-13 15:45 - 2017-12-05 18:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-11-13 15:45 - 2017-12-05 18:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-11-13 15:45 - 2017-12-05 18:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2018-11-13 15:45 - 2017-12-05 18:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2018-11-13 15:45 - 2017-12-05 17:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-11-13 15:45 - 2017-12-05 16:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2018-11-13 15:44 - 2018-09-09 01:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-11-13 15:44 - 2018-09-09 01:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2018-11-13 15:44 - 2018-08-28 07:24 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-13 15:44 - 2018-08-28 07:24 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-11-13 15:44 - 2018-08-28 07:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-11-13 15:44 - 2018-08-28 07:09 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-11-13 15:44 - 2018-08-13 16:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-11-13 15:44 - 2018-08-13 16:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-11-13 15:44 - 2018-08-13 16:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-11-13 15:44 - 2018-08-13 16:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-11-13 15:44 - 2018-08-13 16:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-11-13 15:44 - 2018-08-12 21:32 - 000140976 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-11-13 15:44 - 2018-08-12 21:27 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-11-13 15:44 - 2018-08-10 16:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-11-13 15:44 - 2018-08-10 16:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-11-13 15:44 - 2018-08-10 16:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-11-13 15:44 - 2018-08-10 16:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-11-13 15:44 - 2018-08-10 16:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-11-13 15:44 - 2018-08-10 16:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-11-13 15:44 - 2018-08-10 16:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-11-13 15:44 - 2018-08-10 16:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-11-13 15:44 - 2018-08-10 16:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-11-13 15:44 - 2018-08-08 16:54 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-11-13 15:44 - 2018-08-08 16:40 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-11-13 15:44 - 2018-08-03 16:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-11-13 15:44 - 2018-06-29 16:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-11-13 15:44 - 2018-06-27 17:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-11-13 15:44 - 2018-06-27 16:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-11-13 15:44 - 2018-06-08 17:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-11-13 15:44 - 2018-06-08 16:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-11-13 15:44 - 2018-06-08 14:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-11-13 15:44 - 2018-06-08 14:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-11-13 15:44 - 2018-06-08 14:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-11-13 15:44 - 2018-06-08 14:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-11-13 15:44 - 2018-06-08 14:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-11-13 15:44 - 2018-06-08 14:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-11-13 15:44 - 2018-06-08 14:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-11-13 15:44 - 2018-05-30 14:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-11-13 15:44 - 2018-05-30 14:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-11-13 15:44 - 2018-05-12 03:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-11-13 15:44 - 2018-05-12 03:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-11-13 15:44 - 2018-05-02 16:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-11-13 15:44 - 2018-05-02 16:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-11-13 15:44 - 2018-04-18 17:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-11-13 15:44 - 2018-04-18 16:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-11-13 15:44 - 2018-04-18 16:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-11-13 15:44 - 2018-04-18 16:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-11-13 15:44 - 2018-03-14 18:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-11-13 15:44 - 2018-02-10 19:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-11-13 15:44 - 2018-02-10 19:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-11-13 15:44 - 2018-02-10 18:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-11-13 15:44 - 2018-02-10 18:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-11-13 15:44 - 2018-02-10 18:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-11-13 15:44 - 2018-01-12 17:27 - 004834816 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-11-13 15:44 - 2018-01-01 03:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-11-13 15:44 - 2018-01-01 03:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-11-13 15:44 - 2018-01-01 03:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-11-13 15:44 - 2018-01-01 03:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-11-13 15:44 - 2018-01-01 03:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-11-13 15:44 - 2018-01-01 03:18 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2018-11-13 15:44 - 2018-01-01 03:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-11-13 15:44 - 2018-01-01 03:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-11-13 15:44 - 2018-01-01 03:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-11-13 15:44 - 2018-01-01 03:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-11-13 15:44 - 2018-01-01 03:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-11-13 15:44 - 2018-01-01 03:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-11-13 15:44 - 2018-01-01 02:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-11-13 15:44 - 2018-01-01 02:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-11-13 15:44 - 2017-12-05 18:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-11-13 15:44 - 2017-12-05 18:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-11-13 15:43 - 2018-11-13 21:14 - 000000000 ____D C:\Users\Thomas Wegefahrt\Desktop\Desktop alt
2018-11-13 15:42 - 2017-11-02 17:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2018-11-13 15:42 - 2017-11-02 17:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2018-11-13 15:42 - 2017-11-02 17:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2018-11-13 15:42 - 2017-11-02 17:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2018-11-13 15:42 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2018-11-13 15:42 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2018-11-13 15:42 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2018-11-13 15:42 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2018-11-13 15:42 - 2017-10-17 00:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2018-11-13 15:42 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2018-11-13 15:42 - 2017-10-12 01:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2018-11-13 15:42 - 2017-10-12 01:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2018-11-13 15:42 - 2017-10-12 01:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-11-13 15:42 - 2017-10-12 01:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2018-11-13 15:42 - 2017-09-13 16:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-11-13 15:42 - 2017-09-13 16:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-11-13 15:42 - 2017-09-13 16:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-11-13 15:42 - 2017-09-13 16:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2018-11-13 15:42 - 2017-09-13 16:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2018-11-13 15:42 - 2017-09-13 16:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2018-11-13 15:42 - 2017-09-13 16:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-11-13 15:42 - 2017-09-13 16:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2018-11-13 15:42 - 2017-09-13 16:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2018-11-13 15:42 - 2017-09-13 16:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2018-11-13 15:42 - 2017-09-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2018-11-13 15:42 - 2017-09-13 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-11-13 15:42 - 2017-09-08 15:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2018-11-13 15:42 - 2017-09-08 15:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2018-11-13 15:42 - 2017-08-19 16:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2018-11-13 15:42 - 2017-08-19 16:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2018-11-13 15:42 - 2017-08-16 16:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2018-11-13 15:42 - 2017-08-16 16:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2018-11-13 15:42 - 2017-08-14 18:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2018-11-13 15:42 - 2017-08-14 18:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2018-11-13 15:42 - 2017-08-13 22:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2018-11-13 15:42 - 2017-08-13 22:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2018-11-13 15:42 - 2017-08-13 22:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2018-11-13 15:42 - 2017-08-11 07:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-11-13 15:42 - 2017-08-11 07:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2018-11-13 15:42 - 2017-08-11 07:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-11-13 15:42 - 2017-08-11 07:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2018-11-13 15:42 - 2017-08-11 07:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2018-11-13 15:42 - 2017-08-11 07:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2018-11-13 15:42 - 2017-08-11 07:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-11-13 15:42 - 2017-08-11 07:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2018-11-13 15:42 - 2017-08-11 07:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2018-11-13 15:42 - 2017-08-11 07:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2018-11-13 15:42 - 2017-08-11 07:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2018-11-13 15:42 - 2017-08-11 07:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2018-11-13 15:42 - 2017-08-11 07:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2018-11-13 15:42 - 2017-08-11 07:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2018-11-13 15:42 - 2017-08-11 07:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2018-11-13 15:42 - 2017-08-11 07:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2018-11-13 15:42 - 2017-08-11 07:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2018-11-13 15:42 - 2017-08-11 07:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2018-11-13 15:42 - 2017-08-11 07:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2018-11-13 15:42 - 2017-08-11 07:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2018-11-13 15:42 - 2017-08-11 07:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-11-13 15:42 - 2017-08-11 06:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2018-11-13 15:42 - 2017-07-29 15:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-11-13 15:42 - 2017-07-21 15:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2018-11-13 15:42 - 2017-07-21 15:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2018-11-13 15:42 - 2017-07-21 15:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2018-11-13 15:42 - 2017-07-21 15:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2018-11-13 15:42 - 2017-07-14 16:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2018-11-13 15:42 - 2017-07-14 16:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2018-11-13 15:42 - 2017-07-14 16:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2018-11-13 15:42 - 2017-07-14 15:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2018-11-13 15:42 - 2017-07-14 15:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2018-11-13 15:42 - 2017-07-14 15:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2018-11-13 15:42 - 2017-07-07 16:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2018-11-13 15:42 - 2017-07-07 16:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2018-11-13 15:42 - 2017-07-07 16:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2018-11-13 15:42 - 2017-07-01 14:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2018-11-13 15:42 - 2017-07-01 14:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2018-11-13 15:42 - 2017-07-01 14:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2018-11-13 15:42 - 2017-07-01 14:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2018-11-13 15:42 - 2017-07-01 14:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2018-11-13 15:42 - 2017-07-01 14:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2018-11-13 15:42 - 2017-07-01 14:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2018-11-13 15:42 - 2017-06-12 23:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2018-11-13 15:42 - 2017-06-12 23:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2018-11-13 15:42 - 2017-06-12 23:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2018-11-13 15:42 - 2017-06-12 23:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2018-11-13 15:42 - 2017-06-12 23:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2018-11-13 15:42 - 2017-06-12 23:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2018-11-13 15:42 - 2017-06-12 23:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2018-11-13 15:42 - 2017-06-12 23:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2018-11-13 15:42 - 2017-06-12 23:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2018-11-13 15:42 - 2017-06-12 23:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2018-11-13 15:42 - 2017-06-12 23:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2018-11-13 15:42 - 2017-06-12 23:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2018-11-13 15:42 - 2017-06-12 23:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2018-11-13 15:42 - 2017-06-12 23:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2018-11-13 15:42 - 2017-06-02 09:10 - 000733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2018-11-13 15:42 - 2017-05-10 16:33 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2018-11-13 15:42 - 2017-05-10 16:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2018-11-13 15:42 - 2017-05-07 16:33 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-11-13 15:42 - 2017-05-07 16:29 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2018-11-13 15:42 - 2017-04-04 15:53 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-11-13 15:42 - 2017-03-30 16:03 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2018-11-13 15:42 - 2017-03-30 15:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2018-11-13 15:42 - 2017-03-10 17:32 - 001389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2018-11-13 15:42 - 2017-03-10 17:32 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2018-11-13 15:42 - 2017-03-10 17:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2018-11-13 15:42 - 2017-03-10 17:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2018-11-13 15:42 - 2017-03-10 16:57 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2018-11-13 15:42 - 2017-03-10 16:55 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2018-11-13 15:42 - 2017-03-10 16:55 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2018-11-13 15:42 - 2017-03-07 17:30 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2018-11-13 15:42 - 2017-03-07 17:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2018-11-13 15:42 - 2017-03-04 02:27 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2018-11-13 15:42 - 2017-03-04 02:27 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2018-11-13 15:42 - 2017-03-04 02:14 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2018-11-13 15:42 - 2017-03-04 02:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2018-11-13 15:42 - 2017-02-09 17:32 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-11-13 15:42 - 2017-02-09 17:32 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2018-11-13 15:42 - 2017-02-09 17:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2018-11-13 15:42 - 2016-11-10 17:32 - 001009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2018-11-13 15:42 - 2016-11-10 17:19 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2018-11-13 15:42 - 2016-10-11 16:32 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2018-11-13 15:42 - 2016-10-11 16:31 - 001148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2018-11-13 15:42 - 2016-10-11 16:31 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2018-11-13 15:42 - 2016-10-11 16:31 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2018-11-13 15:42 - 2016-10-11 16:31 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2018-11-13 15:42 - 2016-10-11 16:31 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2018-11-13 15:42 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2018-11-13 15:42 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2018-11-13 15:42 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2018-11-13 15:42 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2018-11-13 15:42 - 2016-10-11 16:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2018-11-13 15:42 - 2016-10-11 16:31 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2018-11-13 15:42 - 2016-10-11 16:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2018-11-13 15:42 - 2016-10-11 16:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 000202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2018-11-13 15:42 - 2016-10-11 16:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2018-11-13 15:42 - 2016-10-11 16:18 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2018-11-13 15:42 - 2016-10-11 15:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2018-11-13 15:42 - 2016-09-12 22:08 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2018-11-13 15:42 - 2016-09-12 21:49 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2018-11-13 15:42 - 2016-09-08 21:34 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2018-11-13 15:42 - 2016-09-08 21:34 - 000208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2018-11-13 15:42 - 2016-09-08 21:34 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2018-11-13 15:42 - 2016-09-08 21:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2018-11-13 15:42 - 2016-09-08 15:55 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2018-11-13 15:42 - 2016-08-12 17:26 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2018-11-13 15:42 - 2016-08-06 16:31 - 002023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2018-11-13 15:42 - 2016-08-06 16:31 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2018-11-13 15:42 - 2016-08-06 16:31 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2018-11-13 15:42 - 2016-08-06 16:31 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2018-11-13 15:42 - 2016-08-06 16:31 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2018-11-13 15:42 - 2016-08-06 16:31 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2018-11-13 15:42 - 2016-08-06 16:15 - 001178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2018-11-13 15:42 - 2016-08-06 16:15 - 000249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2018-11-13 15:42 - 2016-08-06 16:15 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2018-11-13 15:42 - 2016-08-06 16:15 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2018-11-13 15:42 - 2016-08-06 16:15 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2018-11-13 15:42 - 2016-08-06 16:01 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2018-11-13 15:42 - 2016-08-06 16:01 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2018-11-13 15:42 - 2016-08-06 15:53 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2018-11-13 15:42 - 2016-08-06 15:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2018-11-13 15:42 - 2016-08-06 15:53 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-11-13 15:42 - 2016-06-14 18:16 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-11-13 15:42 - 2016-06-14 18:11 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2018-11-13 15:42 - 2016-06-14 16:21 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-11-13 15:42 - 2016-06-14 16:21 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2018-11-13 15:42 - 2016-06-14 16:15 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-11-13 15:42 - 2016-06-14 16:00 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2018-11-13 15:42 - 2016-06-14 16:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-11-13 15:42 - 2016-05-12 14:05 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2018-11-13 15:42 - 2016-05-12 14:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2018-11-13 15:42 - 2016-03-23 23:40 - 000546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-11-13 15:40 - 2016-07-22 15:58 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-11-13 15:40 - 2016-07-22 15:51 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2018-11-13 15:40 - 2016-03-16 19:50 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2018-11-13 15:40 - 2016-03-16 19:28 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2018-11-13 15:40 - 2016-03-16 19:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2018-11-13 15:40 - 2015-07-23 01:02 - 000879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2018-11-13 15:40 - 2015-07-22 18:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2018-11-13 15:40 - 2015-07-15 04:19 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2018-11-13 15:39 - 2015-05-25 19:19 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2018-11-13 15:39 - 2015-05-25 19:18 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2018-11-13 15:39 - 2015-05-25 19:18 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2018-11-13 15:39 - 2015-05-25 19:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2018-11-13 15:39 - 2015-05-25 19:18 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2018-11-13 15:39 - 2015-05-25 19:18 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2018-11-13 15:39 - 2015-05-25 19:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2018-11-13 15:39 - 2015-05-25 19:00 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2018-11-13 15:39 - 2015-05-25 19:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2018-11-13 15:39 - 2015-05-25 19:00 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2018-11-13 15:39 - 2015-05-25 19:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2018-11-13 15:39 - 2015-05-25 19:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2018-11-13 15:38 - 2014-03-04 10:44 - 000722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2018-11-13 15:38 - 2014-03-04 10:44 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2018-11-13 15:38 - 2014-03-04 10:43 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2018-11-13 15:38 - 2014-03-04 10:43 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2018-11-13 15:38 - 2014-03-04 10:43 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2018-11-13 15:38 - 2014-03-04 10:43 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2018-11-13 15:38 - 2014-03-04 10:43 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2018-11-13 15:38 - 2014-03-04 10:17 - 000538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2018-11-13 15:38 - 2014-03-04 10:17 - 000051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2018-11-13 15:38 - 2014-03-04 10:17 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2018-11-13 15:38 - 2014-03-04 10:17 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2018-11-13 15:38 - 2014-03-04 10:17 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2018-11-13 15:38 - 2014-03-04 10:17 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2018-11-13 15:38 - 2014-03-04 10:17 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2018-11-13 15:37 - 2013-12-04 03:27 - 000488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2018-11-13 15:37 - 2013-12-04 03:27 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2018-11-13 15:37 - 2013-12-04 03:27 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2018-11-13 15:37 - 2013-12-04 03:27 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2018-11-13 15:37 - 2013-12-04 03:26 - 000528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2018-11-13 15:37 - 2013-12-04 03:16 - 000658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2018-11-13 15:37 - 2013-12-04 03:16 - 000626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2018-11-13 15:37 - 2013-12-04 03:16 - 000553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2018-11-13 15:37 - 2013-12-04 03:16 - 000552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2018-11-13 15:37 - 2013-12-04 03:03 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2018-11-13 15:37 - 2013-12-04 03:03 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2018-11-13 15:37 - 2013-12-04 03:03 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2018-11-13 15:37 - 2013-12-04 03:03 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2018-11-13 15:37 - 2013-12-04 03:02 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2018-11-13 15:37 - 2013-12-04 02:54 - 000594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2018-11-13 15:37 - 2013-12-04 02:54 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2018-11-13 15:37 - 2013-12-04 02:54 - 000510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2018-11-13 15:37 - 2013-12-04 02:54 - 000508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2018-11-13 15:37 - 2012-12-07 14:20 - 000441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2018-11-13 15:37 - 2012-12-07 14:15 - 002746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2018-11-13 15:37 - 2012-12-07 13:26 - 000308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2018-11-13 15:37 - 2012-12-07 13:20 - 002576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2018-11-13 15:37 - 2012-12-07 12:20 - 000045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2018-11-13 15:37 - 2012-12-07 12:20 - 000044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2018-11-13 15:37 - 2012-12-07 12:20 - 000043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2018-11-13 15:37 - 2012-12-07 12:20 - 000030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2018-11-13 15:37 - 2012-12-07 12:20 - 000023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2018-11-13 15:37 - 2012-12-07 12:20 - 000020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2018-11-13 15:37 - 2012-12-07 12:20 - 000020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2018-11-13 15:37 - 2012-12-07 12:19 - 000055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2018-11-13 15:37 - 2012-12-07 12:19 - 000051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2018-11-13 15:37 - 2012-12-07 12:19 - 000046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2018-11-13 15:37 - 2012-12-07 12:19 - 000040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2018-11-13 15:37 - 2012-12-07 12:19 - 000021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2018-11-13 15:37 - 2012-12-07 12:19 - 000020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2018-11-13 15:37 - 2012-12-07 12:19 - 000015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2018-11-13 15:37 - 2012-12-07 11:46 - 000015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs

the_slater · 15.11.2018, 13:44

Teil 3:

Code:

