Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Email Account(GMX) verschickt Nachrichten (https://www.trojaner-board.de/178803-email-account-gmx-verschickt-nachrichten.html)

c.yossarian 17.05.2016 12:01
Email Account(GMX) verschickt Nachrichten
 
Hallo!

Ich habe seit einiger Zeit das Problem, dass ich ständig "Mail delivery failed" Nachrichten auf meinen Email-Account bekomme.
Zusätzlich wurde ich von ein paar Leuten kontaktiert, dass ich Ihnen Mails mit irgendwelchen Links schicke, wovon ich nichts wusste. Seit kurzem verschickt man anscheinend sogar Mails unter dem Namen von meinen Kontakten (zB eines Uniprofessors) an andere Menschen, wobei ich die antworten bekomme (im Absender steht dann der Name des Professors und (Mailto: meine Emailadresse).

Ich weiß, dass dieses Thema im Forum oft vorkommt (deswegen bin ich auf euch gestoßen), aber ich konnte in der Suche nichts finden, das mir hilft.

Das ganze wird echt sehr unangenehm, vor allem, weil jetzt auch Emails unter fremden Namen verschickt werden :(

Unten hänge ich noch die Logfiles von FRST und OTL an. Avira Antivir meldet keine Bedrohung. Das Passwort hab ich mittlerweile 2mal geändert, hat nichts geholfen.

Ich hoffe ihr könnt mir da helfen.
Vielen dank schon mal.

Lieben Gruß,
Pako


FRST.txt

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-05-2016
durchgeführt von Pako (Administrator) auf PAKO-HP840 (17-05-2016 12:47:30)
Gestartet von C:\Users\Pako\Desktop
Geladene Profile: Pako (Verfügbare Profile: Pako)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Steppschuh) C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [Remote Control Server] => C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe [5168128 2015-04-08] (Steppschuh)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2863344 2014-10-31] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168920 2014-10-07] (CyberLink Corp.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2089056 2015-04-14] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [430304 2015-11-17] (HP)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1034240 2016-02-18] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\...\MountPoints2: {e236d276-2d3b-11e5-8728-5cb901b2644d} - G:\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{9986CD45-0234-442F-ABDC-AE185A5A32C1}: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{CB9F8693-0D92-4816-9BE6-3CC2480CDCAC}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "backup.ftp", "79.143.176.23"
FF NetworkProxy: "backup.ftp_port", 443
FF NetworkProxy: "backup.socks", "79.143.176.23"
FF NetworkProxy: "backup.socks_port", 443
FF NetworkProxy: "backup.ssl", "79.143.176.23"
FF NetworkProxy: "backup.ssl_port", 443
FF NetworkProxy: "ftp", "91.228..53.28"
FF NetworkProxy: "ftp_port", 8089
FF NetworkProxy: "http", "91.228..53.28"
FF NetworkProxy: "http_port", 8089
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.228..53.28"
FF NetworkProxy: "socks_port", 8089
FF NetworkProxy: "ssl", "91.228..53.28"
FF NetworkProxy: "ssl_port", 8089
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-09-28] (DigitalPersona, Inc.)
FF Extension: Avira Browser Safety - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\abs@avira.com [2016-05-13]
FF Extension: YouTube mp3 - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\info@youtube-mp3.org.xpi [2016-04-29]
FF Extension: Adblock Plus - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: web_clipper - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-04-29]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-03-10] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-09-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 BBDemon; C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [46592 2011-01-08] (Dassault Systemes) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-08-15] () [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-02] (DisplayLink Corp.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-09-28] (DigitalPersona, Inc.)
R2 FLCDLOCK; C:\windows\SysWOW64\flcdlock.exe [573240 2015-04-24] (Hewlett-Packard Company)
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [782048 2015-11-17] (HP)
R2 HpDamServiceHost; C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2015-04-23] (Hewlett-Packard Development Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102560 2015-10-19] (HP)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [149608 2015-06-05] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [76288 2015-09-24] (Synaptics Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-16] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-04-01] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2015-01-13] (Motorola Solutions, Inc.)
R2 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2015-04-23] (Hewlett-Packard Company)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-18] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-06-07] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [255216 2016-03-14] (Intel Corporation)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2015-03-13] (Intel Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2980568 2014-11-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [32496 2014-10-31] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2016-02-18] (Cisco Systems, Inc.)
S3 btmlehid; \SystemRoot\system32\drivers\btmlehid.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-17 12:47 - 2016-05-17 12:47 - 02382336 _____ (Farbar) C:\Users\Pako\Desktop\FRST64.exe
2016-05-17 12:47 - 2016-05-17 12:47 - 00024819 _____ C:\Users\Pako\Desktop\FRST.txt
2016-05-17 12:47 - 2016-05-17 12:47 - 00000000 ____D C:\FRST
2016-05-17 12:40 - 2016-05-17 12:40 - 00602112 _____ (OldTimer Tools) C:\Users\Pako\Desktop\OTL.exe
2016-05-17 12:22 - 2016-05-17 12:23 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-05-16 23:16 - 2016-05-16 23:16 - 00001805 _____ C:\Users\Public\Desktop\Vuze.lnk
2016-05-14 23:56 - 2016-05-14 23:56 - 00001002 _____ C:\Users\Pako\Desktop\Eclipse.lnk
2016-05-13 16:15 - 2016-05-13 16:15 - 00000000 ____D C:\Users\Pako\.tooling
2016-05-13 16:09 - 2016-05-13 16:09 - 00002464 _____ C:\Users\Pako\Desktop\CATIA V5R21.lnk
2016-05-13 16:08 - 2016-05-14 23:56 - 00000000 ____D C:\Users\Pako\AppData\Local\Eclipse
2016-05-13 16:07 - 2016-05-13 16:14 - 00000000 ____D C:\Users\Pako\.eclipse
2016-05-13 16:05 - 2016-02-18 04:38 - 00000000 ____D C:\Program Files (x86)\eclipse
2016-05-13 16:02 - 2016-05-13 16:02 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Sun
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Sun
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\.oracle_jre_usage
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-13 16:01 - 2016-05-13 16:03 - 00000000 ____D C:\ProgramData\Oracle
2016-05-13 16:00 - 2016-05-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-13 16:00 - 2016-05-13 16:01 - 00000000 ____D C:\Program Files\Java
2016-05-13 15:59 - 2016-05-13 15:59 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Oracle
2016-05-13 15:40 - 2016-05-13 15:40 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-11 15:31 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-11 15:31 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-11 15:31 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-11 15:31 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-11 15:31 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-11 15:31 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-05-11 15:31 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-05-11 15:31 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-05-11 15:31 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-05-11 15:31 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-05-11 15:31 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-05-11 15:31 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-05-11 15:31 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-05-11 15:31 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-11 15:31 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-05-11 15:31 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-05-11 15:31 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-11 15:31 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-11 15:31 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-11 15:31 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-05-11 15:31 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-05-11 15:31 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-05-11 15:31 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-05-11 15:31 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 15:31 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-05-11 15:31 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-05-11 15:31 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-05-11 15:30 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-11 15:30 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-10 09:41 - 2016-05-10 09:41 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 09:40 - 2016-05-10 09:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-10 09:40 - 2016-05-10 09:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-10 09:40 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-05-10 09:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-05-10 09:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-05-10 09:34 - 2016-05-10 09:36 - 00000000 ____D C:\AdwCleaner
2016-05-09 21:16 - 2016-05-09 21:16 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-05-09 21:16 - 2016-05-09 21:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-05-09 17:14 - 2016-05-10 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-02 14:17 - 2016-05-03 11:57 - 00000000 ____D C:\Users\Pako\Desktop\Numerische Methoden
2016-05-02 14:07 - 2016-05-03 11:57 - 00000000 ____D C:\Users\Pako\AppData\Roaming\jupyter
2016-05-02 14:07 - 2016-05-02 14:07 - 00000000 ____D C:\Users\Pako\.jupyter
2016-05-02 14:04 - 2016-05-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)
2016-05-01 23:34 - 2016-05-17 12:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-18 13:54 - 2016-04-18 13:54 - 00000000 ____D C:\Users\Pako\.cisco
2016-04-18 13:53 - 2016-04-18 13:53 - 00000000 ____D C:\Users\Pako\AppData\Local\Cisco
2016-04-18 13:53 - 2016-04-18 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2016-04-18 13:53 - 2016-04-18 13:53 - 00000000 ____D C:\ProgramData\Cisco
2016-04-18 11:30 - 2016-04-18 11:30 - 00000000 ____D C:\Users\Pako\AppData\Roaming\xm1
2016-04-18 11:24 - 2016-04-18 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2016-04-18 11:23 - 2016-04-18 11:23 - 00000000 ____D C:\Users\Pako\AppData\Roaming\MiKTeX
2016-04-18 11:23 - 2016-04-18 11:23 - 00000000 ____D C:\Users\Pako\AppData\Local\MiKTeX
2016-04-18 11:23 - 2016-04-18 11:23 - 00000000 ____D C:\ProgramData\MiKTeX
2016-04-18 11:19 - 2016-04-18 11:21 - 00000000 ____D C:\Program Files (x86)\MiKTeX 2.9
2016-04-18 11:16 - 2016-04-18 11:16 - 00000998 _____ C:\Users\Pako\Desktop\Texmaker.lnk
2016-04-18 11:16 - 2016-04-18 11:16 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2016-04-18 11:16 - 2016-04-18 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2016-04-18 11:16 - 2016-04-18 11:16 - 00000000 ____D C:\Program Files (x86)\Texmaker