ATTFilter

2018-11-13 15:36 - 2010-12-23 11:42 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2018-11-13 15:36 - 2010-12-23 11:36 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2018-11-13 15:36 - 2010-12-23 06:54 - 000850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2018-11-13 15:36 - 2010-12-23 06:50 - 000199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2018-11-13 15:35 - 2016-02-05 19:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2018-11-13 15:35 - 2016-02-05 19:54 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2018-11-13 15:35 - 2016-02-05 18:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2018-11-13 15:35 - 2015-10-29 18:50 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2018-11-13 15:35 - 2015-10-29 18:50 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2018-11-13 15:35 - 2015-10-29 18:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2018-11-13 15:35 - 2015-10-29 18:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2018-11-13 15:35 - 2015-10-29 18:50 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2018-11-13 15:35 - 2015-10-29 18:49 - 000295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2018-11-13 15:35 - 2015-10-29 18:49 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2018-11-13 15:35 - 2015-06-03 21:21 - 000451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2018-11-13 15:35 - 2014-08-01 12:53 - 001031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-11-13 15:35 - 2014-08-01 12:35 - 000793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2018-11-13 15:35 - 2014-06-18 03:18 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2018-11-13 15:35 - 2014-06-18 02:51 - 000646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2018-11-13 15:34 - 2015-06-02 01:07 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2018-11-13 15:34 - 2015-06-02 00:47 - 000210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2018-11-13 15:34 - 2015-04-13 04:28 - 000328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2018-11-13 15:34 - 2014-01-28 03:32 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-11-13 15:34 - 2013-10-30 03:32 - 000335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2018-11-13 15:34 - 2013-10-30 03:19 - 000301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2018-11-13 15:34 - 2013-04-26 00:30 - 001505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2018-11-13 15:34 - 2013-03-31 23:52 - 001887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-11-13 15:34 - 2013-03-19 06:53 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2018-11-13 15:34 - 2012-10-09 19:17 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2018-11-13 15:34 - 2012-10-09 19:17 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2018-11-13 15:34 - 2012-10-09 18:40 - 000193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2018-11-13 15:34 - 2012-10-09 18:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2018-11-13 15:34 - 2012-10-03 18:44 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2018-11-13 15:34 - 2012-10-03 18:42 - 000569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2018-11-13 15:34 - 2012-10-03 17:42 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2018-11-13 15:34 - 2012-01-04 11:44 - 000509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2018-11-13 15:34 - 2012-01-04 09:58 - 000442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2018-11-13 15:34 - 2011-06-16 06:49 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2018-11-13 15:34 - 2011-06-16 05:33 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2018-11-13 15:34 - 2011-06-15 11:02 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2018-11-13 15:34 - 2011-06-15 11:02 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2018-11-13 15:34 - 2011-06-15 11:02 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2018-11-13 15:34 - 2011-06-15 11:02 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2018-11-13 15:34 - 2011-06-15 09:55 - 000319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2018-11-13 15:34 - 2011-06-15 09:55 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2018-11-13 15:34 - 2011-06-15 09:55 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2018-11-13 15:34 - 2011-06-15 09:55 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2018-11-13 15:34 - 2011-06-15 09:55 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2018-11-13 15:33 - 2016-07-07 16:08 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2018-11-13 15:33 - 2016-02-03 19:07 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2018-11-13 15:33 - 2016-01-21 01:51 - 000073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2018-11-13 15:33 - 2015-07-09 18:58 - 001632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-11-13 15:33 - 2015-07-09 18:58 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2018-11-13 15:33 - 2015-07-09 18:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-11-13 15:33 - 2015-07-09 18:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2018-11-13 15:33 - 2015-04-24 19:17 - 000633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2018-11-13 15:33 - 2015-04-24 18:56 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2018-11-13 15:33 - 2015-02-03 04:31 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-11-13 15:33 - 2015-02-03 04:12 - 000171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2018-11-13 15:33 - 2015-01-29 04:19 - 002543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2018-11-13 15:33 - 2015-01-29 04:02 - 002311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2018-11-13 15:33 - 2014-12-19 04:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2018-11-13 15:33 - 2014-06-18 23:23 - 001943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2018-11-13 15:33 - 2014-06-18 23:23 - 001131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2018-11-13 15:33 - 2014-06-18 23:23 - 000156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2018-11-13 15:33 - 2014-06-18 23:23 - 000156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2018-11-13 15:33 - 2014-06-18 23:23 - 000081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2018-11-13 15:33 - 2014-06-18 23:23 - 000073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2018-11-13 15:33 - 2013-10-19 03:18 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2018-11-13 15:33 - 2013-10-19 02:36 - 000159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2018-11-13 15:33 - 2013-10-04 03:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2018-11-13 15:33 - 2013-10-04 03:25 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2018-11-13 15:33 - 2013-10-04 02:58 - 000152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2018-11-13 15:33 - 2013-10-04 02:56 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2018-11-13 15:33 - 2013-08-05 03:25 - 000155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-11-13 15:33 - 2013-06-25 23:55 - 000785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2018-11-13 15:33 - 2013-02-12 05:12 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2018-11-13 15:33 - 2012-11-28 23:56 - 000054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2018-11-13 15:33 - 2012-11-28 23:56 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2018-11-13 15:33 - 2012-11-28 23:56 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2018-11-13 15:33 - 2012-07-04 21:26 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2018-11-13 15:33 - 2011-12-30 07:26 - 000515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2018-11-13 15:33 - 2011-12-30 06:27 - 000478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2018-11-13 15:33 - 2011-03-11 07:34 - 001395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2018-11-13 15:33 - 2011-03-11 07:34 - 001359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2018-11-13 15:33 - 2011-03-11 06:33 - 001164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2018-11-13 15:33 - 2011-03-11 06:33 - 001137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2018-11-13 15:32 - 2016-02-05 02:19 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2018-11-13 15:32 - 2016-02-04 19:41 - 000296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2018-11-13 15:32 - 2015-12-08 22:53 - 000509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2018-11-13 15:32 - 2015-12-08 20:07 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2018-11-13 15:32 - 2015-11-05 20:05 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2018-11-13 15:32 - 2015-11-05 20:02 - 000014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2018-11-13 15:32 - 2015-11-05 10:53 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2018-11-13 15:32 - 2015-07-09 18:57 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2018-11-13 15:32 - 2015-07-09 18:57 - 000193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2018-11-13 15:32 - 2015-07-09 18:42 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2018-11-13 15:32 - 2013-07-12 11:41 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2018-11-13 15:32 - 2012-11-02 06:59 - 000478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2018-11-13 15:32 - 2012-11-02 06:11 - 000376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2018-11-13 15:32 - 2012-08-21 22:01 - 000245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2018-11-13 15:32 - 2012-03-17 08:58 - 000075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2018-11-13 15:32 - 2011-08-17 06:26 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2018-11-13 15:32 - 2011-08-17 06:25 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2018-11-13 15:32 - 2011-08-17 05:24 - 000465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2018-11-13 15:32 - 2011-08-17 05:19 - 000075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2018-11-13 15:14 - 2014-11-11 04:08 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2018-11-13 15:14 - 2014-11-11 03:44 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2018-11-13 15:13 - 2016-02-09 10:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2018-11-13 15:13 - 2015-12-08 22:54 - 001620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 001568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 001325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 000902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 000815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2018-11-13 15:13 - 2015-12-08 22:54 - 000739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 000541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2018-11-13 15:13 - 2015-12-08 22:54 - 000154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2018-11-13 15:13 - 2015-12-08 22:53 - 000829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2018-11-13 15:13 - 2015-12-08 22:53 - 000193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2018-11-13 15:13 - 2015-12-08 22:53 - 000153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2018-11-13 15:13 - 2015-12-08 22:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2018-11-13 15:13 - 2015-12-08 22:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2018-11-13 15:13 - 2015-12-08 22:53 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2018-11-13 15:13 - 2015-12-08 20:07 - 001955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 001575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 001307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2018-11-13 15:13 - 2015-12-08 20:07 - 001232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 001160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 001026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2018-11-13 15:13 - 2015-12-08 20:07 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2018-11-13 15:13 - 2015-12-08 20:07 - 000978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2018-11-13 15:13 - 2015-12-08 20:07 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2018-11-13 15:13 - 2015-12-08 20:07 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2018-11-13 15:13 - 2015-12-08 20:07 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2018-11-13 15:13 - 2015-12-08 20:07 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2018-11-13 15:13 - 2015-12-08 20:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2018-11-13 15:13 - 2015-12-08 20:06 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2018-11-13 15:13 - 2015-12-08 19:54 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2018-11-13 15:13 - 2015-12-08 19:12 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2018-11-13 15:13 - 2015-12-08 19:11 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2018-11-13 15:13 - 2015-04-11 04:19 - 000069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2018-11-13 15:12 - 2016-08-29 16:04 - 003229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2018-11-13 15:12 - 2016-08-29 15:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2018-11-13 15:10 - 2016-05-12 18:15 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2018-11-13 15:10 - 2016-05-12 18:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2018-11-13 15:10 - 2016-05-12 18:14 - 000793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2018-11-13 15:10 - 2016-05-12 18:14 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2018-11-13 15:10 - 2016-05-12 18:14 - 000373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2018-11-13 15:10 - 2016-05-12 18:14 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2018-11-13 15:10 - 2016-05-12 18:14 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2018-11-13 15:10 - 2016-05-12 18:14 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2018-11-13 15:10 - 2016-05-12 16:18 - 000591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2018-11-13 15:10 - 2016-05-12 16:18 - 000274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2018-11-13 15:10 - 2016-05-12 16:18 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2018-11-13 15:10 - 2016-05-12 16:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2018-11-13 15:10 - 2016-05-12 16:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2018-11-13 15:10 - 2016-05-12 16:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2018-11-13 15:10 - 2016-05-12 15:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2018-11-13 15:10 - 2016-05-12 15:57 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2018-11-13 15:10 - 2016-05-11 18:02 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2018-11-13 15:10 - 2016-05-11 18:02 - 000296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2018-11-13 15:10 - 2016-05-11 16:19 - 000231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2018-11-13 15:10 - 2016-05-11 16:19 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2018-11-13 15:10 - 2014-10-30 03:03 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2018-11-13 15:10 - 2014-10-30 02:45 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2018-11-13 15:10 - 2014-02-04 03:35 - 000274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-11-13 15:10 - 2014-02-04 03:35 - 000190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-11-13 15:10 - 2014-02-04 03:35 - 000027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2018-11-13 15:10 - 2014-02-04 03:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2018-11-13 15:10 - 2014-02-04 03:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2018-11-13 15:10 - 2012-09-25 23:47 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2018-11-13 15:10 - 2012-09-25 23:46 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2018-11-13 15:10 - 2011-02-05 18:10 - 000020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2018-11-13 15:10 - 2011-02-05 18:10 - 000019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2018-11-13 15:10 - 2011-02-05 18:10 - 000017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2018-11-13 15:09 - 2016-01-22 07:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2018-11-13 15:09 - 2016-01-22 07:18 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2018-11-13 15:09 - 2016-01-22 07:04 - 000642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2018-11-13 15:09 - 2016-01-22 07:04 - 000535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2018-11-13 15:08 - 2014-09-04 06:23 - 000424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2018-11-13 15:08 - 2014-09-04 06:04 - 000372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2018-11-13 15:08 - 2013-05-10 06:49 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2018-11-13 15:08 - 2013-05-10 04:20 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2018-11-13 15:08 - 2012-11-23 04:13 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2018-11-13 15:08 - 2011-05-24 12:42 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2018-11-13 15:08 - 2011-05-24 11:40 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2018-11-13 15:08 - 2011-05-24 11:40 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2018-11-13 15:08 - 2011-05-24 11:39 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2018-11-13 15:08 - 2011-05-24 11:37 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2018-11-13 15:07 - 2016-03-09 20:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2018-11-13 15:07 - 2016-03-09 19:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2018-11-13 15:07 - 2014-10-25 02:57 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2018-11-13 15:07 - 2014-10-25 02:32 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2018-11-13 15:07 - 2014-07-17 03:07 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2018-11-13 15:07 - 2014-07-17 03:07 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2018-11-13 15:07 - 2014-07-17 02:40 - 000157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2018-11-13 15:07 - 2014-07-17 02:21 - 000212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2018-11-13 15:07 - 2012-04-26 06:41 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2018-11-13 15:07 - 2012-04-26 06:34 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2018-11-13 15:06 - 2012-07-04 23:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2018-11-13 15:06 - 2012-07-04 23:13 - 000136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2018-11-13 15:06 - 2012-07-04 23:13 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2018-11-13 15:06 - 2012-07-04 22:16 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2018-11-13 15:06 - 2012-07-04 22:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2018-11-13 15:05 - 2016-03-09 19:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2018-11-13 15:05 - 2016-03-09 19:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2018-11-13 15:05 - 2015-11-03 20:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2018-11-13 15:05 - 2015-11-03 19:55 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2018-11-13 15:05 - 2013-05-13 06:50 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2018-11-13 15:05 - 2013-05-13 04:43 - 001192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2018-11-13 15:05 - 2013-05-13 04:08 - 000903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2018-11-13 15:05 - 2013-05-13 04:08 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2018-11-13 15:05 - 2013-01-24 07:01 - 000223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-11-13 15:05 - 2011-12-16 09:46 - 000634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2018-11-13 15:05 - 2011-12-16 08:52 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2018-11-13 15:05 - 2011-02-18 11:51 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2018-11-13 15:05 - 2011-02-18 06:39 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2018-11-13 15:05 - 2011-02-12 12:34 - 000267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2018-11-13 15:04 - 2015-03-04 05:41 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2018-11-13 15:04 - 2015-03-04 05:10 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2018-11-13 15:04 - 2011-08-27 06:37 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2018-11-13 15:04 - 2011-08-27 05:26 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2018-11-13 14:39 - 2012-02-17 05:57 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2018-11-13 13:04 - 2018-11-15 10:20 - 000123512 _____ C:\Users\Thomas Wegefahrt\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-13 11:57 - 2018-11-14 11:51 - 003039352 ____H C:\Users\Thomas Wegefahrt\AppData\Local\IconCache.db.backup
2018-11-13 11:52 - 2018-11-14 01:22 - 001695406 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-11-13 11:48 - 2018-11-13 21:11 - 000001419 _____ C:\Users\Thomas Wegefahrt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-11-13 11:48 - 2018-11-13 11:48 - 000000020 ___SH C:\Users\Thomas Wegefahrt\ntuser.ini
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Vorlagen
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Startmenü
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Eigene Dateien
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Druckumgebung
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Vorlagen
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Vorlagen
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Startmenü
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Startmenü
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Favoriten
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Favoriten
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Dokumente
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Dokumente
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2018-11-13 11:47 - 2018-11-13 11:47 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2018-11-13 11:06 - 2018-11-13 11:06 - 000022960 _____ C:\Windows\system32\emptyregdb.dat
2018-11-13 11:00 - 2018-11-13 11:00 - 000000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2018-11-13 11:00 - 2018-11-13 11:00 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-11-13 11:00 - 2018-11-13 11:00 - 000000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2018-11-13 11:00 - 2018-11-13 11:00 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2018-11-13 10:11 - 2018-11-14 09:51 - 000000000 ____D C:\Users\Thomas Wegefahrt
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Vorlagen
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Startmenü
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Netzwerkumgebung
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Lokale Einstellungen
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Eigene Dateien
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Druckumgebung
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Documents\Eigene Videos
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Documents\Eigene Musik
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Documents\Eigene Bilder
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\AppData\Local\Verlauf
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\AppData\Local\Anwendungsdaten
2018-11-13 10:11 - 2018-11-13 10:11 - 000000000 _SHDL C:\Users\Thomas Wegefahrt\Anwendungsdaten
2018-11-13 10:11 - 2011-04-12 08:54 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Media Center Programs
2018-11-13 10:10 - 2018-11-13 10:10 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2018-11-13 10:10 - 2018-11-13 10:10 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2018-11-13 10:10 - 2018-11-13 10:10 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2018-11-13 10:10 - 2018-11-13 10:10 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2018-11-13 10:08 - 2018-11-13 21:49 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-11-13 10:08 - 2018-11-13 10:15 - 000000000 ____D C:\Program Files\Realtek
2018-11-13 10:08 - 2018-11-13 10:08 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2018-11-13 10:07 - 2018-11-15 09:22 - 000010880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-13 10:07 - 2018-11-15 09:22 - 000010880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-13 10:06 - 2009-05-01 13:27 - 000506400 _____ (NVIDIA Corporation) C:\Windows\system32\nvuninst.exe
2018-11-13 10:02 - 2018-11-13 11:47 - 000000000 ____D C:\Windows\Panther
2018-11-13 10:02 - 2011-02-11 23:15 - 000000215 ____H C:\Boot.BAK
2018-11-13 10:00 - 2018-11-13 10:00 - 000262144 _____ C:\Windows\system32\config\userdiff
2018-11-13 09:45 - 2018-11-13 11:13 - 000000000 ___HD C:\$WINDOWS.~Q
2018-11-13 09:36 - 2018-11-13 09:41 - 000000000 ___HD C:\$INPLACE.~TR
2018-11-13 08:11 - 2018-11-13 08:11 - 000002544 _____ C:\Windows\diagwrn.xml
2018-11-13 08:11 - 2018-11-13 08:11 - 000001890 _____ C:\Windows\diagerr.xml
2018-11-12 15:17 - 2018-11-13 10:54 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\bluesolution software GmbH
2018-11-11 13:42 - 2018-11-11 13:42 - 000006262 _____ C:\Users\Thomas Wegefahrt\Downloads\wtzUnkRI
2018-11-11 13:37 - 2018-11-11 13:37 - 000006262 _____ C:\Users\Thomas Wegefahrt\Downloads\Ctzz+hYW
2018-11-05 18:51 - 2018-11-14 21:57 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\Mozilla
2018-11-05 18:50 - 2018-11-13 22:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-05 18:50 - 2018-11-05 18:50 - 000000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-05 18:50 - 2018-11-05 18:50 - 000000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-05 18:50 - 2018-11-05 18:50 - 000000894 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-11-05 18:48 - 2018-11-05 18:50 - 045386464 _____ (Mozilla) C:\Users\Thomas Wegefahrt\Downloads\Firefox Setup 52.9.0esr.exe
2018-11-02 13:55 - 2018-11-13 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2018-11-02 13:55 - 2018-11-13 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2018-10-25 19:20 - 2018-10-25 20:38 - 000031744 _____ C:\Users\Thomas Wegefahrt\Downloads\Fritsch Speyer.xls
2018-10-25 18:25 - 2018-10-25 18:26 - 000780671 _____ C:\Users\Thomas Wegefahrt\Downloads\Hasenpfuhlstr. 15a, Speyer Heizung - Installateur.pdf
2018-10-17 02:15 - 2018-11-13 10:23 - 000000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2018-10-16 09:31 - 2018-11-15 01:06 - 000003712 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{00E9D659-AB2C-49B7-AD84-3322A91520FF}
2018-10-16 07:13 - 2018-11-13 10:30 - 000000000 ____D C:\Windows\SysWOW64\spool
2018-10-16 07:08 - 2018-10-16 07:08 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2018-10-16 07:07 - 2018-10-16 07:07 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2018-10-16 03:55 - 2018-10-16 03:55 - 001257984 ____N (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2018-10-16 03:55 - 2018-10-16 03:55 - 000979456 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MFH264Dec.dll
2018-10-16 03:55 - 2018-10-16 03:55 - 000428544 ____N (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2018-10-16 03:55 - 2018-10-16 03:55 - 000377344 ____N (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2018-10-16 03:55 - 2018-10-16 03:55 - 000357376 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MFHEAACdec.dll
2018-10-16 03:55 - 2018-10-16 03:55 - 000302592 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4src.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-11-15 13:37 - 2011-04-12 08:54 - 000000000 ____D C:\Windows\ShellNew
2018-11-15 13:37 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-11-15 13:36 - 2006-11-02 13:34 - 000000163 _____ C:\Windows\win.ini
2018-11-15 13:34 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-11-15 12:54 - 2015-08-27 15:25 - 000001268 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000UA.job
2018-11-15 10:25 - 2011-07-20 21:17 - 000000000 ____D C:\Program Files (x86)\NCH Software
2018-11-15 10:20 - 2009-05-19 05:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2018-11-15 10:20 - 2009-05-19 05:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2018-11-15 09:15 - 2011-02-06 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-11-15 09:15 - 2011-02-06 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-11-15 09:15 - 2011-02-06 17:44 - 000000000 ____D C:\ProgramData\Autodesk
2018-11-15 09:15 - 2011-02-06 17:44 - 000000000 ____D C:\ProgramData\Autodesk
2018-11-15 09:12 - 2011-02-06 17:44 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Autodesk
2018-11-15 09:12 - 2011-01-28 14:18 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Autodesk
2018-11-14 22:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-11-14 22:08 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2018-11-14 22:07 - 2014-08-11 11:44 - 000018892 _____ C:\ads_err.adm
2018-11-14 22:07 - 2014-08-11 11:44 - 000005632 _____ C:\ads_err.adi
2018-11-14 22:06 - 2014-08-11 11:44 - 000174999 _____ C:\ads_err.adt
2018-11-14 21:54 - 2014-08-09 19:13 - 000015780 _____ C:\Windows\BRRBCOM.INI
2018-11-14 21:51 - 2011-11-12 20:36 - 000000000 ____D C:\Program Files (x86)\ExperimentalScene
2018-11-14 21:14 - 2018-09-30 13:44 - 000000000 ____D C:\Users\Thomas Wegefahrt\Desktop\WeMo UG
2018-11-14 21:14 - 2012-05-15 08:55 - 000000000 ____D C:\Program Files (x86)\ABBYY PDF Transformer 3.0
2018-11-14 20:54 - 2015-08-27 15:25 - 000001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000Core.job
2018-11-14 19:34 - 2010-01-24 18:41 - 000000000 ____D C:\ProgramData\Adobe
2018-11-14 19:34 - 2010-01-24 18:41 - 000000000 ____D C:\ProgramData\Adobe
2018-11-14 19:26 - 2010-11-25 08:35 - 000000000 ____D C:\Program Files (x86)\Avira