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-17 12:24 - 2015-04-08 19:47 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-17 11:01 - 2009-07-14 06:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-17 11:01 - 2009-07-14 06:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-17 10:52 - 2015-03-27 00:43 - 00715172 _____ C:\windows\system32\perfh007.dat
2016-05-17 10:52 - 2015-03-27 00:43 - 00154722 _____ C:\windows\system32\perfc007.dat
2016-05-17 10:52 - 2009-07-14 07:13 - 01651686 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-17 10:52 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-17 10:50 - 2015-05-26 19:16 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Temp
2016-05-17 10:46 - 2015-04-08 15:02 - 00000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-17 10:46 - 2015-04-08 15:02 - 00000000 __SHD C:\Users\Pako\IntelGraphicsProfiles
2016-05-17 10:46 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-17 01:01 - 2015-04-15 13:26 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Azureus
2016-05-17 01:00 - 2015-04-08 15:25 - 00000000 ____D C:\Users\Pako\AppData\Roaming\vlc
2016-05-17 00:18 - 2015-04-08 15:02 - 00003934 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{593D9C55-FF5A-4232-BB72-86BBBE12F8A1}
2016-05-16 23:16 - 2015-04-15 13:26 - 00001805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2016-05-16 23:16 - 2015-04-15 13:26 - 00000000 ____D C:\Program Files\Vuze
2016-05-16 11:41 - 2016-01-07 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-16 11:27 - 2016-01-07 09:52 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-16 11:27 - 2016-01-07 09:52 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-15 11:08 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-05-15 00:19 - 2009-07-14 06:45 - 00285808 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-15 00:18 - 2015-04-09 20:22 - 00000000 ____D C:\windows\system32\appraiser
2016-05-15 00:18 - 2015-03-27 00:29 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 00:15 - 2015-04-09 20:08 - 00000000 ____D C:\windows\system32\MRT
2016-05-15 00:09 - 2015-04-09 20:08 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-14 18:14 - 2015-04-08 19:43 - 00003176 _____ C:\windows\System32\Tasks\HPCeeScheduleForPako
2016-05-14 18:14 - 2015-04-08 19:43 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForPako.job
2016-05-13 16:15 - 2015-04-08 15:02 - 00000000 ____D C:\Users\Pako
2016-05-13 16:08 - 2015-04-09 21:11 - 00000000 ____D C:\Uni
2016-05-13 15:40 - 2015-04-08 22:10 - 00000000 ____D C:\Users\Pako\AppData\Local\Downloaded Installations
2016-05-13 15:24 - 2015-04-08 19:47 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:24 - 2015-04-08 19:47 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:24 - 2015-04-08 19:47 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 10:54 - 2013-12-03 21:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-12 18:27 - 2015-04-11 17:01 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 18:26 - 2015-04-11 17:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 09:55 - 2015-04-09 09:53 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-10 09:55 - 2015-04-09 09:53 - 00000000 ___SD C:\windows\system32\GWX
2016-05-10 09:55 - 2015-04-08 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-09 21:21 - 2015-05-05 08:10 - 00000000 ____D C:\t00ls
2016-05-03 11:55 - 2015-04-26 18:20 - 00000000 ____D C:\Users\Pako\.matplotlib
2016-05-02 14:05 - 2015-04-08 16:39 - 00000000 ____D C:\Program Files\Anaconda
2016-05-02 14:04 - 2015-04-08 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)
2016-05-02 13:28 - 2015-04-26 18:20 - 00000000 ____D C:\Users\Pako\.spyder2
2016-04-29 14:42 - 2016-03-10 10:54 - 00000000 ____D C:\SWSetup
2016-04-29 14:21 - 2015-04-08 18:28 - 00000000 ____D C:\Users\Pako\AppData\Local\ElevatedDiagnostics
2016-04-27 18:31 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-18 13:53 - 2015-05-17 12:23 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-04-18 11:11 - 2015-05-20 20:35 - 00000000 ____D C:\Users\Pako\Documents\Youcam

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-27 00:55 - 2015-03-27 00:56 - 8952034 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-03-27 01:06 - 2016-03-14 22:36 - 1992428 _____ () C:\ProgramData\hpdam_install_log.txt
2015-03-27 01:03 - 2015-03-27 01:03 - 0543880 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2016-03-10 18:19 - 2016-03-10 18:21 - 1609326 _____ () C:\ProgramData\SynFPRmsiLogs.log

Einige Dateien in TEMP:
====================
C:\Users\Pako\AppData\Local\Temp\avgnt.exe
C:\Users\Pako\AppData\Local\Temp\Extract.exe
C:\Users\Pako\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pako\AppData\Local\Temp\libeay32.dll
C:\Users\Pako\AppData\Local\Temp\msvcr120.dll
C:\Users\Pako\AppData\Local\Temp\sqlite3.dll


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-09 21:06

==================== Ende von FRST.txt ============================

c.yossarian 17.05.2016 12:02
Addition.txt

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-05-2016
durchgeführt von Pako (2016-05-17 12:47:59)
Gestartet von C:\Users\Pako\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-04-08 13:02:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1335190260-3303876769-2765954222-500 - Administrator - Disabled)
Gast (S-1-5-21-1335190260-3303876769-2765954222-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1335190260-3303876769-2765954222-1003 - Limited - Enabled)
Pako (S-1-5-21-1335190260-3303876769-2765954222-1002 - Administrator - Enabled) => C:\Users\Pako

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Age of Empires 3 complete version 1.14 (HKLM-x32\...\{D5D9F4B5-7CCE-458D-9ECA-FE9EFD7D607C}_is1) (Version: 1.14 - vol1)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.42.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.42.0 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J825DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.02075 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.2.02075 - Cisco Systems, Inc.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.5806 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dassault Systemes Doc English CATIA P3 B21 (HKLM-x32\...\Dassault Systemes Doc English B21) (Version:  - )
Dassault Systemes Software B21 (HKLM\...\Dassault Systemes B21_0) (Version:  - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC11 Prerequisites x86-x64 (HKLM\...\{C857169D-3F1A-4530-99A0-CAE966CE267E}) (Version: 11.0.1 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
DisplayLink Core Software (HKLM\...\{73CF7443-C49F-4A11-BD78-F6D691CDDB72}) (Version: 7.6.55673.0 - DisplayLink Corp.)
EaseUS Partition Master 10.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.5 (HKLM-x32\...\{5EDC25EC-D966-11E4-9E5C-00163E98E7D6}) (Version: 5.8.5.7193 - Evernote Corp.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{36FCBBEE-7BCE-4603-A4F5-56E73C43C820}) (Version: 4.0.11.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{FADF6CC4-5AF3-4630-AEDB-41F14BC09FCF}) (Version: 4.0.15.1 - HP Inc.)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.17.2042 - HP Inc.)
HP Connection Manager (HKLM-x32\...\{F0809EF3-DE1B-4A3C-9825-D4ABD1BA06BC}) (Version: 4.8.10.1 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{1BE682E2-5AF3-485A-83D0-47CC0C1FFFDE}) (Version: 8.3.7.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{BC60F8B0-4365-48A3-B463-0CDDA249B07F}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{48D74C03-3D33-4A7E-9D93-A59FE58C1DEA}) (Version: 2.6.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.27.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{384737A1-509C-46EA-A1EC-C1B6DD3BDC2D}) (Version: 6.2.17.1 - HP)
HP PageLift (HKLM-x32\...\{28074A47-851D-4599-A270-87609F58EB57}) (Version: 1.0.15.1 - Hewlett-Packard Company)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.37 - HP)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{757cc2cc-5fed-43e4-b813-2bda78353297}) (Version: 4.2.4.0 - HP)
HP Software Setup (HKLM-x32\...\{F6D61EC9-347B-4019-9F8E-E24169F7C330}) (Version: 8.7.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{B5BEF5F8-BD76-4174-A47D-05A06EA62615}) (Version: 2.7.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{49FE8EBA-CC77-484E-A4DB-DF4EFC0E5147}) (Version: 8.3.0.8 - Hewlett-Packard Company)
HP USB Port Replicator (HKLM\...\{4BCC570D-F175-4B50-A06A-FE3506A94796}) (Version: 7.6.55872.0 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1519.1030) (HKLM\...\{302600C1-6BDF-4FD1-1504-148929CC1385}) (Version: 17.1.1504.0518 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB Production Server R2015a (HKLM\...\MATLAB Production Server R2015a) (Version: 2.1 - MathWorks)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Python 2.7.9 (Anaconda 2.2.0 64-bit) (HKLM\...\Python 2.7.9 (Anaconda 2.2.0 64-bit)) (Version: 2.2.0 - Continuum Analytics, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7383 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11072 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
revoSleep (HKLM-x32\...\{B76E8F60-D517-44B1-BFCD-B6C153A60F1B}) (Version: 2.4.0 - Revo)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.37.3 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}) (Version: 4.5.321.0 - Synaptics)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.2.0 - Azureus Software, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0E846346-8E27-43C5-9BA3-4CD87E0D9564} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-13] (Hewlett-Packard Company)
Task: {1DAECF30-3828-48D2-B84E-B836842E138D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {45D59522-84E4-4292-8C85-3DFF77E8F3DB} - System32\Tasks\HPCeeScheduleForPako => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {5CC7D514-7270-4DBB-8D9B-77B40B992FEB} - System32\Tasks\{D1A6AE07-7B25-46D9-948B-EE7254EA23C1} => pcalua.exe -a "C:\Spiele\Age of Empires II\AoFE_Launcher.exe" -d "C:\Spiele\Age of Empires II"
Task: {5D243527-641A-4CC1-942F-10A90BEA2E85} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {ADB08556-EF60-40F8-A7FE-9D72487E81B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {C95AF739-4354-461A-A75C-6007A9D6ADF2} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForPako.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-05-28 10:14 - 2014-05-28 10:14 - 00336056 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2015-07-01 09:45 - 2015-07-01 09:45 - 00022528 _____ () C:\windows\System32\us005lm.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-15 19:51 - 2014-08-15 19:51 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2015-04-13 21:00 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2014-10-28 12:49 - 2015-09-15 23:56 - 00405416 _____ () C:\windows\system32\igfxTray.exe
2016-02-18 06:24 - 2016-02-18 06:24 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-04-13 21:00 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2010-06-14 18:41 - 2010-06-14 18:41 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-10-10 18:37 - 2014-10-10 18:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{26194502-22AA-4709-AC14-A1B377061E1D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{55897B62-922E-406A-91E2-39189ADB539E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{050A4F1D-B28D-4172-8615-BF74A549145D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3F3F8700-CA53-4945-BE7F-646E02D92B41}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3DB1C88B-C304-48E1-B26B-9BDC222152A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D687D8D-42C9-4AD6-904C-B45D47242D9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F73A59E-EC31-4785-AB6F-0453471E36A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C487E073-6A9B-41DF-992C-2A23FA95F839}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{ED5D9F8C-31DE-4CB8-9585-C2063ACB031A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [TCP Query User{A1113639-9AF8-417C-BB27-F77C7421A42D}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [UDP Query User{E8B4C2F2-BB9E-41EA-BDAE-D2C030786AF5}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [TCP Query User{4D0E1D55-7C01-4283-B011-6CA49CACC9E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{5F9A2BC6-5606-4B97-9FD4-24C5EADF8B9B}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [TCP Query User{CF04BF2B-CD8C-4189-9A40-577D8B1319E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{ABC23708-F948-4FEE-A3C1-39784C87F35A}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [{572C5DA1-80D5-4B17-A8B5-58572A31D368}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{99B0FD3C-B481-453B-894B-5C627B2F0B44}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{1A6D2200-9E00-4DF7-B29C-F9091B3E214A}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{16DF6E00-323C-4DC5-91F0-6692BD767132}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{4397C81B-F804-4B28-9B23-B75102BC9B86}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{E892C429-305C-4577-8793-3137479C3157}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{184FF14E-9FD3-4C8F-AC9A-B59D5B6C08AD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{E61669F1-4AA2-48A8-B3F4-ED576879069E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95992D6D-80DA-4A9F-88E5-A8259F897348}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{C84856A1-F94C-40D1-A72E-38FF6900BB6E}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{0370DA74-30C3-4EA4-8629-287BB4673275}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{8785BFCD-8433-40BC-9E08-D0A714C49885}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CC249AD1-4854-4335-B71E-71A9581D4274}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{A780842E-9BB9-4871-9D09-CC8AADBC6FE7}C:\spiele\age of empires 3\age3y.exe] => (Allow) C:\spiele\age of empires 3\age3y.exe
FirewallRules: [UDP Query User{548D2FED-8586-48AA-8647-400A3E7B90DB}C:\spiele\age of empires 3\age3y.exe] => (Allow) C:\spiele\age of empires 3\age3y.exe
FirewallRules: [TCP Query User{152B4FAE-FE6D-42F5-BA02-C48BB9E7FAAF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{F3FA0139-CCF0-4F70-BEAE-0A1F96DA92CF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{C1D615EE-F9E7-4702-BDAC-14B5BDCB6C72}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{CAD7267F-42E9-4F6D-8FD8-CD21615B0985}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{F1E3FFB8-28B1-4F30-B4AD-2B61856564F2}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe
FirewallRules: [UDP Query User{F2FDC59F-1437-4776-A83C-1AD023B0E507}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe
FirewallRules: [TCP Query User{6B5B1209-03B1-4EC9-ADF3-0EC08152AAB7}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{8874D6A7-833D-4EF5-B6CF-C03844658CDD}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{A595BFB1-C585-4DEB-A042-8E7FC8ACA1F5}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{A17134BB-9852-4C67-857D-341AD61D86E2}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{417C69D2-0311-45C0-A803-2C375E5B50BB}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{6FCF8D7B-FCAF-41A4-97FC-0C498602B023}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe
FirewallRules: [{4A68009D-174F-496A-BCD2-EE9DC14143B3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{55164A65-1AF2-4A22-90FF-B75D9E9A9E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F61977B-6F2B-453F-8FCE-5160379EDCD3}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{0F0AA636-B729-4C97-8F5A-E0AB89A86E6D}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{AF4F8F09-0835-44FC-B384-7A9B901CF0DF}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{0E4803D4-C350-419F-A898-DF5F70176E8F}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{42A8C856-7C7E-42B1-A2C3-3F533179FDFF}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{4D6D5AA5-7F2B-48EA-A5DE-4142279187CA}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{E903F21E-808A-470D-B373-DD0613AE9EA7}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{D89E13A1-8DFC-4356-ACD2-D00D7CF40CBF}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{0A5C10DF-E118-4F05-A778-53DAF5FACA79}C:\program files (x86)\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [UDP Query User{6E10132D-5776-445F-A829-A42AAA56656B}C:\program files (x86)\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [{E0970823-DBAF-4A16-86D9-34367AF59301}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{87B1E4F0-93AE-48B9-8053-1639CA935F91}] => (Allow) C:\Program Files\Vuze\Azureus.exe