2018-11-14 19:23 - 2015-11-17 09:41 - 000000000 ____D C:\ProgramData\firebird
2018-11-14 19:23 - 2015-11-17 09:41 - 000000000 ____D C:\ProgramData\firebird
2018-11-14 19:23 - 2010-01-19 19:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-11-14 19:22 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-14 14:44 - 2018-09-30 15:41 - 000000000 ____D C:\Windows\pss
2018-11-14 14:36 - 2009-05-19 05:28 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-11-14 14:13 - 2016-03-31 16:40 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\WEB2Print
2018-11-14 14:02 - 2010-09-07 20:03 - 000000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2018-11-14 13:49 - 2009-05-19 05:32 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-14 13:16 - 2010-01-24 18:42 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Adobe
2018-11-14 13:16 - 2010-01-07 21:04 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Adobe
2018-11-14 12:57 - 2011-09-27 15:15 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox
2018-11-14 12:56 - 2015-08-27 15:25 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox
2018-11-14 11:57 - 2010-01-24 18:41 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-11-14 10:12 - 2011-05-21 17:45 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab Video To MP3 Converter
2018-11-14 10:12 - 2011-05-21 17:44 - 000000000 ____D C:\Program Files (x86)\FoxTabVideo2Mp3Converter
2018-11-14 09:33 - 2010-02-22 19:28 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Mozilla
2018-11-14 09:24 - 2014-09-06 13:10 - 000000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2018-11-14 09:24 - 2014-09-06 13:10 - 000000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2018-11-14 09:21 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-11-14 09:21 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-11-14 09:21 - 2009-05-19 05:47 - 000000000 ____D C:\ProgramData\WildTangent
2018-11-14 09:21 - 2009-05-19 05:47 - 000000000 ____D C:\ProgramData\WildTangent
2018-11-14 09:21 - 2009-05-19 05:47 - 000000000 ____D C:\Program Files (x86)\HP Games
2018-11-14 03:54 - 2014-10-06 20:07 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 03:54 - 2014-10-06 20:07 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 03:54 - 2014-10-06 20:07 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-14 03:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat
2018-11-14 03:29 - 2011-04-12 08:43 - 000737974 _____ C:\Windows\system32\perfh007.dat
2018-11-14 03:29 - 2011-04-12 08:43 - 000165334 _____ C:\Windows\system32\perfc007.dat
2018-11-14 03:29 - 2009-07-14 06:13 - 001722062 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-14 03:29 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-11-14 03:25 - 2009-07-14 05:45 - 000526520 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-14 01:51 - 2018-09-20 18:51 - 000004552 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-14 01:51 - 2012-04-25 19:58 - 000842376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-14 01:51 - 2012-04-25 19:58 - 000004368 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-14 01:51 - 2011-08-07 19:59 - 000175240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-14 01:37 - 2014-08-08 02:02 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 00:43 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-11-13 23:18 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-11-13 22:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing
2018-11-13 22:05 - 2011-02-12 10:52 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-11-13 22:05 - 2009-05-19 05:30 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-13 22:05 - 2009-05-19 05:30 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-13 22:04 - 2011-02-11 19:10 - 000000000 ____D C:\Temp
2018-11-13 21:47 - 2014-10-09 08:40 - 000000000 ____D C:\ProgramData\Samsung
2018-11-13 21:47 - 2014-10-09 08:40 - 000000000 ____D C:\ProgramData\Samsung
2018-11-13 21:47 - 2014-10-09 08:40 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2018-11-13 21:35 - 2010-02-22 19:28 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla
2018-11-13 21:35 - 2010-02-22 19:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-13 21:13 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-11-13 21:13 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-11-13 20:57 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2018-11-13 20:55 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2018-11-13 20:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2018-11-13 20:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2018-11-13 20:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-11-13 20:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2018-11-13 20:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\migwiz
2018-11-13 20:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2018-11-13 20:54 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Defender
2018-11-13 20:54 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-11-13 20:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2018-11-13 15:06 - 2010-01-19 19:02 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\TeamViewer
2018-11-13 11:49 - 2009-07-14 06:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-11-13 11:47 - 2018-09-30 14:47 - 000000140 _____ C:\Windows\BROMJ870DW.INI
2018-11-13 11:47 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries
2018-11-13 11:47 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Windows NT
2018-11-13 11:07 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Registration
2018-11-13 11:06 - 2009-07-14 04:20 - 000000000 __RSD C:\Windows\Media
2018-11-13 10:56 - 2018-09-30 12:17 - 000000000 ____D C:\Users\Thomas Wegefahrt\Downloads\MO2007
2018-11-13 10:56 - 2018-09-29 15:54 - 000000000 ____D C:\Users\Thomas Wegefahrt\Downloads\Micosoft Office 2016 Select Edition Volume License x64 12.Sep. 2018 by residents
2018-11-13 10:56 - 2011-09-27 15:19 - 000000000 ___RD C:\Users\Thomas Wegefahrt\Dropbox
2018-11-13 10:55 - 2018-09-30 14:38 - 000000000 ____D C:\Users\Thomas Wegefahrt\Downloads\install
2018-11-13 10:55 - 2014-12-10 10:47 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\GbR
2018-11-13 10:55 - 2014-10-09 17:27 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Samsung
2018-11-13 10:55 - 2014-08-11 10:57 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\TKHW50
2018-11-13 10:55 - 2011-08-14 21:25 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\AdressOffice
2018-11-13 10:55 - 2011-04-02 17:56 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\Architecture CAD
2018-11-13 10:55 - 2011-02-21 10:53 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\cadvilla basic
2018-11-13 10:55 - 2011-02-06 20:18 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\Autodesk Revit Architecture 2011 x64
2018-11-13 10:55 - 2011-02-06 20:14 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\Visual Studio 2008
2018-11-13 10:55 - 2010-09-24 20:08 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\NUMAX
2018-11-13 10:55 - 2010-09-07 19:58 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\OneNote-Notizbücher
2018-11-13 10:55 - 2010-02-07 19:42 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\Eigene Scans
2018-11-13 10:55 - 2010-01-19 19:49 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\WinRAR
2018-11-13 10:55 - 2010-01-07 23:31 - 000000000 ____D C:\Users\Thomas Wegefahrt\Documents\Meine Projekte
2018-11-13 10:55 - 2010-01-07 22:49 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Template
2018-11-13 10:54 - 2018-09-25 20:02 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Heinemann GmbH
2018-11-13 10:54 - 2018-09-25 20:01 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heinemann GmbH
2018-11-13 10:54 - 2015-02-11 12:21 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\MetaQuotes
2018-11-13 10:54 - 2014-12-18 15:26 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Iqquu
2018-11-13 10:54 - 2014-10-24 15:19 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Marmiko IT-Solutions GmbH
2018-11-13 10:54 - 2014-10-09 08:43 - 000000000 ___RD C:\Users\Thomas Wegefahrt\AppData\Roaming\Brother
2018-11-13 10:54 - 2014-08-09 19:19 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\ControlCenter4
2018-11-13 10:54 - 2014-08-09 19:00 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\InstallShield
2018-11-13 10:54 - 2014-08-07 10:05 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\deltra Software GmbH
2018-11-13 10:54 - 2014-08-07 10:05 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Buhl Data Service GmbH
2018-11-13 10:54 - 2011-07-20 21:17 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\NCH Software
2018-11-13 10:54 - 2011-07-04 11:16 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Buhl Data Service
2018-11-13 10:54 - 2010-09-24 20:08 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\NUMAX
2018-11-13 10:54 - 2010-09-23 22:07 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\ASCON Programme
2018-11-13 10:54 - 2010-09-23 21:53 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\ASCON Installer
2018-11-13 10:54 - 2010-09-07 20:07 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\OpenOffice.org
2018-11-13 10:54 - 2010-05-04 22:08 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Apple Computer
2018-11-13 10:54 - 2010-02-03 18:17 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Google
2018-11-13 10:54 - 2010-01-24 09:39 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\mh-software
2018-11-13 10:54 - 2010-01-20 13:37 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\HP
2018-11-13 10:54 - 2010-01-19 19:48 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-13 10:54 - 2010-01-07 14:21 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\Hewlett-Packard
2018-11-13 10:54 - 2010-01-07 14:18 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\HP TCS
2018-11-13 10:53 - 2018-09-21 07:20 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\TeamViewer
2018-11-13 10:53 - 2014-10-24 15:19 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Marmiko IT-Solutions GmbH
2018-11-13 10:53 - 2014-09-03 13:22 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\Brother
2018-11-13 10:53 - 2014-08-12 09:17 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\UltiDev_LLC
2018-11-13 10:53 - 2011-08-27 18:50 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\ge6212
2018-11-13 10:53 - 2011-08-14 21:25 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\AdressOffice
2018-11-13 10:53 - 2011-05-23 16:31 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\BabylonToolbar
2018-11-13 10:53 - 2011-02-12 00:59 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\NeoSmart_Technologies
2018-11-13 10:53 - 2011-01-05 22:23 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\PDF24
2018-11-13 10:53 - 2010-09-07 09:35 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Symantec
2018-11-13 10:53 - 2010-05-04 22:03 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\Apple Computer
2018-11-13 10:53 - 2010-03-02 20:16 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\Google
2018-11-13 10:53 - 2010-02-21 22:34 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\Sun
2018-11-13 10:53 - 2010-02-03 18:17 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Google
2018-11-13 10:53 - 2010-02-03 18:05 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\Macromedia
2018-11-13 10:53 - 2010-01-20 20:13 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\LocalLow\Adobe
2018-11-13 10:53 - 2010-01-20 13:37 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\HP
2018-11-13 10:53 - 2010-01-07 23:44 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Roaming\_MDLogs
2018-11-13 10:53 - 2010-01-07 23:22 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Microsoft Help
2018-11-13 10:53 - 2010-01-07 23:21 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Seven Zip
2018-11-13 10:53 - 2010-01-07 14:22 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Microsoft Games
2018-11-13 10:53 - 2010-01-07 14:21 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Hewlett-Packard_Company
2018-11-13 10:53 - 2010-01-07 14:21 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Hewlett-Packard
2018-11-13 10:53 - 2010-01-07 14:16 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\VirtualStore
2018-11-13 10:52 - 2014-10-02 15:57 - 000000000 ____D C:\Users\Thomas Wegefahrt\4.0
2018-11-13 10:52 - 2014-10-02 15:57 - 000000000 ____D C:\Users\Thomas Wegefahrt\.tfo4
2018-11-13 10:52 - 2012-05-15 09:01 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\ABBYY
2018-11-13 10:52 - 2011-11-10 17:26 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Akamai
2018-11-13 10:52 - 2011-07-04 11:08 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Buhl Data Service
2018-11-13 10:52 - 2010-08-28 15:39 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Downloaded Installations
2018-11-13 10:52 - 2010-05-04 22:08 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Apple Computer
2018-11-13 10:52 - 2010-05-04 22:05 - 000000000 ____D C:\Users\Thomas Wegefahrt\AppData\Local\Apple
2018-11-13 10:30 - 2018-09-20 21:04 - 000000000 ____D C:\Windows\system32\EventProviders
2018-11-13 10:30 - 2011-04-12 08:43 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2018-11-13 10:30 - 2010-10-15 11:51 - 000000000 ____D C:\Windows\Startmenü
2018-11-13 10:30 - 2010-09-02 11:27 - 000000000 ____D C:\Windows\uninstall
2018-11-13 10:30 - 2010-01-20 20:12 - 000000000 ____D C:\Windows\SysWOW64\Adobe
2018-11-13 10:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\oobe
2018-11-13 10:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\sysprep
2018-11-13 10:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\oobe
2018-11-13 10:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-11-13 10:30 - 2009-05-19 05:55 - 000000000 ____D C:\Windows\SysWOW64\oem
2018-11-13 10:30 - 2006-11-02 16:16 - 000000000 ____D C:\Windows\SysWOW64\Branding
2018-11-13 10:30 - 2006-11-02 16:15 - 000000000 ____D C:\Windows\WindowsMobile
2018-11-13 10:30 - 2006-11-02 16:15 - 000000000 ____D C:\Windows\system32\Branding
2018-11-13 10:30 - 2006-11-02 14:34 - 000000000 ____D C:\Windows\system32\RemInst
2018-11-13 10:29 - 2006-11-02 14:33 - 000000000 ____D C:\Windows\nap
2018-11-13 10:28 - 2018-09-30 14:43 - 000000000 ____D C:\Users\Public\Documents\BrFaxRx
2018-11-13 10:28 - 2018-09-25 20:00 - 000000000 ____D C:\Users\Public\Documents\Heinemann GmbH
2018-11-13 10:28 - 2011-04-12 08:54 - 000000000 ___RD C:\Users\Public\Recorded TV
2018-11-13 10:28 - 2011-02-12 01:12 - 000000000 ____D C:\Users\Administrator\Desktop\Autodesk_AutoCAD_2006_GERMAN
2018-11-13 10:28 - 2011-02-11 23:56 - 000000000 ___SD C:\Users\Administrator\UserData
2018-11-13 10:28 - 2011-02-11 23:26 - 000000000 ___RD C:\Users\Administrator\Eigene Dateien
2018-11-13 10:28 - 2011-02-11 23:23 - 000000000 ___RD C:\Users\Administrator\Startmenü
2018-11-13 10:28 - 2011-02-11 23:23 - 000000000 ___RD C:\Users\Administrator\Favoriten
2018-11-13 10:28 - 2011-02-11 23:23 - 000000000 ___HD C:\Users\Administrator\Vorlagen
2018-11-13 10:28 - 2011-02-11 23:23 - 000000000 ___HD C:\Users\Administrator\Lokale Einstellungen
2018-11-13 10:28 - 2011-02-11 23:23 - 000000000 ____D C:\Users\Administrator
2018-11-13 10:28 - 2011-02-11 23:11 - 000000000 __RHD C:\Users\Default User.WINDOWS.0\Lokale Einstellungen
2018-11-13 10:28 - 2011-02-11 23:11 - 000000000 ___RD C:\Users\Default User.WINDOWS.0\Startmenü
2018-11-13 10:28 - 2011-02-11 23:11 - 000000000 ___HD C:\Users\Default User.WINDOWS.0\Vorlagen
2018-11-13 10:28 - 2011-02-11 23:10 - 000000000 __RHD C:\Users\Default User.WINDOWS.0\Anwendungsdaten
2018-11-13 10:28 - 2011-02-11 23:10 - 000000000 ___HD C:\Users\Default User.WINDOWS.0
2018-11-13 10:28 - 2011-02-11 23:10 - 000000000 ____D C:\Users\All Users.WINDOWS.0
2018-11-13 10:28 - 2011-02-10 17:55 - 000000000 __SHD C:\Users\Public\Documents\MCE Logs
2018-11-13 10:28 - 2010-09-26 09:59 - 000000000 ____D C:\Windows\Crystal
2018-11-13 10:28 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-11-13 10:27 - 2018-09-30 14:43 - 000000000 ____D C:\ProgramData\PCFaxTx
2018-11-13 10:27 - 2018-09-30 14:43 - 000000000 ____D C:\ProgramData\PCFaxTx
2018-11-13 10:27 - 2018-09-29 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2018-11-13 10:27 - 2018-09-29 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2018-11-13 10:27 - 2015-11-17 09:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\orgaMAX Business Software
2018-11-13 10:27 - 2015-11-17 09:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\orgaMAX Business Software
2018-11-13 10:27 - 2014-10-26 16:48 - 000000000 ____D C:\ProgramData\PDF Architect 2
2018-11-13 10:27 - 2014-10-26 16:48 - 000000000 ____D C:\ProgramData\PDF Architect 2
2018-11-13 10:27 - 2014-10-09 17:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2018-11-13 10:27 - 2014-10-09 17:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2018-11-13 10:27 - 2014-09-06 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-11-13 10:27 - 2014-09-06 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-11-13 10:27 - 2014-08-11 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiDev
2018-11-13 10:27 - 2014-08-11 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiDev
2018-11-13 10:27 - 2014-08-11 12:43 - 000000000 ____D C:\ProgramData\UltiDev
2018-11-13 10:27 - 2014-08-11 12:43 - 000000000 ____D C:\ProgramData\UltiDev
2018-11-13 10:27 - 2014-08-11 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advantage Database Server 11.10
2018-11-13 10:27 - 2014-08-11 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advantage Database Server 11.10
2018-11-13 10:27 - 2014-08-11 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopKontor V5
2018-11-13 10:27 - 2014-08-11 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopKontor V5
2018-11-13 10:27 - 2014-08-09 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-11-13 10:27 - 2014-08-09 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-11-13 10:27 - 2012-05-22 10:23 - 000000000 ____D C:\ProgramData\WindowsSearch
2018-11-13 10:27 - 2012-05-22 10:23 - 000000000 ____D C:\ProgramData\WindowsSearch
2018-11-13 10:27 - 2011-07-20 21:17 - 000000000 ____D C:\ProgramData\NCH Software
2018-11-13 10:27 - 2011-07-20 21:17 - 000000000 ____D C:\ProgramData\NCH Software
2018-11-13 10:27 - 2011-02-12 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
2018-11-13 10:27 - 2011-02-12 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
2018-11-13 10:27 - 2011-02-11 23:23 - 000000000 __RHD C:\Users\Administrator\Anwendungsdaten
2018-11-13 10:27 - 2011-02-06 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008
2018-11-13 10:27 - 2011-02-06 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008
2018-11-13 10:27 - 2010-09-24 20:03 - 000000000 ____D C:\ProgramData\NUMAX
2018-11-13 10:27 - 2010-09-24 20:03 - 000000000 ____D C:\ProgramData\NUMAX
2018-11-13 10:27 - 2010-09-08 18:47 - 000000000 ____D C:\ProgramData\WEBREG
2018-11-13 10:27 - 2010-09-08 18:47 - 000000000 ____D C:\ProgramData\WEBREG
2018-11-13 10:27 - 2010-05-04 22:06 - 000000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2018-11-13 10:27 - 2010-05-04 22:06 - 000000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2018-11-13 10:27 - 2010-02-21 22:39 - 000000000 ____D C:\ProgramData\Sun
2018-11-13 10:27 - 2010-02-21 22:39 - 000000000 ____D C:\ProgramData\Sun
2018-11-13 10:27 - 2010-02-13 10:45 - 000000000 ____D C:\ProgramData\Symantec
2018-11-13 10:27 - 2010-02-13 10:45 - 000000000 ____D C:\ProgramData\Symantec
2018-11-13 10:27 - 2010-01-19 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-13 10:27 - 2010-01-19 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-13 10:27 - 2010-01-07 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Benutzerhandbücher
2018-11-13 10:27 - 2010-01-07 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Benutzerhandbücher
2018-11-13 10:27 - 2009-05-19 06:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online-Services
2018-11-13 10:27 - 2009-05-19 06:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online-Services
2018-11-13 10:27 - 2009-05-19 05:54 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-11-13 10:27 - 2009-05-19 05:54 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-11-13 10:27 - 2009-05-19 05:54 - 000000000 ____D C:\ProgramData\Norton
2018-11-13 10:27 - 2009-05-19 05:54 - 000000000 ____D C:\ProgramData\Norton
2018-11-13 10:27 - 2009-05-19 05:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2018-11-13 10:27 - 2009-05-19 05:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2018-11-13 10:27 - 2009-05-19 05:32 - 000000000 ____D C:\ProgramData\Temp
2018-11-13 10:27 - 2009-05-19 05:32 - 000000000 ____D C:\ProgramData\Temp
2018-11-13 10:27 - 2009-05-19 05:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-11-13 10:27 - 2009-05-19 05:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-11-13 10:26 - 2018-09-25 20:00 - 000000000 ____D C:\ProgramData\Heinemann GmbH
2018-11-13 10:26 - 2018-09-25 20:00 - 000000000 ____D C:\ProgramData\Heinemann GmbH
2018-11-13 10:26 - 2015-08-27 15:25 - 000000000 ____D C:\ProgramData\Dropbox
2018-11-13 10:26 - 2015-08-27 15:25 - 000000000 ____D C:\ProgramData\Dropbox
2018-11-13 10:26 - 2014-09-05 16:55 - 000000000 ____D C:\ProgramData\EfnuTsef
2018-11-13 10:26 - 2014-09-05 16:55 - 000000000 ____D C:\ProgramData\EfnuTsef
2018-11-13 10:26 - 2014-08-11 12:54 - 000000000 ____D C:\ProgramData\Caphyon
2018-11-13 10:26 - 2014-08-11 12:54 - 000000000 ____D C:\ProgramData\Caphyon
2018-11-13 10:26 - 2014-08-09 19:04 - 000000000 ____D C:\ProgramData\ControlCenter4
2018-11-13 10:26 - 2014-08-09 19:04 - 000000000 ____D C:\ProgramData\ControlCenter4
2018-11-13 10:26 - 2014-08-09 19:00 - 000000000 ____D C:\ProgramData\Brother
2018-11-13 10:26 - 2014-08-09 19:00 - 000000000 ____D C:\ProgramData\Brother
2018-11-13 10:26 - 2012-05-15 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY PDF Transformer 3.0
2018-11-13 10:26 - 2012-05-15 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY PDF Transformer 3.0
2018-11-13 10:26 - 2011-07-04 11:09 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2018-11-13 10:26 - 2011-07-04 11:09 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2018-11-13 10:26 - 2011-02-06 20:37 - 000000000 ____D C:\ProgramData\FLEXnet
2018-11-13 10:26 - 2011-02-06 20:37 - 000000000 ____D C:\ProgramData\FLEXnet
2018-11-13 10:26 - 2010-09-08 18:43 - 000000000 ____D C:\ProgramData\HP Product Assistant
2018-11-13 10:26 - 2010-09-08 18:43 - 000000000 ____D C:\ProgramData\HP Product Assistant
2018-11-13 10:26 - 2010-02-22 19:46 - 000000000 ____D C:\ProgramData\McAfee
2018-11-13 10:26 - 2010-02-22 19:46 - 000000000 ____D C:\ProgramData\McAfee
2018-11-13 10:26 - 2010-02-03 18:05 - 000000000 ____D C:\ProgramData\Google
2018-11-13 10:26 - 2010-02-03 18:05 - 000000000 ____D C:\ProgramData\Google
2018-11-13 10:26 - 2010-01-10 17:46 - 000000000 ____D C:\ProgramData\HP
2018-11-13 10:26 - 2010-01-10 17:46 - 000000000 ____D C:\ProgramData\HP
2018-11-13 10:26 - 2009-05-19 05:44 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2018-11-13 10:26 - 2009-05-19 05:44 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2018-11-13 10:25 - 2014-10-09 17:23 - 000000000 ____D C:\Program Files (x86)\Samsung
2018-11-13 10:25 - 2014-10-09 08:40 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2018-11-13 10:25 - 2014-08-11 12:43 - 000000000 ____D C:\Program Files (x86)\UltiDev
2018-11-13 10:25 - 2012-05-15 08:55 - 000000000 ____D C:\ProgramData\ABBYY
2018-11-13 10:25 - 2012-05-15 08:55 - 000000000 ____D C:\ProgramData\ABBYY
2018-11-13 10:25 - 2010-09-23 22:05 - 000000000 ____D C:\Program Files (x86)\SBS Wohnraumplaner CAD
2018-11-13 10:25 - 2010-05-04 22:05 - 000000000 ____D C:\ProgramData\Apple Computer
2018-11-13 10:25 - 2010-05-04 22:05 - 000000000 ____D C:\ProgramData\Apple Computer
2018-11-13 10:25 - 2010-05-04 22:03 - 000000000 ____D C:\ProgramData\Apple
2018-11-13 10:25 - 2010-05-04 22:03 - 000000000 ____D C:\ProgramData\Apple
2018-11-13 10:25 - 2010-01-19 19:48 - 000000000 ____D C:\Program Files (x86)\WinRAR
2018-11-13 10:25 - 2009-05-19 05:55 - 000000000 ____D C:\Program Files (x86)\SMINST
2018-11-13 10:25 - 2006-11-02 16:07 - 000000000 ____D C:\Program Files (x86)\Windows Photo Gallery
2018-11-13 10:25 - 2006-11-02 16:07 - 000000000 ____D C:\Program Files (x86)\Windows Calendar
2018-11-13 10:24 - 2009-05-19 05:28 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-11-13 10:24 - 2009-05-19 05:08 - 000000000 ____D C:\Program Files (x86)\Python
2018-11-13 10:23 - 2018-09-25 20:01 - 000000000 ____D C:\Program Files (x86)\MSECache
2018-11-13 10:23 - 2011-02-12 00:53 - 000000000 ____D C:\Program Files (x86)\NeoSmart Technologies
2018-11-13 10:23 - 2011-02-06 20:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2018-11-13 10:23 - 2011-02-06 20:11 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs
2018-11-13 10:23 - 2010-08-18 13:23 - 000000000 ____D C:\Program Files (x86)\Motorola
2018-11-13 10:23 - 2009-05-19 05:54 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2018-11-13 10:23 - 2009-05-19 05:46 - 000000000 ___RD C:\Program Files (x86)\Online Services
2018-11-13 10:22 - 2009-05-19 05:41 - 000000000 ____D C:\Program Files (x86)\HP
2018-11-13 10:21 - 2018-09-25 20:00 - 000000000 ____D C:\Program Files (x86)\Heinemann GmbH
2018-11-13 10:21 - 2010-02-03 18:05 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-13 10:21 - 2009-05-19 05:15 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-11-13 10:20 - 2014-08-09 19:04 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2018-11-13 10:20 - 2011-01-28 19:35 - 000000000 ____D C:\Program Files (x86)\ConSoft
2018-11-13 10:20 - 2010-01-20 16:47 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2018-11-13 10:20 - 2009-05-19 05:53 - 000000000 ____D C:\Program Files (x86)\EasyBits For Kids
2018-11-13 10:19 - 2014-08-09 19:04 - 000000000 ____D C:\Program Files (x86)\Browny02
2018-11-13 10:19 - 2014-08-09 19:03 - 000000000 ____D C:\Program Files (x86)\Brother
2018-11-13 10:19 - 2011-07-04 11:09 - 000000000 ____D C:\Program Files (x86)\Buhl
2018-11-13 10:18 - 2014-08-11 09:08 - 000000000 ____D C:\Program Files (x86)\blue solution
2018-11-13 10:18 - 2011-10-19 17:42 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-11-13 10:15 - 2018-09-29 15:53 - 000000000 ____D C:\Program Files\WinRAR
2018-11-13 10:15 - 2011-02-12 00:15 - 000000000 ____D C:\Program Files\NeoSmart Technologies
2018-11-13 10:15 - 2011-02-11 23:25 - 000000000 ____D C:\Program Files\TuneUpUtilities2004
2018-11-13 10:15 - 2011-02-11 23:20 - 000000000 ____D C:\Program Files\xerox
2018-11-13 10:15 - 2011-02-11 23:20 - 000000000 ____D C:\Program Files\msn gaming zone
2018-11-13 10:15 - 2011-02-11 23:20 - 000000000 ____D C:\Program Files\microsoft frontpage
2018-11-13 10:15 - 2011-02-11 23:19 - 000000000 ____D C:\Program Files\Online-Dienste
2018-11-13 10:15 - 2011-02-06 20:15 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2018-11-13 10:15 - 2011-01-28 14:29 - 000000000 ____D C:\Program Files (x86)\Autodesk
2018-11-13 10:15 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Microsoft Games
2018-11-13 10:15 - 2009-05-19 05:54 - 000000000 ___RD C:\Program Files\Online Services
2018-11-13 10:15 - 2006-11-02 16:07 - 000000000 ____D C:\Program Files\Windows Photo Gallery
2018-11-13 10:15 - 2006-11-02 16:07 - 000000000 ____D C:\Program Files\Windows Collaboration
2018-11-13 10:15 - 2006-11-02 16:07 - 000000000 ____D C:\Program Files\Windows Calendar
2018-11-13 10:14 - 2014-10-09 17:27 - 000000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2018-11-13 10:14 - 2011-10-19 17:42 - 000000000 ____D C:\Program Files\Bonjour
2018-11-13 10:14 - 2011-02-11 23:53 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-11-13 10:14 - 2011-02-11 23:18 - 000000000 ____D C:\Program Files\Common Files\MSSoap
2018-11-13 10:14 - 2011-02-11 23:18 - 000000000 ____D C:\Program Files\Common Files\Dienste
2018-11-13 10:14 - 2011-02-11 23:11 - 000000000 ____D C:\Program Files\Common Files\ODBC
2018-11-13 10:14 - 2010-09-08 18:32 - 000000000 ____D C:\Program Files\HP
2018-11-13 10:14 - 2010-08-18 21:51 - 000000000 ____D C:\Program Files\Common Files\Motorola Shared
2018-11-13 10:14 - 2010-05-04 22:04 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-11-13 10:14 - 2009-05-19 05:43 - 000000000 ____D C:\Program Files\Hewlett-Packard
2018-11-13 10:13 - 2011-02-06 20:16 - 000000000 ____D C:\Program Files\Autodesk
2018-11-13 10:05 - 2011-04-12 08:54 - 000000000 ____D C:\Windows\CSC
2018-11-13 10:02 - 2011-02-12 00:09 - 000000359 __RSH C:\Boot.ini.saved
2018-11-13 10:02 - 2009-07-14 06:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-11-13 10:02 - 2009-05-19 13:37 - 000008192 __RSH C:\BOOTSECT.BAK
2018-11-13 09:26 - 2006-11-02 16:22 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-13 09:26 - 2006-11-02 16:22 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-11 12:30 - 2010-01-07 22:48 - 000020862 _____ C:\Users\Thomas Wegefahrt\AppData\Roaming\wklnhst.dat
2018-11-05 18:05 - 2018-09-30 12:43 - 000001123 _____ C:\ads_err.dbf