==================== Wiederherstellungspunkte =========================

13-05-2016 16:00:31 Installed Java SE Development Kit 8 Update 92 (64-bit)
14-05-2016 19:07:16 Windows Update
15-05-2016 00:08:30 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/17/2016 10:47:04 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/17/2016 10:47:03 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/17/2016 10:47:02 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/17/2016 10:47:02 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/17/2016 10:46:57 AM) (Source: flcdlock) (EventID: 1069) (User: )
Description: Profilvorgang für aktuelle SID mit unbekanntem Ausnahmefehler fehlgeschlagen.

Error: (05/17/2016 10:46:52 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/17/2016 10:46:52 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/17/2016 10:46:41 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/17/2016 10:46:40 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/17/2016 10:46:38 AM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **


Systemfehler:
=============
Error: (05/17/2016 10:46:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (05/17/2016 10:46:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/17/2016 10:46:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/16/2016 11:13:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (05/16/2016 11:13:07 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/16/2016 11:13:07 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/16/2016 11:41:36 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Mail Protection" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.

Error: (05/16/2016 11:41:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (05/16/2016 11:41:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (05/16/2016 11:41:14 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8067.11 MB
Verfügbarer physikalischer RAM: 4819.56 MB
Summe virtueller Speicher: 12113.29 MB
Verfügbarer virtueller Speicher: 8330.41 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:94.73 GB) (Free:14.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Daten) (Fixed) (Total:298.09 GB) (Free:66.34 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.93 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9CC5D5D8)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D15CF63D)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=94.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)

==================== Ende von Addition.txt ============================
OTL.txt
Code:
OTL logfile created on: 17.05.2016 12:48:59 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Pako\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17609)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 4,70 Gb Available Physical Memory | 59,64% Memory free
11,83 Gb Paging File | 8,13 Gb Available in Paging File | 68,70% Paging File free
Paging file location(s): c:\pagefile.sys 4048 4048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94,73 Gb Total Space | 14,30 Gb Free Space | 15,10% Space Free | Partition Type: NTFS
Drive D: | 14,05 Gb Total Space | 1,55 Gb Free Space | 11,04% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 66,34 Gb Free Space | 22,26% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 1,93 Gb Free Space | 97,08% Space Free | Partition Type: FAT32
 
Computer Name: PAKO-HP840 | User Name: Pako | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2016.05.17 12:40:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pako\Desktop\OTL.exe
PRC - [2016.05.16 11:27:40 | 000,467,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe
PRC - [2016.05.16 11:27:22 | 000,814,608 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
PRC - [2016.05.16 11:27:22 | 000,467,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe
PRC - [2016.05.09 17:14:17 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016.05.01 23:34:26 | 000,491,464 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2016.04.25 10:45:08 | 000,147,656 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
PRC - [2016.04.25 10:41:46 | 000,280,008 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
PRC - [2016.04.22 08:56:22 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.02.18 06:24:11 | 001,034,240 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2016.02.18 06:23:49 | 000,617,984 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2015.10.08 18:12:32 | 001,527,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2015.04.24 12:30:38 | 000,573,240 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysWOW64\flcdlock.exe
PRC - [2015.04.23 12:26:10 | 000,018,232 | R--- | M] (Hewlett-Packard Development Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
PRC - [2015.04.14 09:14:38 | 002,089,056 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
PRC - [2015.03.31 13:52:44 | 001,714,216 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2015.01.27 10:32:46 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2015.01.27 10:32:06 | 001,198,456 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2014.10.10 18:37:18 | 000,409,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2014.10.10 18:37:16 | 000,158,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2014.08.25 21:50:12 | 000,293,872 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2014.08.15 19:51:14 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
PRC - [2014.06.26 23:50:26 | 001,842,904 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2014.06.26 23:49:58 | 002,312,408 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
PRC - [2014.06.25 18:31:08 | 000,320,360 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2014.06.25 18:31:08 | 000,016,232 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.08.28 12:00:32 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2012.08.28 11:55:16 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2016.05.15 10:47:25 | 001,102,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\8e120675c80a179c177d6d9b5345e792\System.ServiceModel.Web.ni.dll
MOD - [2016.05.15 10:47:23 | 000,430,592 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv30e99c02#\fc811832eb4d1a081148bcb0128416f5\System.ServiceModel.Channels.ni.dll
MOD - [2016.05.15 10:47:20 | 019,426,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a459f8b69edabf287d593a2a08c5c8d6\System.ServiceModel.ni.dll
MOD - [2016.05.15 10:47:05 | 002,937,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\c56cbffc8423ff484bf3f80aae1d5c24\System.IdentityModel.ni.dll
MOD - [2016.05.15 10:46:59 | 002,532,352 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\d03ab7cb81236f14485affc6881a3e8d\System.Data.Linq.ni.dll
MOD - [2016.05.15 10:46:42 | 001,065,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\db5dd84fd58ce117b2f7af7c6ce85e41\System.ComponentModel.Composition.ni.dll
MOD - [2016.05.15 10:46:31 | 000,016,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\f96faf473ed69af52095444a4e9d581e\PresentationFramework-SystemXml.ni.dll
MOD - [2016.05.15 10:46:31 | 000,012,288 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\c8a2ecfd900c0b634dadb6ed3411cc97\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2016.05.15 10:46:30 | 000,014,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\1a302d971b5ea6e685d0ec50e80fb7e6\PresentationFramework-SystemData.ni.dll
MOD - [2016.05.15 10:46:08 | 000,390,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\71a060bc38158376f5e6dda8d62b6c7c\System.Xml.Linq.ni.dll
MOD - [2016.05.15 10:45:54 | 000,786,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\e2ab3c1c7be8727fb1f36945861e780b\System.ServiceModel.Internals.ni.dll
MOD - [2016.05.15 10:45:54 | 000,117,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\32b270a7b4daf4731cf1c36ecd660297\SMDiagnostics.ni.dll
MOD - [2016.05.15 10:45:53 | 002,772,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ffbd00c458124054f2049e9a25a7cca8\System.Runtime.Serialization.ni.dll
MOD - [2016.05.15 00:17:30 | 019,077,632 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\850b1b2f3ba808cabfaa84b4703213cb\PresentationFramework.ni.dll
MOD - [2016.05.15 00:17:21 | 011,560,960 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\86d8696483cc81f030d41061c629fa41\PresentationCore.ni.dll
MOD - [2016.05.15 00:17:16 | 007,842,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\4b7c82e4ce15b62277200886545e0728\System.Data.ni.dll
MOD - [2016.05.15 00:17:14 | 012,945,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7b437291b260f008653ebc86553ab462\System.Windows.Forms.ni.dll
MOD - [2016.05.15 00:17:14 | 003,975,168 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\778c4647568c87adb6930daa13e24b88\WindowsBase.ni.dll
MOD - [2016.05.15 00:17:14 | 000,974,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\6b3bc806e6d6a2c73c6d9f1429395698\System.Configuration.ni.dll
MOD - [2016.05.15 00:17:11 | 007,518,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\a57805cc2d492d82e327b83ab24fad62\System.Core.ni.dll
MOD - [2016.05.15 00:17:08 | 001,876,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\347ba862763b7e7c80bdef8764ae72dc\System.Xaml.ni.dll
MOD - [2016.05.15 00:17:07 | 000,521,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7ab1680c39bc1c41f147f78cbe0db0f2\PresentationFramework.Aero.ni.dll
MOD - [2016.05.15 00:09:09 | 007,378,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\36599a72e79974ff4c004c43df9fce2b\System.Xml.ni.dll
MOD - [2016.05.15 00:09:07 | 000,706,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dc2eb8260dcff0680cb9c540180ca0fe\System.Transactions.ni.dll
MOD - [2016.05.15 00:09:05 | 001,623,552 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\48453ce4573683172752f7fdc00f8820\System.Drawing.ni.dll
MOD - [2016.05.15 00:09:05 | 000,218,624 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\779476f7b8e5cf194303e03c06653cc1\System.ServiceProcess.ni.dll
MOD - [2016.05.15 00:09:03 | 009,983,488 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\d03eb8a47500f40d5428f9c6875f8e56\System.ni.dll
MOD - [2016.04.30 14:51:50 | 000,271,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\f8271755b1dde51c6fd403c7f03c89aa\System.Numerics.ni.dll
MOD - [2016.04.29 16:13:48 | 018,111,488 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\affcb83bba04f782c2586a1788330891\mscorlib.ni.dll
MOD - [2016.02.18 06:24:55 | 000,070,144 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2009.02.27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2016.01.29 20:34:20 | 000,374,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2016.01.29 20:34:20 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2015.09.28 13:00:34 | 000,502,232 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2015.09.24 08:03:38 | 000,076,288 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Windows\SysNative\valWBFPolicyService.exe -- (valWBFPolicyService)
SRV:64bit: - [2015.09.15 23:55:28 | 000,359,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:64bit: - [2015.07.23 02:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.06.18 14:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV:64bit: - [2015.01.27 18:12:22 | 000,044,680 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2014.11.19 13:48:16 | 003,820,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2014.11.19 13:48:06 | 000,268,192 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2014.11.19 13:48:02 | 000,638,368 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2014.11.19 13:47:50 | 000,157,088 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2014.10.15 12:31:40 | 000,394,184 | ---- | M] (Intel) [Auto | Running] -- C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe -- (IntelUSBoverIP)
SRV:64bit: - [2014.09.04 14:31:46 | 000,292,568 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2014.06.25 18:31:08 | 000,016,232 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2014.06.02 00:06:45 | 010,571,056 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2014.05.13 23:31:14 | 000,887,256 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2013.12.04 02:17:29 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2013.09.12 13:41:02 | 003,221,392 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2011.01.08 04:50:22 | 000,046,592 | ---- | M] (Dassault Systemes) [Auto | Running] -- C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe -- (BBDemon)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016.05.16 11:27:40 | 000,467,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\sched.exe -- (AntiVirSchedulerService)
SRV - [2016.05.16 11:27:27 | 001,435,704 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe -- (AntiVirWebService)
SRV - [2016.05.16 11:27:23 | 000,970,656 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe -- (AntiVirMailService)
SRV - [2016.05.16 11:27:22 | 000,467,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe -- (AntiVirService)
SRV - [2016.05.13 15:24:16 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016.05.09 17:14:16 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016.04.28 14:30:26 | 000,081,408 | ---- | M] (Chip Digital GmbH) [Auto | Running] -- C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe -- (chip1click)
SRV - [2016.04.25 10:41:46 | 000,280,008 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost)
SRV - [2016.04.22 08:56:22 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016.02.18 06:23:49 | 000,617,984 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2015.11.17 00:06:20 | 000,782,048 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe -- (HP Hotkey Service)
SRV - [2015.11.05 21:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015.10.08 18:12:32 | 001,527,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2015.09.15 23:48:52 | 000,291,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2015.07.09 13:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015.06.05 16:18:24 | 000,149,608 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe -- (iBtSiva)
SRV - [2015.05.19 17:22:06 | 000,099,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2015.04.24 12:30:38 | 000,573,240 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2015.04.23 12:26:10 | 000,018,232 | R--- | M] (Hewlett-Packard Development Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe -- (HpDamServiceHost)
SRV - [2015.03.31 13:52:44 | 001,714,216 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2015.01.27 10:32:46 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2015.01.27 10:32:06 | 001,198,456 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2014.10.10 18:37:18 | 000,409,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014.10.10 18:37:16 | 000,158,496 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2014.08.15 19:51:14 | 000,007,168 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe -- (CtAgentService)
SRV - [2014.06.26 23:50:26 | 001,842,904 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.12 13:28:00 | 002,741,648 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2012.04.24 23:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2016.05.16 11:27:43 | 000,141,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2016.05.16 11:27:43 | 000,079,696 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avnetflt.sys -- (avnetflt)
DRV:64bit: - [2016.03.14 22:36:22 | 000,255,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:64bit: - [2016.03.10 11:07:56 | 000,154,816 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2016.02.18 05:54:45 | 000,052,592 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64-6.sys -- (vpnva)
DRV:64bit: - [2016.02.18 05:53:59 | 000,209,568 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2016.02.05 21:03:08 | 000,147,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2015.12.03 16:24:37 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2015.11.13 09:50:26 | 000,133,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2015.09.15 23:54:32 | 006,398,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2015.08.08 23:41:56 | 000,474,360 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2015.07.18 21:28:05 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015.04.23 11:54:00 | 000,065,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2015.04.01 15:24:10 | 000,141,800 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2015.03.24 17:44:10 | 000,378,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d62x64.sys -- (e1dexpress)
DRV:64bit: - [2015.03.13 00:55:44 | 003,437,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw02.sys -- (NETwNs64)
DRV:64bit: - [2015.01.27 18:10:52 | 000,031,880 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2015.01.27 18:09:00 | 000,044,680 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2015.01.13 13:09:10 | 001,448,248 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2014.11.27 18:34:48 | 002,980,568 | ---- | M] (Realtek Semiconductor Corp.) [Fixed] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVC.sys -- (rtsuvc)