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-01-07 22:48 - 2018-11-11 12:30 - 000020862 _____ () C:\Users\Thomas Wegefahrt\AppData\Roaming\wklnhst.dat

Einige Dateien in TEMP:
====================
2018-11-15 09:16 - 2010-01-14 12:52 - 000180072 _____ (Autodesk, Inc.) C:\Users\Thomas Wegefahrt\AppData\Local\Temp\AcDeltree.exe
2018-11-15 09:15 - 2018-11-15 09:15 - 001985800 _____ (Acresso Software Inc.) C:\Users\Thomas Wegefahrt\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
2018-11-15 10:15 - 2002-07-26 15:02 - 000153088 _____ () C:\Users\Thomas Wegefahrt\AppData\Local\Temp\GLB1A2B.EXE
2018-11-15 10:19 - 2011-07-20 21:17 - 001213956 _____ (NCH Software) C:\Users\Thomas Wegefahrt\AppData\Local\Temp\uninst.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-11-14 02:38

==================== Ende von FRST.txt ============================

the_slater · 15.11.2018, 13:45

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14.11.2018
durchgeführt von Thomas Wegefahrt (15-11-2018 13:40:07)
Gestartet von C:\Users\Thomas Wegefahrt\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2018-11-13 10:47:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2859396644-2780658763-3459757247-500 - Administrator - Disabled)
Gast (S-1-5-21-2859396644-2780658763-3459757247-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2859396644-2780658763-3459757247-1002 - Limited - Enabled)
Thomas Wegefahrt (S-1-5-21-2859396644-2780658763-3459757247-1000 - Administrator - Enabled) => C:\Users\Thomas Wegefahrt
UpdatusUser (S-1-5-21-2859396644-2780658763-3459757247-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
ABBYY PDF Transformer 3.0 (HKLM\...\{FA300000-0001-6400-0000-074957833700}) (Version: 3.00.317.68010 - ABBYY) Hidden
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 1.1.18.0 - Hewlett-Packard) Hidden
Advantage Database Server for Windows v11.10 (HKLM-x32\...\{8F7F5EAD-7785-4246-83F0-C6A9204AF971}) (Version: 11.10.0001 - Sybase, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.)
Autodesk Express Viewer (HKLM-x32\...\Autodesk Express Viewer) (Version: 3.1 - Autodesk, Inc.)
B109n-z (HKLM-x32\...\{134EE273-0F1C-4A5B-817D-13111DB75B14}) (Version: 130.0.396.000 - Hewlett-Packard) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CustomerResearchQFolder (HKLM-x32\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}) (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM-x32\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DJ_AIO_03_F2200_Software (HKLM-x32\...\{db18dc72-cd20-4801-be82-f5d2caeec4d7}) (Version: 100.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2200_Software_Min (HKLM-x32\...\{c6922d7f-c698-4d9e-9671-8b3de04d1511}) (Version: 100.0.239.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2220_ProductContext (HKLM-x32\...\{eca3039b-e429-420f-bd5e-7dec0683fc32}) (Version: 100.0.292.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
EasyBCD 2.0 (HKLM-x32\...\EasyBCD) (Version: 2.0 - NeoSmart Technologies)
eSupportQFolder (HKLM-x32\...\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM-x32\...\{18669FF9-C8FE-407a-9F70-E674896B1DB4}) (Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
HP Active Support Library (HKLM-x32\...\{0295F89F-F698-4101-9A7D-49F407EC2D82}) (Version: 3.1.10.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.1000.1002 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{B84739A3-F943-47E4-95D8-96381EF5AC48}) (Version: 5.7.0.2945 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 (HKLM\...\{D77D43B5-ED55-426b-B67B-E21F804F6102}) (Version: 10.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{722B4A13-F24D-43AE-8813-5DB82C0B23C2}) (Version:  - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Information (HKLM-x32\...\{1CC069FA-1A86-402E-9787-3F04E652C67A}) (Version: 10.1.0001 - Hewlett-Packard)
HP Total Care Setup (HKLM-x32\...\{784BEA84-FA66-4B19-BB80-7B545F248AC6}) (Version: 1.2.2854.2975 - Hewlett-Packard)
HP Update (HKLM-x32\...\{47F36D92-E58E-456D-B73C-3382737E4C42}) (Version: 4.000.013.003 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 2.0.64.3 - Hewlett-Packard) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (HKLM-x32\...\{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}) (Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (HKLM-x32\...\{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}) (Version: 130.0.303.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Lager (HKLM-x32\...\{8F32C384-D237-4516-9F2B-223E8963A2FB}) (Version: 1.0.0.0 - Hewlett-Packard) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 60.3.0 ESR (x86 de) (HKLM-x32\...\Mozilla Firefox 60.3.0 ESR (x86 de)) (Version: 60.3.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.3.0.6864 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 305.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.93 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
orgaMAX Business Software (HKLM-x32\...\orgaMAX_is1) (Version: 15.0 - deltra Business Software)
PS_AIO_06_B109n-z_SW_Min (HKLM-x32\...\{8466940C-84D8-484C-B1E3-C2E4D73FD5DD}) (Version: 130.0.396.000 - Hewlett-Packard) Hidden
PSSWCORE (HKLM-x32\...\{34BFB099-07B2-4E95-A673-7362D60866A2}) (Version: 2.02.0000 - Hewlett-Packard) Hidden
Python 2.6.1 (HKLM-x32\...\{9CC89170-000B-457D-91F1-53691F85B223}) (Version: 2.6.1150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.78 (28.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.60.00(23.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.3 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.08 (17.12.2013) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.10.15 (01.11.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.01.08.00 - Samsung Electronics Co., Ltd.) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SmartWebPrinting (HKLM-x32\...\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TopApps Service (HKLM-x32\...\{B2BB7D05-F646-41C7-9CE4-CE77469C0899}_is1) (Version: 2.5.0 - )
TopKontor Handwerk Version 5 (HKLM-x32\...\{640A92A1-9B8B-4C80-B412-9595460EBC53}_is1) (Version: 5 - )
TrayApp (HKLM-x32\...\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}) (Version: 130.0.376.000 - Hewlett-Packard) Hidden
UltiDev Web Server Pro (HKLM-x32\...\{F60DFD1A-209E-4E12-9CF1-70820249A0C3}) (Version: 2.0.18 - UltiDev LLC) Hidden
UnloadSupport (HKLM-x32\...\{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}) (Version: 10.0.0 - Hewlett-Packard) Hidden
Vallox AIRplan Version 3.2.10 (HKLM-x32\...\21013C3A-2754-4E89-8355-804F2C5BDE0A_is1) (Version: 3.2.10 - Vallox GmbH)
VideoToolkit01 (HKLM-x32\...\{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}) (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinRAR 5.60 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{1365A45F-0C8F-4806-A26A-6B22AD37EC66}\localserver32 -> C:\Program Files (x86)\Autodesk Architectural Desktop 2004\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{8E75D913-3D21-11D2-85C4-080009A0C626}\localserver32 -> C:\Program Files (x86)\Autodesk Architectural Desktop 2004\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\1.3.141.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2859396644-2780658763-3459757247-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2013-11-01] (Samsung Electronics Co., Ltd.)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc.)
ContextMenuHandlers1-x32-x32: [PDFTransformer3ContextMenu] -> {2DC8E5F2-C89C-4730-82C9-19120DEE5B0A} => C:\Program Files (x86)\ABBYY PDF Transformer 3.0\PDFTContextMenu.dll [2010-03-25] (ABBYY)
ContextMenuHandlers1-x32-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2013-10-31] ()
ContextMenuHandlers1-x32-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-11-05] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-08-18] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-11-05] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2859396644-2780658763-3459757247-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2859396644-2780658763-3459757247-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2859396644-2780658763-3459757247-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Thomas Wegefahrt\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {14644CA2-28A6-4654-A60D-DB3D78DA6187} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000UA => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {2D3C6FC9-020F-4F2A-A25B-7587B5C284E7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000Core => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {629ACFD4-9AF5-4B6F-8F16-525CDFF41A83} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe
Task: {77438676-AB05-4EA6-A620-58C93A920949} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {80AACBAD-EA28-4363-A457-FDADE5E67DE1} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-11-05] (Avira Operations GmbH & Co. KG)
Task: {8EBFB20D-1961-47B8-B9D7-060A8856C002} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A0DB3953-5EE9-4E06-A0DA-4F26FA4D14AC} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04] (Hewlett-Packard)
Task: {CBE7D6DF-6B39-47D0-8B99-0E43ECC5636D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {E5E56637-CC99-456A-A358-5BFC760084A2} - System32\Tasks\{25C813FA-3F24-46EE-AA4B-395A89A890FB} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\BAUSET\2009\UNINSTAL\MEIN-HPL\UNWISE.EXE -c C:\PROGRA~2\COMMON~1\BAUSET\2009\UNINSTAL\MEIN-HPL\CADAVA.LOG
Task: {F23551B9-20BB-49EF-AB0D-36AD8B7D6962} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FF888DC6-C5FB-41B5-8B65-56DFB31DF3E4} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2009-03-25] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000Core.job => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2859396644-2780658763-3459757247-1000UA.job => C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-11-13 22:05 - 2012-08-18 09:28 - 000086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-28 03:53 - 2016-09-28 03:53 - 000031248 _____ () C:\Windows\System32\ssm4mlm.dll
2012-03-09 08:58 - 2012-03-09 08:58 - 000462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 000057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2018-11-13 21:05 - 2018-11-13 21:05 - 000010752 _____ () C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\07504d0b\fa6973ba\App_Web_30cbvv4z.dll
2018-11-13 21:05 - 2018-11-13 21:05 - 000049152 _____ () C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\07504d0b\fa6973ba\App_Web_oetgbt7x.dll
2014-08-09 19:03 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 13:34 - 2006-09-18 22:37 - 000000761 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2859396644-2780658763-3459757247-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas Wegefahrt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Network PC Fax.lnk => C:\Windows\pss\Samsung Network PC Fax.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Thomas Wegefahrt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^wkcalrem.LNK => C:\Windows\pss\wkcalrem.LNK.Startup
MSCONFIG\startupreg: ahnukuo => rundll32 "C:\Users\Thomas Wegefahrt\AppData\Local\ahnukuo.dll",ahnukuo
MSCONFIG\startupreg: bjyrger => rundll32 "C:\Users\Thomas Wegefahrt\AppData\Local\bjyrger.dll",bjyrger
MSCONFIG\startupreg: BrHelp => "C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe" /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => "C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
MSCONFIG\startupreg: BrStsMon01 => "C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
MSCONFIG\startupreg: Cheba => C:\Users\Thomas Wegefahrt\AppData\Local\Cheba\Cheba.exe
MSCONFIG\startupreg: cmd => C:\Users\Thomas Wegefahrt\AppData\Local\Temp\Shuka\UACGetter.exe C:\Users\Thomas Wegefahrt\AppData\Local\Temp\Shuka\PackerV2.exe
MSCONFIG\startupreg: ControlCenter4 => "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun
MSCONFIG\startupreg: EfnuTsef => regsvr32.exe "C:\ProgramData\EfnuTsef\EfnuTsef.dat"
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OrpaKukhi => regsvr32.exe "
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: {983EDF81-1837-A116-31A4-0E5C9C17DFD5} => "C:\Users\Thomas Wegefahrt\AppData\Roaming\Gylyby\nioc.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A2B3BA7E-A508-46E9-95D3-ED570036A43D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A8361C7-C873-487C-B70C-76759226FFD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60060DD8-5776-4CC8-853B-4956ED7D1C51}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D08D7BE9-45AD-4E9B-8525-2DCC5FDA57AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8E9EAC86-F781-4FC9-8A6B-6503521D29ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6D21A1C2-1FC1-4AD3-A9C7-08A862FF9840}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A160CFBB-6BE2-48F3-A3D4-E92A4E2AFF39}] => (Allow) LPort=54925
FirewallRules: [{C2166B3D-E4A4-4372-9061-68CB88AC0FF8}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{1D4707B2-4972-4BA1-9562-6CD38727F1F6}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe
FirewallRules: [{C5D254A1-C99B-485D-BE4E-06D4EED28AD5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{194BCAF5-791E-4BE6-9D28-C89A2ED7EBE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{D29306BD-5EFB-43FB-8672-2B154B8CA851}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{3B74A503-EEB0-4913-9E76-B035173D4247}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{68FC8072-DFD5-41E2-8215-D3CA9BF055C8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{7080B5AA-BAF8-4301-9477-6A894F58C235}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{4A6EA753-84D2-4F60-B7AA-1DAFA81D39B8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{7486E744-DCF6-4702-A872-499C36224F03}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{81F4A6CA-7919-439B-BF29-BC6FE7279349}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{C97A6DFA-F09D-4098-B463-142004F51322}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{5FFA1BDA-BD08-4DBD-BF48-65C306BBA31F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{28D6F2F0-0435-4F78-B25F-98EC0D538F04}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{6B08D8B0-0E42-442C-975D-2EFAE58E86D9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{26F4E41C-2BB9-425B-9BB7-B39194683FE6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C580AA05-94C8-4DF4-A2A9-D72EB99FB77E}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{C8A110C6-78E9-4F26-8B15-4ED1FD72544A}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{68DF859B-6958-43BF-A531-BC734502CF50}] => (Allow) LPort=61256
FirewallRules: [{89959AA9-8F67-44CA-8DBD-27785682FF07}] => (Allow) LPort=61192
FirewallRules: [{ECAF90EA-D26D-4617-BC11-0549AB3865B7}] => (Allow) LPort=56777
FirewallRules: [{35BB451A-9315-4BC0-987D-8CB0E54D026A}] => (Allow) LPort=5677
FirewallRules: [{935384C3-FF3A-49FA-9E25-D4897A54B7EA}] => (Allow) LPort=7756
FirewallRules: [{A46A53AB-84D3-4899-9095-5293268D3708}] => (Allow) C:\ADVANTAGE\Server\ads.exe
FirewallRules: [{DAFADE67-5606-491C-84F0-83EB0C8E99C3}] => (Allow) C:\ADVANTAGE\Server\ads.exe
FirewallRules: [{59743124-A3EF-4F48-8D7B-36BD3E54B9AC}] => (Allow) C:\ADVANTAGE\Server\ads.exe
FirewallRules: [{2FF2B454-6C5A-42BF-A8D6-D88DB35156F2}] => (Allow) E:\install\Data\Disk1\Setup.exe
FirewallRules: [{2E5F6EF6-7F7B-4B19-8B25-D23659ABC8EB}] => (Allow) E:\install\Data\Disk1\Setup.exe
FirewallRules: [{BB33B9F4-1A6E-4C53-85A4-D1CF980B37D3}] => (Allow) C:\Users\Thomas Wegefahrt\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{761782C6-DF2B-4A95-9FDD-ADE8F4C8AFE6}] => (Allow) C:\Users\Thomas Wegefahrt\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{BF10E96A-1620-4F32-A9B3-D9B57C2FF69F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A907E49E-9902-4062-8E33-0746FD133AD3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6CB4A95F-6C52-4B59-BDE2-022CDB0D86C1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BF95278-ADFB-4EE8-A1C6-0AC30447EDC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4678694E-8A44-4C62-81BD-E7E3D9A1BDE6}] => (Allow) C:\Users\Thomas Wegefahrt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHHTP3ZR\VideoToMp3Setup[1].exe
FirewallRules: [{CF7ED5A6-B2CD-4B0D-A47B-47906A9B03E0}] => (Allow) C:\Users\Thomas Wegefahrt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHHTP3ZR\VideoToMp3Setup[1].exe
FirewallRules: [{BC2D1878-CE35-4552-A1A7-2B61F77DBAC7}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{7C3BFB1E-B50E-4679-993A-57A5FB932D60}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{97F5A3EE-7A11-49DC-AEDE-A01CF17D5CD2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{B7FD3762-5ED2-4F96-9FDC-826838F7FCD2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{F2805B85-AE9D-41D0-9285-EBA7E7057F06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{1F2D0FCF-492D-49C5-B999-A09C8A8A6373}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{AC8FC4EA-E01E-4505-9B9B-7997589CEC37}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{3672923F-6F1A-4DD1-8571-8B9DC8360041}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{5FA23127-4251-454D-8018-F2BED3BE5F45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{F3F27392-0B75-48BA-8332-C6BA203FAF6E}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{0953E2FD-E9BA-4DDB-AB7E-740DBDC6994A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{38E740BF-BB88-4AE6-A908-7C9106D77EDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{674B00F5-5582-401B-BC26-52636EB6663B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{0B2CCD0D-230C-4C8C-B06C-F59714636543}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{13854AF7-FD9C-42DB-A6D8-934576643A96}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D68AC96B-0AAF-4205-8D32-AF3A6B2E4878}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B45A04DD-0C96-4C74-98E9-DD4058D89951}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{4BD3E5E4-A3B7-4FF9-B0EA-538B261A03A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\Lager\hpqkygrp.exe
FirewallRules: [{702BAC86-B46A-438D-BD08-083F3DB2A41B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\Lager\hpqkygrp.exe
FirewallRules: [{FEB7E9C0-0539-4FEE-9DA0-0DA4A5202951}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\Lager\hpiscnapp.exe
FirewallRules: [{94BE2BDF-BEAE-4D83-86A7-0092D6D4AB0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\Lager\hpiscnapp.exe
FirewallRules: [{15AEF791-A20E-4FCA-882A-064377CDCCFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{810523BA-B8EB-4293-84B5-007228820782}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{AC8852D3-EC14-4631-9A34-D9E74B373517}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{9CC9A613-AFF6-409A-A1A0-65A41B0D7893}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{344A4B0E-34BB-40BD-9825-CF808A0D492F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2CF0B15E-4FB5-4810-80A4-FF77CD7E62CE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{805876B6-7E11-4205-B5EC-F40680DCBBFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{0704015A-04DA-4DEC-8E01-7400021A4CE7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{71B4820C-C87A-458B-B173-0372A1827D84}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{8C0AE6E7-D01A-401F-B3A2-AD0C1B45F9C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [TCP Query User{8EC00C54-F14B-481C-ACF6-B1E087795140}C:\users\thomas wegefahrt\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\thomas wegefahrt\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7091FD6C-0164-4F8E-8C3D-077DE2D7F45F}C:\users\thomas wegefahrt\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\thomas wegefahrt\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4CF79D87-12DE-4C54-8E0D-91ACD122D216}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8061A128-7D49-4879-9A5F-5E712E46E78F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0BF05DD7-B291-40DE-843E-F9E52104A669}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8A1B1076-8165-40BB-83F0-6054A05A072C}] => (Allow) C:\Windows\SysWOW64\explorer.exe
FirewallRules: [{489FFD55-F220-46B6-AA58-1C2EC30E9284}] => (Allow) C:\Windows\SysWOW64\explorer.exe
FirewallRules: [{FE8D3DAE-F80F-4B89-976D-912E6ACD259D}] => (Allow) LPort=1046
FirewallRules: [{D75819AE-8260-4BBB-B906-7F0391A86456}] => (Allow) LPort=5000