DRV:64bit: - [2014.11.18 14:39:06 | 000,018,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2014.11.18 14:39:06 | 000,010,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2014.11.05 10:37:44 | 000,087,864 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2014.11.04 11:47:38 | 000,038,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014.11.04 11:47:38 | 000,027,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2014.10.31 03:20:02 | 000,580,336 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2014.10.31 03:19:58 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014.10.31 03:19:58 | 000,032,496 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2014.10.15 12:28:04 | 000,213,296 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2014.10.10 19:37:16 | 000,129,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014.08.25 21:49:22 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2014.08.25 21:49:14 | 000,795,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2014.08.25 21:49:14 | 000,383,984 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2014.08.15 22:35:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014.06.07 04:20:34 | 000,670,056 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2014.06.07 04:20:32 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2014.03.27 21:06:40 | 000,331,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2014.03.27 21:01:44 | 000,272,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2014.03.22 01:34:38 | 000,476,888 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:64bit: - [2013.12.04 02:20:51 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.12.04 02:20:51 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.12.04 02:09:27 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.10.03 16:14:56 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.09.06 07:32:34 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:64bit: - [2012.09.06 07:32:26 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.01.02 12:11:50 | 000,024,848 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\LUMDriver.sys -- (LUMDriver)
DRV - [2014.11.18 14:39:08 | 000,014,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2014.11.18 14:39:08 | 000,010,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=CMNTDFJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=CMNTDFJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "AT"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing,DuckDuckGo"
FF - prefs.js..browser.search.region: "AT"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..network.proxy.backup.ftp: "79.143.176.23"
FF - prefs.js..network.proxy.backup.ftp_port: 443
FF - prefs.js..network.proxy.backup.socks: "79.143.176.23"
FF - prefs.js..network.proxy.backup.socks_port: 443
FF - prefs.js..network.proxy.backup.ssl: "79.143.176.23"
FF - prefs.js..network.proxy.backup.ssl_port: 443
FF - prefs.js..network.proxy.ftp: "91.228..53.28"
FF - prefs.js..network.proxy.ftp_port: 8089
FF - prefs.js..network.proxy.http: "91.228..53.28"
FF - prefs.js..network.proxy.http_port: 8089
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "91.228..53.28"
FF - prefs.js..network.proxy.socks_port: 8089
FF - prefs.js..network.proxy.ssl: "91.228..53.28"
FF - prefs.js..network.proxy.ssl_port: 8089
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.92.2: C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.92.2: C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\digitalpersona.com/ChromeDPAgent: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dpmaxz_ng@jetpack: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016.03.10 23:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 45.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 45.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2015.04.08 15:14:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\Extensions
[2016.05.13 11:06:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\Firefox\Profiles\apep5xqp.default\extensions
[2016.05.13 11:06:01 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\Pako\AppData\Roaming\mozilla\Firefox\Profiles\apep5xqp.default\extensions\abs@avira.com
[2016.04.29 14:30:25 | 000,013,704 | ---- | M] () (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\firefox\profiles\apep5xqp.default\extensions\info@youtube-mp3.org.xpi
[2016.04.29 14:30:27 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\firefox\profiles\apep5xqp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016.04.29 14:30:27 | 004,029,588 | ---- | M] () (No name found) -- C:\Users\Pako\AppData\Roaming\mozilla\firefox\profiles\apep5xqp.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi
[2016.05.09 17:14:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (HP File Sanitizer) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Remote Control Server] C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe (Steppschuh)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (HP)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" File not found
O4 - HKLM..\Run: [YouCam Tray] c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Auswahl speichern - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Bild ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Diese Seite ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Lesezeichen ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Neue Notiz - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html ()
O8:64bit: - Extra context menu item: URL notieren - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Auswahl speichern - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Bild ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Diese Seite ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Lesezeichen ausschneiden - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Neue Notiz - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: URL notieren - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9986CD45-0234-442F-ABDC-AE185A5A32C1}: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB9F8693-0D92-4816-9BE6-3CC2480CDCAC}: DhcpNameServer = 195.34.133.21 212.186.211.21
O18:64bit: - Protocol\Handler\abs - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\System32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e236d276-2d3b-11e5-8728-5cb901b2644d}\Shell - "" = AutoRun
O33 - MountPoints2\{e236d276-2d3b-11e5-8728-5cb901b2644d}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2016.05.17 12:47:27 | 000,000,000 | ---D | C] -- C:\FRST
[2016.05.17 12:47:11 | 002,382,336 | ---- | C] (Farbar) -- C:\Users\Pako\Desktop\FRST64.exe
[2016.05.17 12:40:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pako\Desktop\OTL.exe
[2016.05.13 16:15:08 | 000,000,000 | ---D | C] -- C:\Users\Pako\.tooling
[2016.05.13 16:08:52 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Local\Eclipse
[2016.05.13 16:07:29 | 000,000,000 | ---D | C] -- C:\Users\Pako\.eclipse
[2016.05.13 16:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eclipse
[2016.05.13 16:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2016.05.13 16:02:13 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\Sun
[2016.05.13 16:02:13 | 000,000,000 | ---D | C] -- C:\Users\Pako\.oracle_jre_usage
[2016.05.13 16:02:05 | 000,110,144 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2016.05.13 16:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2016.05.13 16:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2016.05.13 16:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2016.05.13 16:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2016.05.13 15:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chip Digital GmbH
[2016.05.11 15:31:10 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2016.05.11 15:31:09 | 000,264,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2016.05.11 15:31:09 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2016.05.11 15:31:08 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2016.05.11 15:31:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jnwmon.dll
[2016.05.11 15:31:07 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\InkEd.dll
[2016.05.11 15:31:07 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\InkEd.dll
[2016.05.11 15:31:05 | 005,546,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2016.05.11 15:31:04 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2016.05.11 15:31:04 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2016.05.11 15:31:04 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2016.05.11 15:31:04 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2016.05.11 15:31:04 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2016.05.11 15:31:04 | 000,706,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2016.05.11 15:31:04 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2016.05.11 15:31:04 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certcli.dll
[2016.05.11 15:31:04 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2016.05.11 15:31:03 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2016.05.11 15:31:03 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2016.05.11 15:31:03 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2016.05.11 15:31:03 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2016.05.11 15:31:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2016.05.11 15:31:03 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2016.05.11 15:31:03 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2016.05.11 15:31:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2016.05.11 15:31:03 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2016.05.11 15:31:03 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2016.05.11 15:31:03 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2016.05.11 15:31:03 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidpolicyconverter.exe
[2016.05.11 15:31:03 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2016.05.11 15:31:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2016.05.11 15:31:03 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2016.05.11 15:31:03 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2016.05.11 15:31:03 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidapi.dll
[2016.05.11 15:31:03 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appidapi.dll
[2016.05.11 15:31:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll
[2016.05.11 15:31:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2016.05.11 15:31:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptbase.dll
[2016.05.11 15:31:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2016.05.11 15:31:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2016.05.11 15:31:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2016.05.11 15:31:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2016.05.11 15:31:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2016.05.11 15:31:02 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2016.05.11 15:31:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2016.05.11 15:31:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2016.05.11 15:31:02 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\auditpol.exe
[2016.05.11 15:31:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msobjs.dll
[2016.05.11 15:31:02 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msobjs.dll
[2016.05.11 15:31:02 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\auditpol.exe
[2016.05.11 15:31:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2016.05.11 15:31:02 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidcertstorecheck.exe
[2016.05.11 15:31:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2016.05.11 15:31:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2016.05.11 15:31:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2016.05.11 15:31:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2016.05.11 15:31:02 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016.05.11 15:31:02 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016.05.11 15:31:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016.05.11 15:31:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016.05.11 15:31:02 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2016.05.11 15:31:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016.05.11 15:31:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016.05.11 15:31:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016.05.11 15:31:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2016.05.11 15:30:56 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2016.05.10 09:41:09 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2016.05.10 09:40:47 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2016.05.10 09:40:47 | 000,064,896 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2016.05.10 09:40:47 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbam.sys
[2016.05.10 09:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016.05.10 09:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016.05.10 09:34:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.05.09 21:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2016.05.09 21:16:09 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2016.05.09 17:14:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016.05.02 14:17:33 | 000,000,000 | ---D | C] -- C:\Users\Pako\Desktop\Numerische Methoden
[2016.05.02 14:07:13 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\jupyter
[2016.05.02 14:07:13 | 000,000,000 | ---D | C] -- C:\Users\Pako\.jupyter
[2016.05.02 14:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)
[2016.05.01 23:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2016.04.18 13:54:10 | 000,000,000 | ---D | C] -- C:\Users\Pako\.cisco
[2016.04.18 13:53:15 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Local\Cisco
[2016.04.18 13:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2016.04.18 13:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco
[2016.04.18 11:30:52 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\xm1
[2016.04.18 11:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
[2016.04.18 11:23:43 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\MiKTeX
[2016.04.18 11:23:29 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Local\MiKTeX
[2016.04.18 11:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX
[2016.04.18 11:19:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiKTeX 2.9
[2016.04.18 11:16:36 | 000,000,000 | ---D | C] -- C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
[2016.04.18 11:16:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
[2016.04.18 11:16:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Texmaker
 