==================== Wiederherstellungspunkte =========================

13-11-2018 15:48:45 Windows Update
13-11-2018 21:34:02 Windows Update
13-11-2018 23:01:00 Windows Update
13-11-2018 23:16:09 Windows Update
13-11-2018 23:56:01 Windows Update
14-11-2018 00:03:06 TopKontor Handwerk wird installiert
14-11-2018 00:17:35 TopKontor Handwerk wird installiert
14-11-2018 01:04:28 Windows Update
14-11-2018 03:00:49 Windows Update
14-11-2018 07:39:53 Windows Update
14-11-2018 09:00:53 TopKontor Handwerk wird installiert
14-11-2018 09:19:37 Removed Bonjour
14-11-2018 09:22:29 Removed iTunes
14-11-2018 09:27:17 Microsoft Works wird entfernt
14-11-2018 09:27:33 Removed Motorola Driver Installation 4.4.0
14-11-2018 09:56:48 Removed MotoConnect
14-11-2018 13:37:32 Revo Uninstaller's restore point - Avira
14-11-2018 13:39:00 Revo Uninstaller's restore point - Avira
14-11-2018 13:40:28 Revo Uninstaller's restore point - Adobe Flash Player 31 ActiveX
14-11-2018 13:50:34 Revo Uninstaller's restore point - Adobe Shockwave Player 11.5
14-11-2018 13:52:06 Revo Uninstaller's restore point - Avira
14-11-2018 13:54:16 Revo Uninstaller's restore point - Avira
14-11-2018 13:55:41 Revo Uninstaller's restore point - Avira Antivirus
14-11-2018 13:58:28 Revo Uninstaller's restore point - OpenOffice.org 3.2
14-11-2018 13:58:45 OpenOffice.org 3.2 wird entfernt
14-11-2018 14:03:50 Revo Uninstaller's restore point - Java(TM) 6 Update 18
14-11-2018 14:04:15 Removed Java(TM) 6 Update 18
14-11-2018 14:07:38 Revo Uninstaller's restore point - PDFCreator
14-11-2018 14:09:04 Revo Uninstaller's restore point - Avira
14-11-2018 14:11:56 Revo Uninstaller's restore point - Avira Antivirus
14-11-2018 14:34:14 Revo Uninstaller's restore point - CyberLink DVD Suite Deluxe
14-11-2018 14:34:39 Konfiguriert PowerStarter
14-11-2018 14:37:46 Revo Uninstaller's restore point - LabelPrint
14-11-2018 14:38:11 Konfiguriert LabelPrint
14-11-2018 19:24:36 Revo Uninstaller's restore point - Avira
14-11-2018 19:32:01 Revo Uninstaller's restore point - FoxTab Video To MP3 Converter (remove only)
14-11-2018 21:51:38 Revo Uninstaller's restore point - DarkWave Studio 3.7.7
14-11-2018 21:58:17 Revo Uninstaller's restore point - Autodesk Architectural Desktop 2004
14-11-2018 22:01:05 Autodesk Architectural Desktop 2004 wird entfernt
15-11-2018 09:12:48 Revo Uninstaller's restore point - Autodesk Design Review 2011
15-11-2018 09:14:23 Revo Uninstaller's restore point - Autodesk Revit Architecture 2011 x64
15-11-2018 09:26:29 Revo Uninstaller's restore point - Microsoft Works
15-11-2018 09:27:10 Microsoft Works wird entfernt
15-11-2018 09:32:39 Revo Uninstaller's restore point - Autodesk Design Review 2011
15-11-2018 09:34:09 Revo Uninstaller's restore point - Autodesk Express Viewer
15-11-2018 09:35:33 Revo Uninstaller's restore point - Autodesk Material Library 2011 Medium Image library
15-11-2018 09:36:06 Removed Autodesk Material Library 2011 Medium Image library.
15-11-2018 09:39:16 Revo Uninstaller's restore point - Autodesk Material Library 2011 Base Image library
15-11-2018 09:39:35 Removed Autodesk Material Library 2011 Base Image library.
15-11-2018 10:22:18 Removed HP Active Support Library.
15-11-2018 10:23:45 Removed LightScribe System Software.
15-11-2018 13:22:13 Revo Uninstaller's restore point - GnuWin32: OpenSSL-0.9.8h-1
15-11-2018 13:23:44 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
15-11-2018 13:23:59 Removed Adobe Acrobat Reader DC - Deutsch.
15-11-2018 13:31:21 Revo Uninstaller's restore point - meinHausplaner
15-11-2018 13:32:54 Revo Uninstaller's restore point - Microsoft Office Professional Plus 2007
15-11-2018 13:34:08 Removed Microsoft Office Professional Plus 2007

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/15/2018 10:15:39 AM) (Source: MsiInstaller) (EventID: 10005) (User: ThomasWegefa-PC)
Description: Produkt: Autodesk Design Review 2011 --Microsoft Visual C++ 2005 SP1-Redistributable ist erforderlich, um mit der Installation fortzufahren. Besuchen Sie die Microsoft-Website für den Download, um das Redistributable Package zu erhalten.

Error: (11/15/2018 09:54:21 AM) (Source: MsiInstaller) (EventID: 11721) (User: ThomasWegefa-PC)
Description: Product: Autodesk Material Library 2011 Base Image library -- Error 1721.There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: LaunchLuc.exe_Removal, location: C:\Program Files (x86)\Common Files\Autodesk Shared\Materials2011\AssetFiles\Luc.exe, command: -l -r "C:\Program Files (x86)\Common Files\Autodesk Shared\Materials2011\assetlibrary_base.adsklib"

Error: (11/15/2018 09:33:10 AM) (Source: MsiInstaller) (EventID: 10005) (User: ThomasWegefa-PC)
Description: Produkt: Autodesk Design Review 2011 --Microsoft Visual C++ 2005 SP1-Redistributable ist erforderlich, um mit der Installation fortzufahren. Besuchen Sie die Microsoft-Website für den Download, um das Redistributable Package zu erhalten.

Error: (11/15/2018 09:13:17 AM) (Source: MsiInstaller) (EventID: 10005) (User: ThomasWegefa-PC)
Description: Produkt: Autodesk Design Review 2011 --Microsoft Visual C++ 2005 SP1-Redistributable ist erforderlich, um mit der Installation fortzufahren. Besuchen Sie die Microsoft-Website für den Download, um das Redistributable Package zu erhalten.

Error: (11/14/2018 07:24:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {c7ad4775-eda0-42f8-b85d-bf73f121baa9}

Error: (11/14/2018 07:23:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/14/2018 02:47:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (11/14/2018 01:37:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {7e5c88a1-3de3-4098-9d3a-829a39065a42}


Systemfehler:
=============
Error: (11/15/2018 01:26:08 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/15/2018 01:26:06 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/14/2018 10:29:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/14/2018 10:29:07 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/14/2018 10:23:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (11/14/2018 07:27:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "HP Network Devices Support" wurde nicht richtig gestartet.

Error: (11/14/2018 07:23:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (11/14/2018 07:22:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP CUE DeviceDiscovery Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


Windows Defender:
===================================
Date: 2018-11-13 11:31:34.729
Description: 
Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Versuchte Signaturen:Aktuell
Fehlercode:0x80070003
Fehlerbeschreibung:Das System kann den angegebenen Pfad nicht finden. 
Signaturversion:0.0.0.0
Modulversion:0.0.0.0

CodeIntegrity:
===================================

Date: 2018-09-20 22:06:15.181
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2018-09-20 22:06:15.086
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2018-09-20 22:06:14.983
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2018-09-20 22:06:14.892
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2018-09-20 22:06:14.793
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2017-01-12 13:05:39.420
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2017-01-12 13:05:34.329
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\NISx64\1008030.006\BHDrvx64.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2017-01-09 11:15:41.092
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 4095.18 MB
Verfügbarer physikalischer RAM: 1699.61 MB
Summe virtueller Speicher: 8188.5 MB
Verfügbarer virtueller Speicher: 5919.3 MB

==================== Laufwerke ================================

Drive c: (COMPAQ) (Fixed) (Total:581.64 GB) (Free:411.86 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.53 GB) (Free:2.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]


==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=581.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

cosinus · 15.11.2018, 14:08

Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

the_slater · 15.11.2018, 14:17

Code:

ATTFilter

14:11:42.0412 0x0fd0  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
14:11:47.0294 0x0fd0  ============================================================
14:11:47.0294 0x0fd0  Current date / time: 2018/11/15 14:11:47.0294
14:11:47.0294 0x0fd0  SystemInfo:
14:11:47.0294 0x0fd0  
14:11:47.0294 0x0fd0  OS Version: 6.1.7601 ServicePack: 1.0
14:11:47.0294 0x0fd0  Product type: Workstation
14:11:47.0294 0x0fd0  ComputerName: THOMASWEGEFA-PC
14:11:47.0294 0x0fd0  UserName: Thomas Wegefahrt
14:11:47.0294 0x0fd0  Windows directory: C:\Windows
14:11:47.0294 0x0fd0  System windows directory: C:\Windows
14:11:47.0294 0x0fd0  Running under WOW64
14:11:47.0294 0x0fd0  Processor architecture: Intel x64
14:11:47.0294 0x0fd0  Number of processors: 4
14:11:47.0294 0x0fd0  Page size: 0x1000
14:11:47.0294 0x0fd0  Boot type: Normal boot
14:11:47.0294 0x0fd0  CodeIntegrityOptions = 0x00000001
14:11:47.0294 0x0fd0  ============================================================
14:11:49.0518 0x0fd0  KLMD registered as C:\Windows\system32\drivers\05706831.sys
14:11:49.0518 0x0fd0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.24291, osProperties = 0x1
14:11:49.0745 0x0fd0  System UUID: {9C5CA90B-A2DE-B4C5-195E-F416FB6D1FE6}
14:11:49.0911 0x0fd0  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:11:49.0925 0x0fd0  ============================================================
14:11:49.0925 0x0fd0  \Device\Harddisk0\DR0:
14:11:49.0925 0x0fd0  MBR partitions:
14:11:49.0925 0x0fd0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48B46A59
14:11:49.0925 0x0fd0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B46A98, BlocksNum 0x1D10429
14:11:49.0925 0x0fd0  ============================================================
14:11:49.0959 0x0fd0  C: <-> \Device\Harddisk0\DR0\Partition1
14:11:50.0016 0x0fd0  D: <-> \Device\Harddisk0\DR0\Partition2
14:11:50.0016 0x0fd0  ============================================================
14:11:50.0016 0x0fd0  Initialize success
14:11:50.0016 0x0fd0  ============================================================
14:12:33.0481 0x1868  ============================================================
14:12:33.0481 0x1868  Scan started
14:12:33.0481 0x1868  Mode: Manual; SigCheck; TDLFS; 
14:12:33.0481 0x1868  ============================================================
14:12:33.0481 0x1868  KSN ping started
14:12:33.0562 0x1868  KSN ping finished: true
14:12:34.0705 0x1868  ================ Scan system memory ========================
14:12:34.0705 0x1868  System memory - ok
14:12:34.0706 0x1868  ================ Scan services =============================
14:12:34.0867 0x1868  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:12:34.0894 0x1868  1394ohci - ok
14:12:35.0017 0x1868  [ BBC496CC995FE6AA0524FBFC3C39A878, 7AB01DF636CFE4E8EE156399EC044E64B0875F2A54045A64BC8389B5D383A430 ] ABBYY.Licensing.PDFTransformer.Classic.3.0 C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
14:12:35.0045 0x1868  ABBYY.Licensing.PDFTransformer.Classic.3.0 - ok
14:12:35.0082 0x1868  [ DCA5495CA17AEB2F4FD8AC60812C3999, 20A3FC0349294584C340C76D674EE5CA37BA69C886DDA6886CBCCFA437A51BD8 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:12:35.0104 0x1868  ACPI - ok
14:12:35.0136 0x1868  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:12:35.0183 0x1868  AcpiPmi - ok
14:12:35.0249 0x1868  [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:12:35.0260 0x1868  AdobeARMservice - ok
14:12:35.0329 0x1868  AdobeFlashPlayerUpdateSvc - ok
14:12:35.0376 0x1868  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:12:35.0402 0x1868  adp94xx - ok
14:12:35.0436 0x1868  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:12:35.0458 0x1868  adpahci - ok
14:12:35.0489 0x1868  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:12:35.0504 0x1868  adpu320 - ok
14:12:35.0639 0x1868  [ 8DD3C6131A641185AE5142C6ABCA3733, 06690F13E47130914314A4D850726D4DDE480E8FB96CDDABB27D301A08D1657A ] Advantage       C:\ADVANTAGE\Server\ads.exe
14:12:35.0732 0x1868  Advantage - detected UnsignedFile.Multi.Generic ( 1 )
14:12:35.0884 0x1868  Advantage ( UnsignedFile.Multi.Generic ) - warning
14:12:36.0015 0x1868  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:12:36.0031 0x1868  AeLookupSvc - ok
14:12:36.0072 0x1868  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD             C:\Windows\system32\drivers\afd.sys
14:12:36.0117 0x1868  AFD - ok
14:12:36.0148 0x1868  [ 466BF4170DC41BB939F1F9AB8F97F8F5, 603BF9DA00AABF2CC9FA89865EBCF0CDAADB77D147D0B9FC30480DA7D8215C61 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:12:36.0161 0x1868  agp440 - ok
14:12:36.0189 0x1868  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:12:36.0204 0x1868  ALG - ok
14:12:36.0215 0x1868  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:12:36.0226 0x1868  aliide - ok
14:12:36.0237 0x1868  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:12:36.0248 0x1868  amdide - ok
14:12:36.0267 0x1868  [ BA32F5A04DBB1CCF2CD46C47128CED3A, 4DF684606A52ED1E48D684582F8E5F10C01BB4A182A50EC00BB549D2C2B13CF9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:12:36.0283 0x1868  AmdK8 - ok
14:12:36.0301 0x1868  [ 653DCDCE67D05D1D7C00B70E9B1217D0, E08EC9FCA23A58D5293544FDCEBAEEC0EF70D9C5E70E9668F8F6CE12EF46344B ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:12:36.0315 0x1868  AmdPPM - ok
14:12:36.0330 0x1868  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:12:36.0344 0x1868  amdsata - ok
14:12:36.0375 0x1868  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:12:36.0390 0x1868  amdsbs - ok
14:12:36.0416 0x1868  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:12:36.0427 0x1868  amdxata - ok
14:12:36.0458 0x1868  [ E4AC503A7EFEBE27A9AA6396840C5C41, 7144F07BC2D11ADEC9B5FAF078D703DAF8ADA10D7C34F448DE2DAB8DF703A78F ] AppID           C:\Windows\system32\drivers\appid.sys
14:12:36.0473 0x1868  AppID - ok
14:12:36.0506 0x1868  [ 0F3CB95F41222A275E12F25CD383913C, 5FDA186CAA7DB12600E249D218825357EE8C1D17F55256FC5315FE3B8ACCBF4D ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:12:36.0519 0x1868  AppIDSvc - ok
14:12:36.0538 0x1868  [ 672F9F574E34C4E0E671CD8B6D529CC9, AEDFC5DC098CC1974771CD9F119CDDCCF2B6DFB11806D7CA27A2C751A4DBB159 ] Appinfo         C:\Windows\System32\appinfo.dll
14:12:36.0553 0x1868  Appinfo - ok
14:12:36.0609 0x1868  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:12:36.0645 0x1868  AppMgmt - ok
14:12:36.0653 0x1868  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:12:36.0667 0x1868  arc - ok
14:12:36.0673 0x1868  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:12:36.0686 0x1868  arcsas - ok
14:12:36.0805 0x1868  [ A8EAEFC4FCF34CE2B85DAA573144A26A, DE24C27CA83CA76101C3A2FBA613B64E8054F38DC8A87E22228F4188B858D552 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:12:36.0820 0x1868  aspnet_state - ok
14:12:36.0860 0x1868  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:12:36.0894 0x1868  AsyncMac - ok
14:12:36.0934 0x1868  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:12:36.0945 0x1868  atapi - ok
14:12:36.0994 0x1868  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:12:37.0024 0x1868  AudioEndpointBuilder - ok
14:12:37.0052 0x1868  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:12:37.0081 0x1868  AudioSrv - ok
14:12:37.0103 0x1868  [ 0174666BA4361AE37DD8212D229FA6C8, BC72281F84DAA5465C03EF0789FA470D55663CAAA8938AB6D64609687225EA44 ] avdevprot       C:\Windows\system32\DRIVERS\avdevprot.sys
14:12:37.0122 0x1868  avdevprot - ok
14:12:37.0149 0x1868  [ 3954253876E65797A980A2229C187D24, 79AA0833FB4965F25459DEEA42AF76DE81A77806213307579B0635B17AE47EFB ] avusbflt        C:\Windows\system32\Drivers\avusbflt.sys
14:12:37.0161 0x1868  avusbflt - ok
14:12:37.0194 0x1868  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:12:37.0214 0x1868  AxInstSV - ok
14:12:37.0266 0x1868  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:12:37.0289 0x1868  b06bdrv - ok
14:12:37.0400 0x1868  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:12:37.0421 0x1868  b57nd60a - ok
14:12:37.0448 0x1868  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:12:37.0470 0x1868  BDESVC - ok
14:12:37.0487 0x1868  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:12:37.0521 0x1868  Beep - ok
14:12:37.0570 0x1868  [ E3ED6C06462FDDE33100F7E45E8F5213, 71AA528F8912106FDAD83175A7529CF94B5B19093D2C63C25FAC198587286F87 ] BFE             C:\Windows\System32\bfe.dll
14:12:37.0615 0x1868  BFE - ok
14:12:37.0659 0x1868  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:12:37.0736 0x1868  BITS - ok
14:12:37.0763 0x1868  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:12:37.0778 0x1868  blbdrive - ok
14:12:37.0847 0x1868  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:12:37.0866 0x1868  Bonjour Service - ok
14:12:37.0895 0x1868  [ D7E5C916557268B3DCC9E7DAD58E7727, 439D76346E8762BA7D7F91B09580EFE8354F1A650F3B59101A3BEE2328D8F562 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:12:37.0913 0x1868  bowser - ok
14:12:37.0936 0x1868  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:12:37.0951 0x1868  BrFiltLo - ok
14:12:37.0963 0x1868  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:12:37.0977 0x1868  BrFiltUp - ok
14:12:38.0025 0x1868  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:12:38.0042 0x1868  Browser - ok
14:12:38.0084 0x1868  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:12:38.0103 0x1868  Brserid - ok
14:12:38.0121 0x1868  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:12:38.0137 0x1868  BrSerWdm - ok
14:12:38.0147 0x1868  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:12:38.0162 0x1868  BrUsbMdm - ok
14:12:38.0178 0x1868  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:12:38.0190 0x1868  BrUsbSer - ok
14:12:38.0278 0x1868  [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
14:12:38.0289 0x1868  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:12:38.0351 0x1868  Detect skipped due to KSN trusted
14:12:38.0351 0x1868  BrYNSvc - ok
14:12:38.0359 0x1868  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:12:38.0378 0x1868  BTHMODEM - ok
14:12:38.0404 0x1868  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:12:38.0444 0x1868  bthserv - ok
14:12:38.0469 0x1868  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:12:38.0507 0x1868  cdfs - ok
14:12:38.0551 0x1868  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:12:38.0568 0x1868  cdrom - ok
14:12:38.0589 0x1868  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:12:38.0628 0x1868  CertPropSvc - ok
14:12:38.0654 0x1868  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:12:38.0670 0x1868  circlass - ok
14:12:38.0711 0x1868  [ B5D7A0638CA817BA7D8A4DFD3499BA2A, B20EDC88A37C87456102EFFCA5EDD6DC9EFDA4B2E03DD9611C06693D1E4BC526 ] CLFS            C:\Windows\system32\CLFS.sys
14:12:38.0741 0x1868  CLFS - ok
14:12:38.0816 0x1868  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:12:38.0829 0x1868  clr_optimization_v2.0.50727_32 - ok
14:12:38.0887 0x1868  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:12:38.0900 0x1868  clr_optimization_v2.0.50727_64 - ok
14:12:38.0965 0x1868  [ 53076ABBB58EBFFB79177BEF0DB30888, F7C22D1AC8BD67E0423DFD4929EB1DCEBADA6E32A573C6228171E7BEF2C2B76B ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:12:38.0984 0x1868  clr_optimization_v4.0.30319_32 - ok
14:12:39.0000 0x1868  [ 64A703D8BEFF0C653FD518E72CEE16C3, 988EDCAED395446340F157688D607B8F18DBAA810B84089BF0CD934CB10DD7E5 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:12:39.0016 0x1868  clr_optimization_v4.0.30319_64 - ok
14:12:39.0042 0x1868  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:12:39.0055 0x1868  CmBatt - ok
14:12:39.0082 0x1868  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:12:39.0094 0x1868  cmdide - ok
14:12:39.0123 0x1868  [ 9DE8D00626F01DBD1879A6655D7A752D, 7624FEAEC4FBB2FAC484DA295FB748136BB331032FC58B426A45802F55F5C24D ] CNG             C:\Windows\system32\Drivers\cng.sys
14:12:39.0160 0x1868  CNG - ok
14:12:39.0181 0x1868  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:12:39.0194 0x1868  Compbatt - ok
14:12:39.0223 0x1868  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:12:39.0239 0x1868  CompositeBus - ok
14:12:39.0244 0x1868  COMSysApp - ok
14:12:39.0270 0x1868  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:12:39.0281 0x1868  crcdisk - ok
14:12:39.0316 0x1868  [ EC0550300E899BD69BDB5937E684D348, 982E5FB213F6DE07F061D4FE201CA69D99572398ED41C953E0B3358C3FD9EBF6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:12:39.0335 0x1868  CryptSvc - ok
14:12:39.0360 0x1868  [ 80BC9D418607974E4940EBC42F69BC8D, 83F1C21DCBAC4CCD970DD820C169C31DE97BD8A42D3384454B0D9C9A6053A297 ] CSC             C:\Windows\system32\drivers\csc.sys
14:12:39.0386 0x1868  CSC - ok
14:12:39.0417 0x1868  [ C593B028F399934C0A739AD7438B21BF, 8A288BD3F333ABBA9D96BD88E62B0BA782C7DF6027AC65DC2375800035655F9F ] CscService      C:\Windows\System32\cscsvc.dll
14:12:39.0447 0x1868  CscService - ok
14:12:39.0492 0x1868  [ C4AF5F835F7F88235FBBB5E5A8380988, 3306EF5B299CAE836179A9551ACDDB7F907AA483B1FE533FF2BB86425F69174E ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:12:39.0533 0x1868  DcomLaunch - ok
14:12:39.0569 0x1868  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:12:39.0611 0x1868  defragsvc - ok
14:12:39.0632 0x1868  [ 63705A08981F7EDD376241D6E0A9C2AC, 6965D64D164A4DBBC328D2611EE38A71D3FA66A6438AFC6E4830DC37ABC28729 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:12:39.0649 0x1868  DfsC - ok
14:12:39.0683 0x1868  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:12:39.0714 0x1868  Dhcp - ok
14:12:39.0770 0x1868  [ 7DF76667FA6276EE94F3BEAA8105E1B3, 199934460BED7F8A655EF70677CFED68F5F8091B22F834216B0B2B41B876721D ] DiagTrack       C:\Windows\system32\diagtrack.dll
14:12:39.0963 0x1868  DiagTrack - ok
14:12:39.0991 0x1868  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:12:40.0030 0x1868  discache - ok
14:12:40.0070 0x1868  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
14:12:40.0083 0x1868  Disk - ok
14:12:40.0119 0x1868  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
14:12:40.0135 0x1868  dmvsc - ok
14:12:40.0165 0x1868  [ EEEFC204476D5C44E4F6802F55697179, 0B67D193FF6389BE207F584F4D0C4C0B8BC9F4206851991AD270D894B95E314E ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:12:40.0187 0x1868  Dnscache - ok
14:12:40.0211 0x1868  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:12:40.0252 0x1868  dot3svc - ok
14:12:40.0273 0x1868  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:12:40.0313 0x1868  DPS - ok
14:12:40.0339 0x1868  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:12:40.0356 0x1868  drmkaud - ok
14:12:40.0400 0x1868  [ 781C6AE4B9111C9AD5017F1677599CDE, 234E7DD5EAF162F947DB66A1D4E298CF21442735B3BFEFB7FFA18F8FA1DDEBC9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:12:40.0441 0x1868  DXGKrnl - ok
14:12:40.0459 0x1868  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:12:40.0497 0x1868  EapHost - ok
14:12:40.0626 0x1868  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:12:40.0715 0x1868  ebdrv - ok
14:12:40.0750 0x1868  [ CFF988217D685AD840C28D2C19B5D8F8, 52CBE0CF0EFCC4E0D0C47D109F11F823CEBDC781E620721740D219369892E80C ] EFS             C:\Windows\System32\lsass.exe
14:12:40.0765 0x1868  EFS - ok
14:12:40.0837 0x1868  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:12:40.0898 0x1868  ehRecvr - ok
14:12:40.0907 0x1868  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:12:40.0922 0x1868  ehSched - ok
14:12:40.0954 0x1868  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
14:12:40.0964 0x1868  ElbyCDIO - ok
14:12:41.0004 0x1868  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:12:41.0033 0x1868  elxstor - ok
14:12:41.0078 0x1868  [ 9002EED07FD7FCFF6B8C5C06B454AC19, 0FCEF7D930316FF267841009DF83F29A7D9CD6ED710128F493EC15EC99D9ACD6 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:12:41.0091 0x1868  ErrDev - ok
14:12:41.0136 0x1868  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:12:41.0181 0x1868  EventSystem - ok
14:12:41.0214 0x1868  [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:12:41.0231 0x1868  exfat - ok
14:12:41.0248 0x1868  [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:12:41.0269 0x1868  fastfat - ok
14:12:41.0311 0x1868  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:12:41.0339 0x1868  Fax - ok
14:12:41.0366 0x1868  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:12:41.0379 0x1868  fdc - ok
14:12:41.0408 0x1868  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:12:41.0443 0x1868  fdPHost - ok
14:12:41.0454 0x1868  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:12:41.0491 0x1868  FDResPub - ok
14:12:41.0500 0x1868  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:12:41.0513 0x1868  FileInfo - ok
14:12:41.0539 0x1868  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:12:41.0575 0x1868  Filetrace - ok
14:12:41.0586 0x1868  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:12:41.0599 0x1868  flpydisk - ok
14:12:41.0652 0x1868  [ DC591A7A196E99EFB5A48D708CB989FD, 1C34C0A4AEEE977D290EF5E79C3B13B1F1F18E051F49815013D360F62458D82A ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:12:41.0670 0x1868  FltMgr - ok
14:12:41.0724 0x1868  [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache       C:\Windows\system32\FntCache.dll
14:12:41.0767 0x1868  FontCache - ok
14:12:41.0825 0x1868  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:12:41.0838 0x1868  FontCache3.0.0.0 - ok
14:12:41.0858 0x1868  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:12:41.0870 0x1868  FsDepends - ok
14:12:41.0906 0x1868  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:12:41.0918 0x1868  Fs_Rec - ok
14:12:41.0947 0x1868  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:12:41.0966 0x1868  fvevol - ok
14:12:42.0004 0x1868  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:12:42.0018 0x1868  gagp30kx - ok
14:12:42.0075 0x1868  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
14:12:42.0108 0x1868  gpsvc - ok
14:12:42.0148 0x1868  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:12:42.0160 0x1868  gupdate - ok
14:12:42.0173 0x1868  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:12:42.0184 0x1868  gupdatem - ok
14:12:42.0207 0x1868  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:12:42.0237 0x1868  hcw85cir - ok
14:12:42.0262 0x1868  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:12:42.0279 0x1868  HDAudBus - ok
14:12:42.0305 0x1868  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:12:42.0318 0x1868  HidBatt - ok
14:12:42.0344 0x1868  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:12:42.0360 0x1868  HidBth - ok
14:12:42.0399 0x1868  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:12:42.0415 0x1868  HidIr - ok
14:12:42.0444 0x1868  [ D6A35311B4FD985075A19D622700BDEC, 26165EE71C07FB02094B35BF26C88716084F67B28C03B5F9ED659A0E459F4DCA ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
14:12:42.0458 0x1868  hidkmdf - ok
14:12:42.0481 0x1868  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:12:42.0517 0x1868  hidserv - ok
14:12:42.0546 0x1868  [ 90D91013D16A15B22A4B4EB6D4140A5B, A13B013AB5F1839304699A8130A5DF8B4F76657E4132BF7EAFAEADBFFE3AB490 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:12:42.0558 0x1868  HidUsb - ok
14:12:42.0581 0x1868  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:12:42.0617 0x1868  hkmsvc - ok
14:12:42.0640 0x1868  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:12:42.0658 0x1868  HomeGroupListener - ok
14:12:42.0694 0x1868  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:12:42.0711 0x1868  HomeGroupProvider - ok
14:12:42.0770 0x1868  [ AA9EF0B395097F24D289F64445B2FD2E, D7B38E16A0EC9572A5F474E9463592AAC42E35F54009DA8CDA986F86FD38354E ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
14:12:42.0776 0x1868  HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
14:12:42.0820 0x1868  Detect skipped due to KSN trusted
14:12:42.0820 0x1868  HP Health Check Service - ok
14:12:42.0889 0x1868  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:12:42.0899 0x1868  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
14:12:42.0954 0x1868  Detect skipped due to KSN trusted
14:12:42.0954 0x1868  hpqcxs08 - ok
14:12:42.0970 0x1868  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:12:42.0976 0x1868  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
14:12:43.0027 0x1868  Detect skipped due to KSN trusted
14:12:43.0027 0x1868  hpqddsvc - ok
14:12:43.0039 0x1868  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:12:43.0052 0x1868  HpSAMD - ok
14:12:43.0101 0x1868  [ 7F57926169C1B8ABA9274EA7D4B70F18, A2BB01054737C6B0461381221D1C344951AC2BE9E5AE01E15A6871B31B62BE78 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:12:43.0130 0x1868  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
14:12:43.0186 0x1868  Detect skipped due to KSN trusted
14:12:43.0186 0x1868  HPSLPSVC - ok
14:12:43.0234 0x1868  [ 93C367EA831FB39DEE3BA96539A187FB, 8B912152CA8B89B4429278F93163481BAA07E2D940EE61CE1B7AD178AB13E105 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:12:43.0267 0x1868  HTTP - ok
14:12:43.0280 0x1868  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:12:43.0293 0x1868  hwpolicy - ok
14:12:43.0335 0x1868  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:12:43.0350 0x1868  i8042prt - ok
14:12:43.0400 0x1868  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:12:43.0421 0x1868  iaStorV - ok
14:12:43.0484 0x1868  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:12:43.0524 0x1868  idsvc - ok
14:12:43.0559 0x1868  IEEtwCollectorService - ok
14:12:43.0587 0x1868  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:12:43.0600 0x1868  iirsp - ok
14:12:43.0670 0x1868  [ 25AF7D5C819F19D7C97F4A9607F2609A, 70142B97F1087E20758AFECF5A7AB2EC1FDBBF68019A3BEC6C49F168650FEFC8 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:12:43.0706 0x1868  IKEEXT - ok
14:12:43.0814 0x1868  [ 3C4B4EE54FEBB09F7E9F58776DE96DCA, 4E0320281FB9D02A4D8571597D157C0DF2A85CF17D53775D93CF3C54BEC34B24 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:12:43.0894 0x1868  IntcAzAudAddService - ok
14:12:43.0919 0x1868  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:12:43.0932 0x1868  intelide - ok
14:12:43.0958 0x1868  [ 6C30B807A6550AD9AA6B9A042E8375CC, 94C71A9AB29B5C4C7BFFE5DF9DAC992C5025089E8B7646E745A3BCC516E5BAA7 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
14:12:43.0972 0x1868  intelppm - ok
14:12:44.0002 0x1868  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:12:44.0045 0x1868  IPBusEnum - ok
14:12:44.0070 0x1868  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:12:44.0109 0x1868  IpFilterDriver - ok
14:12:44.0161 0x1868  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:12:44.0203 0x1868  iphlpsvc - ok
14:12:44.0212 0x1868  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:12:44.0229 0x1868  IPMIDRV - ok
14:12:44.0239 0x1868  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:12:44.0276 0x1868  IPNAT - ok
14:12:44.0310 0x1868  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:12:44.0327 0x1868  IRENUM - ok
14:12:44.0361 0x1868  [ 905E9D664F38B93B53FA05422165F5B5, 5B0D8869C73836378C234FAA407DE047F5F638D3E872B246A1AC74BE44BBD7DD ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:12:44.0373 0x1868  isapnp - ok
14:12:44.0412 0x1868  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:12:44.0433 0x1868  iScsiPrt - ok
14:12:44.0452 0x1868  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:12:44.0464 0x1868  kbdclass - ok
14:12:44.0479 0x1868  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:12:44.0492 0x1868  kbdhid - ok
14:12:44.0499 0x1868  [ CFF988217D685AD840C28D2C19B5D8F8, 52CBE0CF0EFCC4E0D0C47D109F11F823CEBDC781E620721740D219369892E80C ] KeyIso          C:\Windows\system32\lsass.exe
14:12:44.0513 0x1868  KeyIso - ok
14:12:44.0539 0x1868  [ ABCAF2389EF529C1ED8312CB15C5135D, 73A1E56E885A33A1EE038EC61D66CB1EE9204006B28092D09CDB99B0C6D325FE ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:12:44.0553 0x1868  KSecDD - ok
14:12:44.0562 0x1868  [ B85CE52195211551A0E26D03CC04ED67, 3F641912C8A01CED4CA1CB3388B9AAFD63E37C82E8E2FC057874F992BEEF9FB1 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:12:44.0577 0x1868  KSecPkg - ok
14:12:44.0586 0x1868  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:12:44.0622 0x1868  ksthunk - ok
14:12:44.0660 0x1868  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:12:44.0704 0x1868  KtmRm - ok
14:12:44.0743 0x1868  [ E65118228501478C4630BC96F2E1C876, FF2346ED4B097D9D58D558F4A8A854597E457F37C12984160D22E0F5B2F31720 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:12:44.0765 0x1868  LanmanServer - ok
14:12:44.0791 0x1868  [ 01C95A8CAE16CCF1EA1181395C872B9F, 0BB846AFC7335BB0CD52735AE32E0BCD5075865900C356493DC159795E8C8181 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:12:44.0812 0x1868  LanmanWorkstation - ok
14:12:44.0847 0x1868  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:12:44.0882 0x1868  lltdio - ok
14:12:44.0930 0x1868  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:12:44.0978 0x1868  lltdsvc - ok
14:12:45.0001 0x1868  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:12:45.0036 0x1868  lmhosts - ok
14:12:45.0074 0x1868  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:12:45.0088 0x1868  LSI_FC - ok
14:12:45.0096 0x1868  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:12:45.0110 0x1868  LSI_SAS - ok
14:12:45.0116 0x1868  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:12:45.0130 0x1868  LSI_SAS2 - ok
14:12:45.0147 0x1868  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:12:45.0161 0x1868  LSI_SCSI - ok
14:12:45.0212 0x1868  [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:12:45.0226 0x1868  luafv - ok
14:12:45.0258 0x1868  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:12:45.0273 0x1868  Mcx2Svc - ok
14:12:45.0312 0x1868  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:12:45.0326 0x1868  megasas - ok
14:12:45.0385 0x1868  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:12:45.0405 0x1868  MegaSR - ok
14:12:45.0442 0x1868  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:12:45.0484 0x1868  MMCSS - ok
14:12:45.0510 0x1868  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:12:45.0545 0x1868  Modem - ok
14:12:45.0580 0x1868  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:12:45.0595 0x1868  monitor - ok
14:12:45.0607 0x1868  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:12:45.0620 0x1868  mouclass - ok
14:12:45.0638 0x1868  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:12:45.0651 0x1868  mouhid - ok
14:12:45.0678 0x1868  [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:12:45.0692 0x1868  mountmgr - ok
14:12:45.0744 0x1868  [ 98A6E68D555F7CE2AB84D50AB16C50C7, A0F825A6D1C795124117CB5E9E0AC0821817CE768E2E2E6A252CD41C2B83875F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:12:45.0762 0x1868  MozillaMaintenance - ok
14:12:45.0771 0x1868  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:12:45.0785 0x1868  mpio - ok
14:12:45.0818 0x1868  [ 3F829492638A86A3C4E0BB06778F0C23, A5B5FBE06E407C892E4668D53CC3F49BC6C7ACA12ED7AFB69FAC1C133003A890 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:12:45.0834 0x1868  mpsdrv - ok
14:12:45.0870 0x1868  [ C7A8706D5536D9BE35396C0116CAA8EE, AFB6B40B5CBA4F54C6AB3F82534CCA9D393C466EC5E3981CEBB33CB111C405D0 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:12:45.0906 0x1868  MpsSvc - ok
14:12:45.0943 0x1868  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:12:45.0959 0x1868  MRxDAV - ok
14:12:45.0995 0x1868  [ 91E822F9C15D8B31B89A046B30F1D432, 4F289C8CB93F109D90F299EA21F294FE4D5566F1CABB6B0E0D900FAA16C828DF ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:12:46.0014 0x1868  mrxsmb - ok
14:12:46.0044 0x1868  [ 68A490F0FFFCF4D3C3FE79D28034B46F, 9F0AA0E106DA6606290D900A536B71D56EC98A6D74D709FBB5C355D05E861972 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:12:46.0065 0x1868  mrxsmb10 - ok
14:12:46.0082 0x1868  [ 6E438517E1E5C49C172C756E7D898189, EC40B3F20AC9E0F153E525DCF5F29C4FA145F24A40708D373D3FAF2A324F12F1 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:12:46.0099 0x1868  mrxsmb20 - ok
14:12:46.0118 0x1868  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:12:46.0129 0x1868  msahci - ok
14:12:46.0161 0x1868  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:12:46.0175 0x1868  msdsm - ok
14:12:46.0194 0x1868  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:12:46.0210 0x1868  MSDTC - ok
14:12:46.0238 0x1868  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:12:46.0275 0x1868  Msfs - ok
14:12:46.0299 0x1868  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:12:46.0334 0x1868  mshidkmdf - ok
14:12:46.0374 0x1868  [ 6FE3DBEEA730A857CA3DF603B7DEADA2, CFB2F88799BD8D4D6B435C88B0B12D6E3EE83428B8EBE4C9DAACE25F03E7EABB ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:12:46.0387 0x1868  msisadrv - ok
14:12:46.0433 0x1868  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:12:46.0474 0x1868  MSiSCSI - ok
14:12:46.0480 0x1868  msiserver - ok
14:12:46.0528 0x1868  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:12:46.0562 0x1868  MSKSSRV - ok
14:12:46.0613 0x1868  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:12:46.0648 0x1868  MSPCLOCK - ok
14:12:46.0662 0x1868  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:12:46.0697 0x1868  MSPQM - ok
14:12:46.0746 0x1868  [ AA59ECB19525584F1F69F808C2CF18DF, 4630520D61724546BB41D82598315EE7B161506381CE2BCEEBC40B17C9BB0B30 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:12:46.0776 0x1868  MsRPC - ok
14:12:46.0794 0x1868  [ 1FC0BF25FFCB9F751BCBC6C6AC577078, D48313C4A3E711F3E2AFEC87E3C78B9230A96438CEC92857F8B454E2D1602E84 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:12:46.0806 0x1868  mssmbios - ok
14:12:46.0827 0x1868  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:12:46.0860 0x1868  MSTEE - ok
14:12:47.0067 0x1868  [ CB4A082AF58D1A0969F931816D5CFB05, 4C5EBAF60E320F671F0127635141BE4A7E13C4D640ECD113460A1915D9A7348D ] msvsmon90       c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
14:12:47.0189 0x1868  msvsmon90 - ok
14:12:47.0218 0x1868  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:12:47.0230 0x1868  MTConfig - ok
14:12:47.0258 0x1868  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:12:47.0271 0x1868  Mup - ok
14:12:47.0309 0x1868  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:12:47.0355 0x1868  napagent - ok
14:12:47.0389 0x1868  [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:12:47.0409 0x1868  NativeWifiP - ok
14:12:47.0463 0x1868  [ CBE5C2A3353A367734989E335D6AF194, E8927AD1202AC5E523717AC4ADB2345D31A00B304FA56056B27043792237CFEC ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:12:47.0498 0x1868  NDIS - ok
14:12:47.0524 0x1868  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:12:47.0559 0x1868  NdisCap - ok
14:12:47.0594 0x1868  [ 3F217F77899654833B650ED6A1372BE4, BB351A685D8F05E8066716F7346D28F950FB263D6C4F6957D908EA602FFF0681 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:12:47.0607 0x1868  NdisTapi - ok
14:12:47.0646 0x1868  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:12:47.0680 0x1868  Ndisuio - ok
14:12:47.0712 0x1868  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:12:47.0748 0x1868  NdisWan - ok
14:12:47.0768 0x1868  [ E46AF308E96F7730F59B0F250A884CD6, F5D00B950AAE1F38E295385C934FDC6C24608E65A8357317AE889947A2FE2BDC ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:12:47.0781 0x1868  NDProxy - ok
14:12:47.0807 0x1868  [ 2E19EB10185992AB08BC3688AACA4CE2, D9E3A5CFE8887B7F66239000116723FAA119107870A6FB65FD6F108CE5C9D9EB ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:12:47.0823 0x1868  NetBIOS - ok
14:12:47.0840 0x1868  [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:12:47.0859 0x1868  NetBT - ok
14:12:47.0874 0x1868  [ CFF988217D685AD840C28D2C19B5D8F8, 52CBE0CF0EFCC4E0D0C47D109F11F823CEBDC781E620721740D219369892E80C ] Netlogon        C:\Windows\system32\lsass.exe
14:12:47.0889 0x1868  Netlogon - ok
14:12:47.0916 0x1868  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:12:47.0962 0x1868  Netman - ok
14:12:47.0991 0x1868  [ C986B84B68DDA3EECB65F4C330175522, 8F40D3F90BC61FC57BEA66280FF30DEFB1F37F53636992B1C61D01465684BB39 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:48.0008 0x1868  NetMsmqActivator - ok
14:12:48.0024 0x1868  [ C986B84B68DDA3EECB65F4C330175522, 8F40D3F90BC61FC57BEA66280FF30DEFB1F37F53636992B1C61D01465684BB39 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:48.0040 0x1868  NetPipeActivator - ok
14:12:48.0085 0x1868  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:12:48.0136 0x1868  netprofm - ok
14:12:48.0144 0x1868  [ C986B84B68DDA3EECB65F4C330175522, 8F40D3F90BC61FC57BEA66280FF30DEFB1F37F53636992B1C61D01465684BB39 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:48.0161 0x1868  NetTcpActivator - ok
14:12:48.0168 0x1868  [ C986B84B68DDA3EECB65F4C330175522, 8F40D3F90BC61FC57BEA66280FF30DEFB1F37F53636992B1C61D01465684BB39 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:48.0184 0x1868  NetTcpPortSharing - ok
14:12:48.0216 0x1868  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:12:48.0228 0x1868  nfrd960 - ok
14:12:48.0272 0x1868  [ 93DEDBE8E24F31962755E6AA4AC2D7B0, 368B3F48F230514F496CE24339EC8943A87A6BB9815912AE192B73837AB3E3B7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:12:48.0294 0x1868  NlaSvc - ok
14:12:48.0308 0x1868  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:12:48.0343 0x1868  Npfs - ok
14:12:48.0363 0x1868  [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi             C:\Windows\system32\nsisvc.dll
14:12:48.0380 0x1868  nsi - ok
14:12:48.0407 0x1868  [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:12:48.0422 0x1868  nsiproxy - ok
14:12:48.0497 0x1868  [ 854121FF6840DB681910D072F92640B7, 6726A25097A58F43115FA601FFCDD7F1252F10EC77E70CEFC0651385A2788E88 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:12:48.0567 0x1868  Ntfs - ok
14:12:48.0580 0x1868  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:12:48.0616 0x1868  Null - ok
14:12:48.0649 0x1868  [ BE52A3EDA5E4E8EFACC41F6238B709DF, D11F62472E72CF1814E305A86D16FB726E0DD46447486013C292A6C593A5CD0F ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:12:48.0660 0x1868  NVHDA - ok
14:12:49.0057 0x1868  [ D52CB937D5C23935F732B5D0BBAFF2D7, 1BCC9F98D081CB6F934AACB5C1C8E90CCAF9C5095DD76F20848BAE74A5069E52 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:12:49.0453 0x1868  nvlddmkm - ok
14:12:49.0506 0x1868  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:12:49.0521 0x1868  nvraid - ok
14:12:49.0542 0x1868  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:12:49.0556 0x1868  nvstor - ok
14:12:49.0602 0x1868  [ 3227EB0ECFBB7CB7F667AC2FFFCDC751, 408335F36BCE835C35BB5599C9EECB8AFC7D44B0D2DF69E8632ECAF7F5896DBE ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:12:49.0634 0x1868  nvsvc - ok
14:12:49.0691 0x1868  [ 7502513F433BE410D9D4A7D0E69D9F74, 9585103439859E004224AF6142162E9C857FBF5FD567B7F45BC0CB85B142624B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:12:49.0732 0x1868  nvUpdatusService - ok
14:12:49.0761 0x1868  [ 7425A6B64F5D37D0565F2581B886E5E3, 877095624C4EAE13A5814117EEEF515842FFF77C9823DA83BC01FA6B8D9E8A6B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:12:49.0775 0x1868  nv_agp - ok
14:12:49.0801 0x1868  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:12:49.0815 0x1868  ohci1394 - ok
14:12:49.0986 0x1868  [ 27C7E65D6781BD73E534C0EF81430D18, 3A93E1941DE2DFC1B95837C16DA5F700678AC6C2DC3E4928820964FD3E73C99B ] orgaMAXMobileService C:\orgaMAX\orgamaxmobil_service.exe
14:12:50.0094 0x1868  orgaMAXMobileService - ok
14:12:50.0155 0x1868  [ D21AC5BC8098D309FF47132451390679, 5CE539E25DB04CF474317188F6BED5CF302FF2805932426207969998E9E61B4A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:12:50.0172 0x1868  ose - ok
14:12:50.0206 0x1868  [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:12:50.0229 0x1868  p2pimsvc - ok
14:12:50.0271 0x1868  [ 79DB2B358BF0B152F15D1C5A525233BD, 374D9E8D7FBBC3EB14BDC651378120FCB075A36404F1E76A3F291F89CD5C3362 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:12:50.0295 0x1868  p2psvc - ok
14:12:50.0303 0x1868  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:12:50.0318 0x1868  Parport - ok
14:12:50.0340 0x1868  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:12:50.0353 0x1868  partmgr - ok
14:12:50.0380 0x1868  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:12:50.0397 0x1868  PcaSvc - ok
14:12:50.0425 0x1868  [ 481DADB90C1D4E9F19328079C7A9E63D, DA8946D89F0D59F2A17512B9029EB17B2909CF99B70CF4BA7258012E95008ABD ] pci             C:\Windows\system32\drivers\pci.sys
14:12:50.0441 0x1868  pci - ok
14:12:50.0449 0x1868  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:12:50.0460 0x1868  pciide - ok
14:12:50.0494 0x1868  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:12:50.0511 0x1868  pcmcia - ok
14:12:50.0541 0x1868  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:12:50.0553 0x1868  pcw - ok
14:12:50.0582 0x1868  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:12:50.0611 0x1868  PEAUTH - ok
14:12:50.0676 0x1868  [ C59E17D5E30972ECA28A72004795AEA7, 24CE4698F578BB6BE51101BA083C5E4A6A1AA449439C125BA3E5793E54260525 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:12:50.0729 0x1868  PeerDistSvc - ok
14:12:50.0797 0x1868  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:12:50.0811 0x1868  PerfHost - ok
14:12:50.0882 0x1868  [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla             C:\Windows\system32\pla.dll
14:12:50.0932 0x1868  pla - ok
14:12:50.0966 0x1868  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:12:50.0989 0x1868  PlugPlay - ok
14:12:51.0025 0x1868  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:12:51.0038 0x1868  PNRPAutoReg - ok
14:12:51.0065 0x1868  [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:12:51.0084 0x1868  PNRPsvc - ok
14:12:51.0128 0x1868  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:12:51.0164 0x1868  PolicyAgent - ok
14:12:51.0198 0x1868  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:12:51.0238 0x1868  Power - ok
14:12:51.0261 0x1868  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:12:51.0297 0x1868  PptpMiniport - ok
14:12:51.0320 0x1868  [ F75177AC6019F75A1A52D134D63D6C51, 26DF0112E69AF45F1A819E790EEE42DDE8D72B41C23056592BCA72487C6AAFEA ] Processor       C:\Windows\system32\drivers\processr.sys
14:12:51.0333 0x1868  Processor - ok
14:12:51.0363 0x1868  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:12:51.0382 0x1868  ProfSvc - ok
14:12:51.0391 0x1868  [ CFF988217D685AD840C28D2C19B5D8F8, 52CBE0CF0EFCC4E0D0C47D109F11F823CEBDC781E620721740D219369892E80C ] ProtectedStorage C:\Windows\system32\lsass.exe
14:12:51.0404 0x1868  ProtectedStorage - ok
14:12:51.0438 0x1868  [ 4CE827A5433451551E99C2C1D20E4A43, B2E0806BB5C32A9126584941EE92526BFD45BB9EE18D7E598A2FFE7AAB495930 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:12:51.0455 0x1868  Psched - ok
14:12:51.0527 0x1868  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:12:51.0577 0x1868  ql2300 - ok
14:12:51.0587 0x1868  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:12:51.0602 0x1868  ql40xx - ok
14:12:51.0645 0x1868  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:12:51.0669 0x1868  QWAVE - ok
14:12:51.0697 0x1868  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:12:51.0715 0x1868  QWAVEdrv - ok
14:12:51.0731 0x1868  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:12:51.0766 0x1868  RasAcd - ok
14:12:51.0804 0x1868  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:12:51.0840 0x1868  RasAgileVpn - ok
14:12:51.0849 0x1868  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:12:51.0886 0x1868  RasAuto - ok
14:12:51.0901 0x1868  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:12:51.0937 0x1868  Rasl2tp - ok
14:12:51.0950 0x1868  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:12:51.0993 0x1868  RasMan - ok
14:12:52.0007 0x1868  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:12:52.0043 0x1868  RasPppoe - ok
14:12:52.0059 0x1868  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:12:52.0095 0x1868  RasSstp - ok
14:12:52.0125 0x1868  [ FB45727105E27756B3252572A138FA19, B11A375C7377C2DD02175921F5A3BBD23191207DE76DB220ACF72BD5CF74E09A ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:12:52.0146 0x1868  rdbss - ok
14:12:52.0161 0x1868  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:12:52.0176 0x1868  rdpbus - ok
14:12:52.0199 0x1868  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:12:52.0233 0x1868  RDPCDD - ok
14:12:52.0284 0x1868  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:12:52.0299 0x1868  RDPDR - ok
14:12:52.0304 0x1868  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:12:52.0339 0x1868  RDPENCDD - ok
14:12:52.0348 0x1868  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:12:52.0384 0x1868  RDPREFMP - ok
14:12:52.0429 0x1868  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:12:52.0469 0x1868  RdpVideoMiniport - ok
14:12:52.0492 0x1868  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:12:52.0520 0x1868  RDPWD - ok
14:12:52.0545 0x1868  [ F4287A980C0AA41DE3073F053E5EA73C, 04A386884DE32C6813486FD2D8FD9B9B275758CE5354459D8862A60E7F134833 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:12:52.0562 0x1868  rdyboost - ok
14:12:52.0585 0x1868  [ 0301EEE83B03229F555C6F8025FB5540, 3ABBA482E59FF9FC831A0FEA75A8C937BAE5077108A0EB3F89205C72FEDC2CD9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:12:52.0601 0x1868  RemoteAccess - ok
14:12:52.0609 0x1868  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:12:52.0648 0x1868  RemoteRegistry - ok
14:12:52.0667 0x1868  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:12:52.0703 0x1868  RpcEptMapper - ok
14:12:52.0726 0x1868  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:12:52.0739 0x1868  RpcLocator - ok
14:12:52.0776 0x1868  [ C4AF5F835F7F88235FBBB5E5A8380988, 3306EF5B299CAE836179A9551ACDDB7F907AA483B1FE533FF2BB86425F69174E ] RpcSs           C:\Windows\system32\rpcss.dll
14:12:52.0803 0x1868  RpcSs - ok
14:12:52.0826 0x1868  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:12:52.0862 0x1868  rspndr - ok
14:12:52.0895 0x1868  [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:12:52.0920 0x1868  RTL8167 - ok
14:12:52.0962 0x1868  [ D53C84EC99AB4D78A90001E5CE5386EC, D6ACAAF512EB16924DCA2310BAA2917C3E24AE72048099B9939C3E49AA6FD0D7 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys
14:12:52.0990 0x1868  RTL8169 - ok
14:12:53.0046 0x1868  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:12:53.0057 0x1868  s3cap - ok
14:12:53.0083 0x1868  [ CFF988217D685AD840C28D2C19B5D8F8, 52CBE0CF0EFCC4E0D0C47D109F11F823CEBDC781E620721740D219369892E80C ] SamSs           C:\Windows\system32\lsass.exe
14:12:53.0096 0x1868  SamSs - ok
14:12:53.0170 0x1868  [ 78D5FA0FEA072BC27FFFB67D1720F19D, 9500C150358273B2EC9A673AA51CE33C34DF766D2B735C5AD2A3B981D94BEDBD ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
14:12:53.0333 0x1868  Samsung Network Fax Server - ok
14:12:53.0365 0x1868  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:12:53.0380 0x1868  sbp2port - ok
14:12:53.0418 0x1868  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:12:53.0459 0x1868  SCardSvr - ok
14:12:53.0498 0x1868  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:12:53.0534 0x1868  scfilter - ok
14:12:53.0623 0x1868  [ F4F316BD846A5CDF84FBF487D4B9AFF6, 0BDA143561B7C1E5C7D4E7CD119B7183C13C4CA498CC13C5CC57E7022AA5D613 ] Schedule        C:\Windows\system32\schedsvc.dll
14:12:53.0665 0x1868  Schedule - ok
14:12:53.0687 0x1868  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:12:53.0723 0x1868  SCPolicySvc - ok
14:12:53.0731 0x1868  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:12:53.0748 0x1868  SDRSVC - ok
14:12:53.0777 0x1868  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:12:53.0821 0x1868  secdrv - ok
14:12:53.0839 0x1868  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
14:12:53.0861 0x1868  seclogon - ok
14:12:53.0875 0x1868  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:12:53.0918 0x1868  SENS - ok
14:12:53.0933 0x1868  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:12:53.0946 0x1868  SensrSvc - ok
14:12:53.0968 0x1868  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:12:53.0981 0x1868  Serenum - ok
14:12:54.0020 0x1868  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:12:54.0034 0x1868  Serial - ok
14:12:54.0066 0x1868  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:12:54.0080 0x1868  sermouse - ok
14:12:54.0097 0x1868  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:12:54.0138 0x1868  SessionEnv - ok
14:12:54.0163 0x1868  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:12:54.0178 0x1868  sffdisk - ok
14:12:54.0187 0x1868  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:12:54.0203 0x1868  sffp_mmc - ok
14:12:54.0217 0x1868  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:12:54.0231 0x1868  sffp_sd - ok
14:12:54.0241 0x1868  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:12:54.0258 0x1868  sfloppy - ok
14:12:54.0300 0x1868  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:12:54.0343 0x1868  SharedAccess - ok
14:12:54.0369 0x1868  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:12:54.0413 0x1868  ShellHWDetection - ok
14:12:54.0450 0x1868  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:12:54.0463 0x1868  SiSRaid2 - ok
14:12:54.0470 0x1868  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:12:54.0483 0x1868  SiSRaid4 - ok
14:12:54.0519 0x1868  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:12:54.0555 0x1868  Smb - ok
14:12:54.0574 0x1868  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:12:54.0588 0x1868  SNMPTRAP - ok
14:12:54.0601 0x1868  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:12:54.0613 0x1868  spldr - ok
14:12:54.0651 0x1868  [ 8003D39B386EDCCFB08DC21AACC0683A, 99D6A4DBE810335A69AE3053DC4B6AAC267639AD7F9C568431FA0714F6E71F30 ] Spooler         C:\Windows\System32\spoolsv.exe
14:12:54.0686 0x1868  Spooler - ok
14:12:54.0800 0x1868  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:12:54.0922 0x1868  sppsvc - ok
14:12:54.0938 0x1868  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:12:54.0974 0x1868  sppuinotify - ok
14:12:55.0003 0x1868  [ 1145EC013B72D4E6C60497707BB1A4B6, 1062AE3C61A5ACB25A1899E354DC9AA750658E23B22F2A97E9B181B65A50AA46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:12:55.0036 0x1868  srv - ok
14:12:55.0060 0x1868  [ 2D8FFA3B636368130F909E0CD935B555, 0C0BC56D5F6B1931D9159D98D3C8F4F1C4F4C3674C48430DFAC79926AB355601 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:12:55.0085 0x1868  srv2 - ok
14:12:55.0109 0x1868  [ 4B1C343E11065819F687EAC68A5E13F3, 4A850E37ECA4293A12E9C12B96999C4AA84A44177D31DFEF316E52050B1EDDA3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:12:55.0128 0x1868  srvnet - ok
14:12:55.0142 0x1868  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:12:55.0183 0x1868  SSDPSRV - ok
14:12:55.0219 0x1868  [ 983F9033F93B6600FB6360C36BDAF65D, CA4A9031BF4280F253F36DD45B630604B4FE61CC4687CB0826C9F9F65B7AAEB0 ] sshid           C:\Windows\system32\DRIVERS\sshid.sys
14:12:55.0233 0x1868  sshid - ok
14:12:55.0249 0x1868  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:12:55.0289 0x1868  SstpSvc - ok
14:12:55.0324 0x1868  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:12:55.0336 0x1868  stexstor - ok
14:12:55.0400 0x1868  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:12:55.0436 0x1868  stisvc - ok
14:12:55.0461 0x1868  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:12:55.0473 0x1868  storflt - ok
14:12:55.0499 0x1868  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:12:55.0511 0x1868  storvsc - ok
14:12:55.0544 0x1868  [ 10DCD3BDFA785E1482EC02304A7E9B96, DBD348388F5B17F2620A9D40D1191A51BA6CDAF15E37503630D859FB144486A1 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:12:55.0556 0x1868  swenum - ok
14:12:55.0583 0x1868  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:12:55.0632 0x1868  swprv - ok
14:12:55.0668 0x1868  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
14:12:55.0681 0x1868  Synth3dVsc - ok
14:12:55.0765 0x1868  [ 15CF7B24AA64FE958CAEA00274838B1C, 820F7CF1CCD036A1871D728C1CC80D9E9BB5E3BD5D9C7BC822B1711D8DB79707 ] SysMain         C:\Windows\system32\sysmain.dll
14:12:55.0826 0x1868  SysMain - ok
14:12:55.0850 0x1868  [ AD359C53941A6AC57FB935E7E9F1D16E, 6D53065ECE8E928CC045E16B7618D866C121EBA6C6CBDADC97C2B0DC8D8CF9FC ] TabletInputService C:\Windows\System32\TabSvc.dll
14:12:55.0867 0x1868  TabletInputService - ok
14:12:55.0886 0x1868  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:12:55.0929 0x1868  TapiSrv - ok
14:12:56.0002 0x1868  [ F9EE4B0C1783FB393B28CC93121117FE, 158BDA40E4C5ED438A0E1E32DCA64122F3BE0681B176F756B1EBD93550F29C35 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:12:56.0061 0x1868  Tcpip - ok
14:12:56.0134 0x1868  [ F9EE4B0C1783FB393B28CC93121117FE, 158BDA40E4C5ED438A0E1E32DCA64122F3BE0681B176F756B1EBD93550F29C35 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:12:56.0191 0x1868  TCPIP6 - ok
14:12:56.0214 0x1868  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:12:56.0239 0x1868  tcpipreg - ok
14:12:56.0265 0x1868  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:12:56.0277 0x1868  TDPIPE - ok
14:12:56.0320 0x1868  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:12:56.0333 0x1868  TDTCP - ok
14:12:56.0362 0x1868  [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:12:56.0379 0x1868  tdx - ok
14:12:56.0778 0x1868  [ 18314F3FD0E47F0969F384780F9B6F80, E64A42C668C130B0518C196653645B43952EC0FEB9EF3E084BDCA98F3AAC7BBF ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:12:57.0066 0x1868  TeamViewer - ok
14:12:57.0111 0x1868  [ AC24D7A7D9EEDE11E2926F9001BEAFB5, 04F8FEC125B70A292DF4748925064CBDDF6D8FFF596ACD1EB063425E22505472 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:12:57.0124 0x1868  TermDD - ok
14:12:57.0149 0x1868  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
14:12:57.0161 0x1868  terminpt - ok
14:12:57.0192 0x1868  [ 67772797BCC49EBF4B5A1519C88A80D4, D839E035645F69981E8BA250DAA8ABC0F504E3DDC89E3D1AED3CA276CD635C56 ] TermService     C:\Windows\System32\termsrv.dll
14:12:57.0225 0x1868  TermService - ok
14:12:57.0238 0x1868  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:12:57.0258 0x1868  Themes - ok
14:12:57.0284 0x1868  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:12:57.0320 0x1868  THREADORDER - ok
14:12:57.0440 0x1868  [ 08AA4B39BACB5EA367DC3BA90B298F1C, 5F1E6C422EDAE45F286D07A98259CF045A836EE6B276AF2FB0F24DC5A0809937 ] TopDNS          C:\blue solution\Handwerk 5\daten\TopAppService\TopDnsService.exe
14:12:57.0514 0x1868  TopDNS - detected UnsignedFile.Multi.Generic ( 1 )
14:12:57.0575 0x1868  TopDNS ( UnsignedFile.Multi.Generic ) - warning
14:12:57.0665 0x1868  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:12:57.0712 0x1868  TrkWks - ok
14:12:57.0762 0x1868  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:12:57.0800 0x1868  TrustedInstaller - ok
14:12:57.0817 0x1868  [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:12:57.0832 0x1868  tssecsrv - ok
14:12:57.0871 0x1868  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:12:57.0884 0x1868  TsUsbFlt - ok
14:12:57.0899 0x1868  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:12:57.0912 0x1868  TsUsbGD - ok
14:12:57.0935 0x1868  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
14:12:57.0950 0x1868  tsusbhub - ok
14:12:57.0981 0x1868  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:12:58.0017 0x1868  tunnel - ok
14:12:58.0048 0x1868  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:12:58.0061 0x1868  uagp35 - ok
14:12:58.0077 0x1868  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:12:58.0117 0x1868  udfs - ok
14:12:58.0148 0x1868  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:12:58.0163 0x1868  UI0Detect - ok
14:12:58.0184 0x1868  [ B70E26A57F35ECA5199E6D6B9592A67C, 8ECCEEA69A69FBDC4AFEB2EC306FCEE6B569370F599D76F4CFDEAF77A0CD018C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:12:58.0198 0x1868  uliagpkx - ok
14:12:58.0253 0x1868  [ EC09A845824753175151E8FF0B5CE40D, 1D8F3F9E326F5BC58453393DDAFAA8D5BB1E00DA3B09391072F7BE90DC41E6FB ] UltiDev Web Server Pro C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe
14:12:58.0259 0x1868  UltiDev Web Server Pro - detected UnsignedFile.Multi.Generic ( 1 )
14:12:58.0310 0x1868  Detect skipped due to KSN trusted
14:12:58.0310 0x1868  UltiDev Web Server Pro - ok
14:12:58.0332 0x1868  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:12:58.0346 0x1868  umbus - ok
14:12:58.0370 0x1868  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:12:58.0382 0x1868  UmPass - ok
14:12:58.0427 0x1868  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:12:58.0448 0x1868  UmRdpService - ok
14:12:58.0502 0x1868  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:12:58.0552 0x1868  upnphost - ok
14:12:58.0581 0x1868  [ E6DFE1F33B1250A6E26EA6F6CE10B09C, BCA9E05BDBFC8D5B7095DE2F5CCE4C40E2CA5BA8D983039500A8D016723CA763 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:12:58.0598 0x1868  usbccgp - ok
14:12:58.0624 0x1868  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:12:58.0669 0x1868  usbcir - ok
14:12:58.0682 0x1868  [ 234F9E56606CE5D1549DE7D4CCA4DE0C, 6BC996A27AEA91DD82B3E9492889D38E3A5B98404AD0C018DA091E1450998AA7 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:12:58.0696 0x1868  usbehci - ok
14:12:58.0718 0x1868  [ 0A33C9EC6822B24E26687F1EC6346922, 44295855AC7DCD098EA4A2379B9896F347147FCB02E2DCC82F2064FB31D2E7A5 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:12:58.0738 0x1868  usbhub - ok
14:12:58.0766 0x1868  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:12:58.0780 0x1868  usbohci - ok
14:12:58.0794 0x1868  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:12:58.0810 0x1868  usbprint - ok
14:12:58.0848 0x1868  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
14:12:58.0877 0x1868  USBSTOR - ok
14:12:58.0895 0x1868  [ 3C1D50EBDC6F531C0AA905D71956E106, E32EB5DAD87235E40568DB1BD80EAE16C9AF55606BEF5FAB25B0EF503369493E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:12:58.0910 0x1868  usbuhci - ok
14:12:58.0935 0x1868  [ B52B2632CC2E197A48F3E1F6EEEB1059, E3E3369746F4F58640847C43FDF973651DC7115B004A71AE2E6836BECAEBA717 ] UWS HiPriv Services C:\Program Files (x86)\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe
14:12:58.0942 0x1868  UWS HiPriv Services - detected UnsignedFile.Multi.Generic ( 1 )
14:12:59.0002 0x1868  Detect skipped due to KSN trusted
14:12:59.0002 0x1868  UWS HiPriv Services - ok
14:12:59.0026 0x1868  [ E61819F560CCB4F215669CFFF03E3842, EC8CCB880FEEDF2B1E13BFC900C1531919D860E32AC01437C61313CE2BF32622 ] UWS LoPriv Services C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe
14:12:59.0032 0x1868  UWS LoPriv Services - detected UnsignedFile.Multi.Generic ( 1 )
14:12:59.0076 0x1868  Detect skipped due to KSN trusted
14:12:59.0076 0x1868  UWS LoPriv Services - ok
14:12:59.0104 0x1868  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:12:59.0141 0x1868  UxSms - ok
14:12:59.0149 0x1868  [ CFF988217D685AD840C28D2C19B5D8F8, 52CBE0CF0EFCC4E0D0C47D109F11F823CEBDC781E620721740D219369892E80C ] VaultSvc        C:\Windows\system32\lsass.exe
14:12:59.0163 0x1868  VaultSvc - ok
14:12:59.0170 0x1868  [ 7BDCE021786C3DCCFD2C22EBF643EE36, 92842E529EBDE9A9A9408287182BF1ECD8737C1DA39AF20570528CBD37D43228 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:12:59.0183 0x1868  vdrvroot - ok
14:12:59.0211 0x1868  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:12:59.0260 0x1868  vds - ok
14:12:59.0288 0x1868  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:12:59.0304 0x1868  vga - ok
14:12:59.0326 0x1868  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:12:59.0361 0x1868  VgaSave - ok
14:12:59.0366 0x1868  VGPU - ok
14:12:59.0398 0x1868  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:12:59.0415 0x1868  vhdmp - ok
14:12:59.0449 0x1868  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:12:59.0461 0x1868  viaide - ok
14:12:59.0502 0x1868  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:12:59.0518 0x1868  vmbus - ok
14:12:59.0525 0x1868  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:12:59.0537 0x1868  VMBusHID - ok
14:12:59.0569 0x1868  [ 8EDE91FBAC7BF7605323C517C717A253, 8441DBE652E8922B888649FF8F37D5593FD8938E3AFFB69323184DE8E4A5EBDB ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:12:59.0582 0x1868  volmgr - ok
14:12:59.0612 0x1868  [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:12:59.0641 0x1868  volmgrx - ok
14:12:59.0660 0x1868  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:12:59.0678 0x1868  volsnap - ok
14:12:59.0712 0x1868  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:12:59.0730 0x1868  vsmraid - ok
14:12:59.0804 0x1868  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:12:59.0879 0x1868  VSS - ok
14:12:59.0905 0x1868  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:12:59.0920 0x1868  vwifibus - ok
14:12:59.0950 0x1868  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:12:59.0995 0x1868  W32Time - ok
14:13:00.0021 0x1868  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:13:00.0034 0x1868  WacomPen - ok
14:13:00.0084 0x1868  [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:13:00.0098 0x1868  WANARP - ok
14:13:00.0105 0x1868  [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:13:00.0121 0x1868  Wanarpv6 - ok
14:13:00.0175 0x1868  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:13:00.0224 0x1868  wbengine - ok
14:13:00.0248 0x1868  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:13:00.0272 0x1868  WbioSrvc - ok
14:13:00.0297 0x1868  [ 79E3903FD75A22386326B542F17A2563, 3CCCE0BCDE12240BE7E108A8C0A959A33C8462A0DE8510F28FA0107C4A9A1F05 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:13:00.0319 0x1868  wcncsvc - ok
14:13:00.0337 0x1868  [ 35050F01D00E7E72A2449EB6F9ABF8B4, CF45943E14D2418E83CF4DC836D3AFE4ED61186B6B9DA25EF745DC6FBB07FAC5 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:13:00.0352 0x1868  WcsPlugInService - ok
14:13:00.0381 0x1868  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:13:00.0392 0x1868  Wd - ok
14:13:00.0456 0x1868  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:13:00.0487 0x1868  Wdf01000 - ok
14:13:00.0515 0x1868  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:13:00.0530 0x1868  WdiServiceHost - ok
14:13:00.0538 0x1868  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:13:00.0553 0x1868  WdiSystemHost - ok
14:13:00.0582 0x1868  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
14:13:00.0602 0x1868  WebClient - ok
14:13:00.0612 0x1868  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:13:00.0655 0x1868  Wecsvc - ok
14:13:00.0668 0x1868  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:13:00.0705 0x1868  wercplsupport - ok
14:13:00.0727 0x1868  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:13:00.0765 0x1868  WerSvc - ok
14:13:00.0777 0x1868  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:13:00.0812 0x1868  WfpLwf - ok
14:13:00.0835 0x1868  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:13:00.0847 0x1868  WIMMount - ok
14:13:00.0889 0x1868  WinDefend - ok
14:13:00.0897 0x1868  WinHttpAutoProxySvc - ok
14:13:00.0943 0x1868  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:13:00.0989 0x1868  Winmgmt - ok
14:13:01.0072 0x1868  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:13:01.0139 0x1868  WinRM - ok
14:13:01.0214 0x1868  [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:13:01.0248 0x1868  Wlansvc - ok
14:13:01.0280 0x1868  [ 43471A750D4F3918AC92F5131AE252D3, E843AA1555262F521B924BBB1505474757E1BB9540FCCF93BC0BE2059F497C87 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:13:01.0293 0x1868  WmiAcpi - ok
14:13:01.0339 0x1868  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:13:01.0357 0x1868  wmiApSrv - ok
14:13:01.0385 0x1868  WMPNetworkSvc - ok
14:13:01.0406 0x1868  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:13:01.0420 0x1868  WPCSvc - ok
14:13:01.0434 0x1868  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:13:01.0459 0x1868  WPDBusEnum - ok
14:13:01.0475 0x1868  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:13:01.0511 0x1868  ws2ifsl - ok
14:13:01.0522 0x1868  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:13:01.0544 0x1868  wscsvc - ok
14:13:01.0564 0x1868  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:13:01.0578 0x1868  WSDPrintDevice - ok
14:13:01.0597 0x1868  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
14:13:01.0609 0x1868  WSDScan - ok
14:13:01.0614 0x1868  WSearch - ok
14:13:01.0720 0x1868  [ 0A2E5059B5775E7DBBE05B8156ECE0C6, 75584C0E9EACB26585795C24A0DE19709A6842D286B5DD99036880D66DD20CDD ] wuauserv        C:\Windows\system32\wuaueng.dll
14:13:01.0799 0x1868  wuauserv - ok
14:13:01.0828 0x1868  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:13:01.0842 0x1868  WudfPf - ok
14:13:01.0869 0x1868  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:13:01.0885 0x1868  WUDFRd - ok
14:13:01.0913 0x1868  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:13:01.0928 0x1868  wudfsvc - ok
14:13:01.0965 0x1868  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:13:01.0994 0x1868  WwanSvc - ok
14:13:02.0000 0x1868  ================ Scan global ===============================
14:13:02.0025 0x1868  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:13:02.0063 0x1868  [ 2D8B7E28148F0F340574265DBC988BF1, 963646C76EACFC893E4B806EA6030C0C222D5B5C171F5B261E7C7010C3B7B5EC ] C:\Windows\system32\winsrv.dll
14:13:02.0088 0x1868  [ 2D8B7E28148F0F340574265DBC988BF1, 963646C76EACFC893E4B806EA6030C0C222D5B5C171F5B261E7C7010C3B7B5EC ] C:\Windows\system32\winsrv.dll
14:13:02.0119 0x1868  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:13:02.0143 0x1868  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:13:02.0152 0x1868  [ Global ] - ok
14:13:02.0152 0x1868  ================ Scan MBR ==================================
14:13:02.0159 0x1868  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:13:02.0438 0x1868  \Device\Harddisk0\DR0 - ok
14:13:02.0439 0x1868  ================ Scan VBR ==================================
14:13:02.0442 0x1868  [ A1A69E5BAD116A1ECCFF98586FFB9FEA ] \Device\Harddisk0\DR0\Partition1
14:13:02.0444 0x1868  \Device\Harddisk0\DR0\Partition1 - ok
14:13:02.0448 0x1868  [ D8FAEC64F54C85571B13B1BAF41E9665 ] \Device\Harddisk0\DR0\Partition2
14:13:02.0450 0x1868  \Device\Harddisk0\DR0\Partition2 - ok
14:13:02.0451 0x1868  ================ Scan generic autorun ======================
14:13:02.0544 0x1868  [ B1964E8776FD7633F149788F5B2A71CB, E30AC137B9DC2D3456499E0BB3B1955D2E0F7FFDB11E7A290A9DA25C76F4FAF8 ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
14:13:02.0571 0x1868  CDAServer - ok
14:13:02.0608 0x1868  APSDaemon - ok
14:13:02.0646 0x1868  [ 40754D93AEB60577897FADEE6941B2B1, 150D74C7EFE5C06CDE603E1A9C6DBA89FC83B86F2E94BBEA92C3D9CEC9373142 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
14:13:02.0673 0x1868  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
14:13:02.0724 0x1868  Detect skipped due to KSN trusted
14:13:02.0724 0x1868  ControlCenter4 - ok
14:13:02.0788 0x1868  [ 062F3DB9AFA9C3CE0DA52F28595C0C6D, E1709230623C645418AC949D782F2A2B932315DA73AF29D15FA69F47F62F3749 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
14:13:02.0793 0x1868  HP Software Update - detected UnsignedFile.Multi.Generic ( 1 )
14:13:02.0850 0x1868  Detect skipped due to KSN trusted
14:13:02.0850 0x1868  HP Software Update - ok
14:13:02.0882 0x1868  [ 941A08CBDEEDF16B6C986B6BA7C9A5D0, D62C895432DD277DF2E738500649B49A706DC828174B7F58C87C3AB412F4034E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
14:13:02.0888 0x1868  hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
14:13:02.0939 0x1868  Detect skipped due to KSN trusted
14:13:02.0939 0x1868  hpqSRMon - ok
14:13:02.0994 0x1868  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
14:13:03.0005 0x1868  hpsysdrv - ok
14:13:03.0039 0x1868  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
14:13:03.0051 0x1868  VirtualCloneDrive - ok
14:13:03.0143 0x1868  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:13:03.0249 0x1868  Sidebar - ok
14:13:03.0287 0x1868  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:13:03.0310 0x1868  mctadmin - ok
14:13:03.0354 0x1868  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:13:03.0397 0x1868  Sidebar - ok
14:13:03.0406 0x1868  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:13:03.0426 0x1868  mctadmin - ok
14:13:03.0649 0x1868  [ 3B11413FCC01382420AFEB6802CD2F8C, 5A7A157306495DCD113ACA0876CFE5C61CF89743AEA675958FEFFAAAA44F155B ] C:\Users\Thomas Wegefahrt\AppData\Local\Akamai\netsession_win.exe
14:13:03.0812 0x1868  Akamai NetSession Interface - ok
14:13:03.0867 0x1868  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Thomas Wegefahrt\AppData\Local\Dropbox\Update\DropboxUpdate.exe
14:13:03.0884 0x1868  Dropbox Update - ok
14:13:03.0930 0x1868  [ 10035E4C014522FE740172FF0B4FF43E, B09DCF7E147990C723EF044FB064D8793D18131519D292D88B71920C127AEF86 ] C:\Windows\ehome\ehTray.exe
14:13:03.0967 0x1868  ehTray.exe - ok
14:13:04.0004 0x1868  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:13:04.0049 0x1868  Sidebar - ok
14:13:04.0060 0x1868  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:13:04.0079 0x1868  mctadmin - ok
14:13:04.0080 0x1868  Waiting for KSN requests completion. In queue: 107
14:13:05.0114 0x1868  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe ( 15.0.43.20 ), 0x40000 ( disabled : updated )
14:13:05.0118 0x1868  Win FW state via NFP2: enabled ( trusted )
14:13:05.0191 0x1868  ============================================================
14:13:05.0191 0x1868  Scan finished
14:13:05.0191 0x1868  ============================================================
14:13:05.0203 0x0b20  Detected object count: 2
14:13:05.0203 0x0b20  Actual detected object count: 2
14:15:49.0260 0x0b20  Advantage ( UnsignedFile.Multi.Generic ) - skipped by user
14:15:49.0260 0x0b20  Advantage ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:15:49.0262 0x0b20  TopDNS ( UnsignedFile.Multi.Generic ) - skipped by user
14:15:49.0262 0x0b20  TopDNS ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 15.11.2018, 14:35