========== Files - Modified Within 30 Days ==========
 
[2016.05.17 12:47:11 | 002,382,336 | ---- | M] (Farbar) -- C:\Users\Pako\Desktop\FRST64.exe
[2016.05.17 12:40:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pako\Desktop\OTL.exe
[2016.05.17 12:24:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2016.05.17 12:23:19 | 000,001,078 | ---- | M] () -- C:\windows\system32dbgraw.bmp
[2016.05.17 11:01:54 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.05.17 11:01:54 | 000,020,944 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.05.17 10:52:43 | 001,651,686 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2016.05.17 10:52:43 | 000,715,172 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2016.05.17 10:52:43 | 000,659,640 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2016.05.17 10:52:43 | 000,154,722 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2016.05.17 10:52:43 | 000,126,818 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2016.05.17 10:46:55 | 000,000,180 | ---- | M] () -- C:\windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2016.05.17 10:46:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2016.05.16 23:16:31 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2016.05.16 11:27:43 | 000,141,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avipbb.sys
[2016.05.16 11:27:43 | 000,079,696 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avnetflt.sys
[2016.05.15 00:19:22 | 000,285,808 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2016.05.14 23:56:04 | 000,001,002 | ---- | M] () -- C:\Users\Pako\Desktop\Eclipse.lnk
[2016.05.14 18:14:22 | 000,000,328 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForPako.job
[2016.05.13 16:09:42 | 000,002,464 | ---- | M] () -- C:\Users\Pako\Desktop\CATIA V5R21.lnk
[2016.05.13 16:02:01 | 000,110,144 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2016.05.13 15:24:16 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2016.05.13 15:24:16 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2016.05.10 09:41:50 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2016.04.18 11:16:36 | 000,000,998 | ---- | M] () -- C:\Users\Pako\Desktop\Texmaker.lnk
 
========== Files Created - No Company Name ==========
 
[2016.05.17 12:22:28 | 000,001,078 | ---- | C] () -- C:\windows\system32dbgraw.bmp
[2016.05.16 23:16:31 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2016.05.14 23:56:04 | 000,001,002 | ---- | C] () -- C:\Users\Pako\Desktop\Eclipse.lnk
[2016.05.13 16:09:42 | 000,002,464 | ---- | C] () -- C:\Users\Pako\Desktop\CATIA V5R21.lnk
[2016.04.18 11:16:36 | 000,000,998 | ---- | C] () -- C:\Users\Pako\Desktop\Texmaker.lnk
[2015.09.28 13:00:34 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCApi.dll.hpsign
[2015.09.28 13:00:32 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2015.09.28 13:00:32 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2015.09.28 12:59:30 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2015.09.28 12:59:28 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv2.dll.hpsign
[2015.09.28 12:59:28 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2015.09.28 12:58:28 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2015.08.17 14:56:20 | 002,536,072 | ---- | C] () -- C:\windows\SysWow64\BootMan.exe
[2015.08.17 14:56:20 | 000,088,160 | ---- | C] () -- C:\windows\SysWow64\setupempdrv03.exe
[2015.08.17 14:56:20 | 000,021,088 | ---- | C] () -- C:\windows\SysWow64\EuEpmGdi.dll
[2015.08.17 14:56:20 | 000,014,944 | ---- | C] () -- C:\windows\SysWow64\epmntdrv.sys
[2015.08.17 14:56:20 | 000,010,208 | ---- | C] () -- C:\windows\SysWow64\EuGdiDrv.sys
[2015.04.24 12:30:48 | 000,961,336 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2015.04.13 21:01:18 | 000,000,247 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2015.04.13 21:01:18 | 000,000,064 | ---- | C] () -- C:\windows\brpcfx.ini
[2015.04.13 21:00:25 | 000,000,066 | ---- | C] () -- C:\windows\Brfaxrx.ini
[2015.04.13 21:00:25 | 000,000,000 | ---- | C] () -- C:\windows\brdfxspd.dat
[2015.04.13 20:53:14 | 000,006,616 | ---- | C] () -- C:\windows\BRPARAM.INI
[2015.04.09 19:54:41 | 000,000,000 | ---- | C] () -- C:\windows\Bench32.INI
[2015.04.08 18:00:11 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\dlumd9.dll
[2015.04.08 18:00:11 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\dlumd11.dll
[2015.04.08 18:00:11 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\dlumd10.dll
[2015.03.27 00:59:09 | 000,000,248 | ---- | C] () -- C:\windows\hbcikrnl.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016.01.22 08:19:58 | 014,179,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.01.22 08:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

c.yossarian 17.05.2016 12:03
Extras.txt

Code:
OTL Extras logfile created on: 17.05.2016 12:48:59 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Pako\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17609)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 4,70 Gb Available Physical Memory | 59,64% Memory free
11,83 Gb Paging File | 8,13 Gb Available in Paging File | 68,70% Paging File free
Paging file location(s): c:\pagefile.sys 4048 4048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 94,73 Gb Total Space | 14,30 Gb Free Space | 15,10% Space Free | Partition Type: NTFS
Drive D: | 14,05 Gb Total Space | 1,55 Gb Free Space | 11,04% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 66,34 Gb Free Space | 22,26% Space Free | Partition Type: NTFS
Drive F: | 1,99 Gb Total Space | 1,93 Gb Free Space | 97,08% Space Free | Partition Type: FAT32
 