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

adwCleaner v7.x

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel löschen
- Prefetch-Dateien löschen
- Proxy wiederherstellen
- IE-Policies wiederherstellen
- Chrome-Policies wiederherstellen
- Winsock wiederherstellen
Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
Klicke nun auf Bereinigen & Reparieren und bestätige mit Jetzt bereinigen.

WICHTIG:
Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Jetzt bereinigen.
Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).

the_slater · 15.11.2018, 14:41

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-11-14.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-15-2018
# Duration: 00:00:04
# OS:       Windows 7 Ultimate
# Cleaned:  0
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted   suggestqueries.google.com


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset TCP/IP
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12009 octets] - [14/11/2018 09:58:56]
AdwCleaner[C00].txt - [10276 octets] - [14/11/2018 09:59:36]
AdwCleaner[S01].txt - [1402 octets] - [14/11/2018 10:09:21]
AdwCleaner[C01].txt - [1568 octets] - [14/11/2018 10:12:42]
AdwCleaner[S02].txt - [1524 octets] - [14/11/2018 11:51:02]
AdwCleaner[C02].txt - [1807 octets] - [14/11/2018 11:51:14]
AdwCleaner[S03].txt - [1646 octets] - [15/11/2018 14:37:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

cosinus · 15.11.2018, 14:47

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Symantec <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

the_slater · 15.11.2018, 14:53

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14.11.2018
durchgeführt von Thomas Wegefahrt (15-11-2018 14:49:59) Run:1
Gestartet von C:\Users\Thomas Wegefahrt\Downloads
Geladene Profile: Thomas Wegefahrt & UpdatusUser (Verfügbare Profile: Thomas Wegefahrt & UpdatusUser)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Symantec <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <==== ACHTUNG
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <==== ACHTUNG
GroupPolicy\User: Beschr�nkung ? <==== ACHTUNG
emptytemp:
*****************

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\Symantec Shared <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM Group Policy restriction on software: C:\Program Files\Symantec <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM Group Policy restriction on software: C:\Program Files\Avira <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <==== ACHTUNG => erfolgreich wiederhergestellt
C:\Windows\system32\GroupPolicy\User => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21301324 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 70420841 B
Edge => 0 B
Chrome => 207081195 B
Firefox => 277674571 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 314272 B
LocalService => 132244 B
NetworkService => 920096 B
Thomas Wegefahrt => 159185489 B
UpdatusUser => 66228 B

RecycleBin => 47862512 B
EmptyTemp: => 756.7 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 14:50:21 ====

cosinus · 15.11.2018, 14:58

Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:

1. Schritt: Malwarebytes Version 3

Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

2. Schritt: ESET

Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)

Starte die Installationsdatei.
Akzeptiere die Nutzungsbedingungen.
Wähle Erkennung evtl. unerwünschter Anwendungen aktivieren aus und klicke auf Scannen.
Zuerst werden die notwendigen Signaturen heruntergeladen, anschließend startet ESET automatisch den Suchlauf.
Am Ende des Suchlaufs werden gegebenenfalls die gefundenen Elemente aufgelistet.
Schließe den ESET Online Scanner rechts oben [ X ] und klicke anschließend auf Schließen.
Drücke bitte die Tastenkombination WIN+R zum Ausführen und kopiere folgenden Text in die Zeile und drücke im Anschluss auf OK:
Code:
ATTFilter
```
notepad "%tmp%\log.txt"
         
```
Kopiere den gesamten Text mittels STRG+A und STRG+C hier in deine Antwort in CODE-Tags

3. Schritt: SecurityCheck

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

the_slater · 15.11.2018, 21:02

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 15.11.18
Scan-Zeit: 15:03
Protokolldatei: 38e0bd30-e8df-11e8-bfc2-00248cf89e62.json

-Softwaredaten-
Version: 3.6.1.2711
Komponentenversion: 1.0.482
Version des Aktualisierungspakets: 1.0.7857
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ThomasWegefa-PC\Thomas Wegefahrt

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 291150
Erkannte Bedrohungen: 39
In die Quarantäne verschobene Bedrohungen: 39
Abgelaufene Zeit: 8 Min., 20 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 5
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\YontooIEClient.Api.1, In Quarantäne, [33], [245162],1.0.7857
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\YontooIEClient.Api, In Quarantäne, [33], [245162],1.0.7857
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\YontooIEClient.Layers.1, In Quarantäne, [33], [245162],1.0.7857
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\YontooIEClient.Layers, In Quarantäne, [33], [245162],1.0.7857
PUP.Optional.Babylon, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dhkplhfnhceodhffomolpfigojocbpcb, In Quarantäne, [328], [235653],1.0.7857

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.Babylon, C:\Users\Thomas Wegefahrt\AppData\LocalLow\BabylonToolbar\BabylonToolbar, In Quarantäne, [328], [175554],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\LOCALLOW\BABYLONTOOLBAR, In Quarantäne, [328], [175554],1.0.7857

Datei: 32
PUP.Optional.Babylon, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\SEARCHPLUGINS\BABYLON.XML, In Quarantäne, [328], [235644],1.0.7857
PUP.Optional.Yontoo, C:\USERS\THOMAS WEGEFAHRT\NTUSER.POL, In Quarantäne, [33], [-1],0.0.0
PUM.Optional.FireFoxSecurityOverride, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\USER.JS, Ersetzt, [14252], [303313],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.Babylon, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [328], [301501],1.0.7857
PUP.Optional.SnapDo, C:\USERS\THOMAS WEGEFAHRT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BPRV7LBC.DEFAULT\PREFS.JS, Ersetzt, [171], [301664],1.0.7857
PUP.Optional.Agent, C:\WINDOWS\SYSWOW64\CMDOW.EXE, In Quarantäne, [1444], [147243],1.0.7857

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

15:17:45 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.22.0
# EOSSerial=19fddcd59b68d4499a4a04c4b9aff13b
# end=init
# utc_time=2018-11-15 14:17:45
# local_time=2018-11-15 15:17:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
15:22:21 Updating
15:22:21 Update Init
15:22:23 Update Download
15:23:26 esets_scanner_reload returned 0
15:23:26 g_uiModuleBuild: 39402
15:23:26 Update Finalize
15:23:26 Call m_esets_charon_send
15:23:26 Call m_esets_charon_destroy
15:23:26 Updated modules version: 39402
15:23:39 Call m_esets_charon_setup_create
15:23:39 Call m_esets_charon_create
15:23:39 m_esets_charon_create OK
15:23:39 Call m_esets_charon_start_send_thread
15:23:39 Call m_esets_charon_setup_set
15:23:39 m_esets_charon_setup_set OK
15:23:39 Scanner engine: 39402
20:54:59 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.22.0
# EOSSerial=19fddcd59b68d4499a4a04c4b9aff13b
# engine=39402
# end=finished
# bannerClicked=0
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2018-11-15 19:54:59
# local_time=2018-11-15 20:54:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 130598 293941549 0 0
# scanned=390058
# found=12
# cleaned=0
# scan_time=11828
sh=D2A9B15B05339627FA5F433BC8C9372FEEB5386B ft=1 fh=0000000000000000 vn="Win32/TrojanProxy.Agent.NZL Trojaner" ac=I fn="C:\$WINDOWS.~Q\DATA\Users\Thomas Wegefahrt\AppData\Local\ahnukuo.dll"
sh=FAF627FF5A6BC6D74A376AD982C1BA183FCF0064 ft=1 fh=0000000000000000 vn="Variante von Win32/TrojanProxy.Agent.NYC Trojaner" ac=I fn="C:\$WINDOWS.~Q\DATA\Users\Thomas Wegefahrt\AppData\Local\bjyrger.dll"
sh=C82DE4B723515AFE0E8B4EFD33882BE50633C5ED ft=1 fh=0000000000000000 vn="Win32/PSW.Papras.DR Trojaner" ac=I fn="C:\Dokumente und Einstellungen\All Users\EfnuTsef\EfnuTsef.dat"
sh=9B1855B0B143C763C5F8E894E771B087176B20F7 ft=1 fh=0000000000000000 vn="Variante von Win32/LuluSoftware.B potenziell unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\All Users\PDF Architect 2\Installation\PDFArchitect2Installer.exe"
sh=463EF7075F5CF938F2A04BD4213A9C804A4A872D ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen potenziell unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\prefs.js"
sh=11DAB8257028E1289169FA446E34A1A9ADA3BACB ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen potenziell unerwünschte Anwendung" ac=I fn="C:\Dokumente und Einstellungen\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\user.js"
sh=C82DE4B723515AFE0E8B4EFD33882BE50633C5ED ft=1 fh=0000000000000000 vn="Win32/PSW.Papras.DR Trojaner" ac=I fn="C:\ProgramData\EfnuTsef\EfnuTsef.dat"
sh=9B1855B0B143C763C5F8E894E771B087176B20F7 ft=1 fh=0000000000000000 vn="Variante von Win32/LuluSoftware.B potenziell unerwünschte Anwendung" ac=I fn="C:\ProgramData\PDF Architect 2\Installation\PDFArchitect2Installer.exe"
sh=C82DE4B723515AFE0E8B4EFD33882BE50633C5ED ft=1 fh=0000000000000000 vn="Win32/PSW.Papras.DR Trojaner" ac=I fn="C:\Users\All Users\EfnuTsef\EfnuTsef.dat"
sh=9B1855B0B143C763C5F8E894E771B087176B20F7 ft=1 fh=0000000000000000 vn="Variante von Win32/LuluSoftware.B potenziell unerwünschte Anwendung" ac=I fn="C:\Users\All Users\PDF Architect 2\Installation\PDFArchitect2Installer.exe"
sh=463EF7075F5CF938F2A04BD4213A9C804A4A872D ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen potenziell unerwünschte Anwendung" ac=I fn="C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\prefs.js"
sh=11DAB8257028E1289169FA446E34A1A9ADA3BACB ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen potenziell unerwünschte Anwendung" ac=I fn="C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\user.js"
20:54:59 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Thomas Wegefahrt\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
20:55:00 Call m_esets_charon_send
20:55:00 Call m_esets_charon_destroy

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus   
Malwarebytes      
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 31.0.0.148  
 Mozilla Firefox (60.3.0) 
 Google Chrome (70.0.3538.102) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Avira Antivir avgnt.exe 
 Malwarebytes Anti-Malware mbamtray.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

cosinus · 15.11.2018, 22:15

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\$WINDOWS.~Q\DATA\Users\Thomas Wegefahrt\AppData\Local\ahnukuo.dll
C:\$WINDOWS.~Q\DATA\Users\Thomas Wegefahrt\AppData\Local\bjyrger.dll
C:\ProgramData\EfnuTsef\EfnuTsef.dat
C:\ProgramData\PDF Architect 2
C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\prefs.js
C:\Users\Thomas Wegefahrt\AppData\Roaming\Mozilla\Firefox\Profiles\bprv7lbc.default\user.js
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Gruppenrichtlinie blockt Avira

Log-Analyse und Auswertung: Gruppenrichtlinie blockt Avira