Computer Name: PAKO-HP840 | User Name: Pako | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0513174A-79A3-4077-A3F7-AF1014E06269}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{08AF9D48-B462-4B54-8AC5-2401381B56DF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A6D2200-9E00-4DF7-B29C-F9091B3E214A}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{39A19F96-B834-4559-BE3D-B4BF64ED9AF4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43EFA40D-87C9-43E6-91B9-A38C04CA6961}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4434757E-F8B6-4C73-94F6-07881C23D1F1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56E17D4D-5B36-47DA-934F-AD9D3FCAA54C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5B00D27F-9E0D-426B-BB81-266C681D8D3D}" = rport=445 | protocol=6 | dir=out | app=system |
"{76B629C5-6CFA-46A4-92C0-53944E75F5C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{76BE9F1C-2F40-4A4D-BE63-81A94CCFE0E6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8AB62887-63E1-408D-8C64-B290DDA0B67E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{909F4019-28B7-4E3E-A3FA-1058CAB0B1FC}" = rport=137 | protocol=17 | dir=out | app=system |
"{9E6443EE-1AFD-4832-882F-2A50EF3A41DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A06F3C82-25BB-4CF7-AE09-08E46CD4539F}" = lport=139 | protocol=6 | dir=in | app=system |
"{AE69A899-39B7-42F8-B309-B1BF8FF43B2A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B74E9A0F-4BB3-4FA0-806B-549FD9DCF297}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB6E1237-C49D-45C7-A909-37BAD6962E67}" = rport=138 | protocol=17 | dir=out | app=system |
"{BFA424D2-9F43-4ECA-BD4E-4B7B30B00F47}" = lport=138 | protocol=17 | dir=in | app=system |
"{C9E16525-F5FE-477F-880F-6D7505121B03}" = lport=137 | protocol=17 | dir=in | app=system |
"{CA5B3F2F-A8D5-452A-9A92-3DFC107AE8A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{DDB50AC7-9CF7-434A-88BA-86DA33CAF263}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DEC85CDC-6EEA-4448-BEC7-6A9CF99C0B6C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E880487E-748F-416A-B91B-175BF6FB3804}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FF37682B-8B30-4AC0-AE77-4A417E5CBB41}" = lport=445 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{050A4F1D-B28D-4172-8615-BF74A549145D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{26194502-22AA-4709-AC14-A1B377061E1D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2BA83475-F871-4242-862D-5E7368C550D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3DB1C88B-C304-48E1-B26B-9BDC222152A0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3F3F8700-CA53-4945-BE7F-646E02D92B41}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4A68009D-174F-496A-BCD2-EE9DC14143B3}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{4F73A59E-EC31-4785-AB6F-0453471E36A8}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{5421E495-BA8E-46D9-9970-BF74E95F871E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55164A65-1AF2-4A22-90FF-B75D9E9A9E07}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{55897B62-922E-406A-91E2-39189ADB539E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{572C5DA1-80D5-4B17-A8B5-58572A31D368}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl11a\faxrx.exe |
"{5FDF9926-002D-4E42-AA1F-E37F72C24D90}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{61A4BA59-6C93-4DAE-B7DA-307974F4EA75}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6FFBC7DE-FFFC-4A01-80D2-1E95C642A51E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{763A8A8A-25D7-47B6-AE8E-798546A2F745}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{87B1E4F0-93AE-48B9-8053-1639CA935F91}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{94E97681-CB88-42D0-8816-F577B03719EC}" = protocol=6 | dir=out | app=system |
"{95992D6D-80DA-4A9F-88E5-A8259F897348}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{99B0FD3C-B481-453B-894B-5C627B2F0B44}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl11a\faxrx.exe |
"{9CBD0561-135F-40BC-9DF5-8DC299F9E0D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D687D8D-42C9-4AD6-904C-B45D47242D9F}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{9DD90E48-CA0F-44BB-85BB-C649B1FD7F30}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AFD3FF97-F27B-4590-93E1-8EF37BE3607C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BAB8D8ED-B064-4FDD-A369-88791CECA0D0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C064180A-ABBB-45EA-BE5B-B2102C014357}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C487E073-6A9B-41DF-992C-2A23FA95F839}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{CB9A4901-1080-47EB-AB42-12A148B3A7BA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CF762252-A7F1-4BC7-9AD5-A8EB57236A2D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DF2B7C54-8662-4F78-9DF7-70C8CDBECB90}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E0970823-DBAF-4A16-86D9-34367AF59301}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{E38BF9E6-EEEA-41E4-8E0E-64CFD7CCE2A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E61669F1-4AA2-48A8-B3F4-ED576879069E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{ED5D9F8C-31DE-4CB8-9585-C2063ACB031A}" = dir=in | app=c:\program files\intel corporation\usb over ip\bin\uoipservice.exe |
"{F919D8D0-83E9-4E4E-B957-BD77EA122A76}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FA8AC096-2C35-4A0D-9ED1-F3724E782758}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FFEBC4BD-3422-428F-B25E-E5BCCA93B79E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{0A5C10DF-E118-4F05-A778-53DAF5FACA79}C:\program files (x86)\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eclipse\eclipse.exe |
"TCP Query User{152B4FAE-FE6D-42F5-BA02-C48BB9E7FAAF}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{16DF6E00-323C-4DC5-91F0-6692BD767132}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{3F61977B-6F2B-453F-8FCE-5160379EDCD3}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe |
"TCP Query User{417C69D2-0311-45C0-A803-2C375E5B50BB}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe" = protocol=6 | dir=in | app=c:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe |
"TCP Query User{42A8C856-7C7E-42B1-A2C3-3F533179FDFF}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe |
"TCP Query User{4D0E1D55-7C01-4283-B011-6CA49CACC9E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe" = protocol=6 | dir=in | app=c:\users\pako\appdata\roaming\remote control server\remote control server.exe |
"TCP Query User{6B5B1209-03B1-4EC9-ADF3-0EC08152AAB7}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe |
"TCP Query User{8785BFCD-8433-40BC-9E08-D0A714C49885}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{A1113639-9AF8-417C-BB27-F77C7421A42D}C:\program files (x86)\remote control server\remote control server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\remote control server\remote control server.exe |
"TCP Query User{A595BFB1-C585-4DEB-A042-8E7FC8ACA1F5}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe" = protocol=6 | dir=in | app=c:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe |
"TCP Query User{A780842E-9BB9-4871-9D09-CC8AADBC6FE7}C:\spiele\age of empires 3\age3y.exe" = protocol=6 | dir=in | app=c:\spiele\age of empires 3\age3y.exe |
"TCP Query User{AF4F8F09-0835-44FC-B384-7A9B901CF0DF}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe |
"TCP Query User{C1D615EE-F9E7-4702-BDAC-14B5BDCB6C72}C:\spiele\age of empires ii\age2_x1\age2_x2.exe" = protocol=6 | dir=in | app=c:\spiele\age of empires ii\age2_x1\age2_x2.exe |
"TCP Query User{C84856A1-F94C-40D1-A72E-38FF6900BB6E}C:\spiele\age of empires ii\age2_x1\age2_x2.exe" = protocol=6 | dir=in | app=c:\spiele\age of empires ii\age2_x1\age2_x2.exe |
"TCP Query User{CF04BF2B-CD8C-4189-9A40-577D8B1319E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe" = protocol=6 | dir=in | app=c:\users\pako\appdata\roaming\remote control server\remote control server.exe |
"TCP Query User{E892C429-305C-4577-8793-3137479C3157}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{E903F21E-808A-470D-B373-DD0613AE9EA7}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe" = protocol=6 | dir=in | app=c:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe |
"TCP Query User{F1E3FFB8-28B1-4F30-B4AD-2B61856564F2}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe |
"UDP Query User{0370DA74-30C3-4EA4-8629-287BB4673275}C:\spiele\age of empires ii\age2_x1\age2_x2.exe" = protocol=17 | dir=in | app=c:\spiele\age of empires ii\age2_x1\age2_x2.exe |
"UDP Query User{0E4803D4-C350-419F-A898-DF5F70176E8F}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe |
"UDP Query User{0F0AA636-B729-4C97-8F5A-E0AB89A86E6D}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe |
"UDP Query User{184FF14E-9FD3-4C8F-AC9A-B59D5B6C08AD}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{4397C81B-F804-4B28-9B23-B75102BC9B86}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{4D6D5AA5-7F2B-48EA-A5DE-4142279187CA}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe |
"UDP Query User{548D2FED-8586-48AA-8647-400A3E7B90DB}C:\spiele\age of empires 3\age3y.exe" = protocol=17 | dir=in | app=c:\spiele\age of empires 3\age3y.exe |
"UDP Query User{5F9A2BC6-5606-4B97-9FD4-24C5EADF8B9B}C:\users\pako\appdata\roaming\remote control server\remote control server.exe" = protocol=17 | dir=in | app=c:\users\pako\appdata\roaming\remote control server\remote control server.exe |
"UDP Query User{6E10132D-5776-445F-A829-A42AAA56656B}C:\program files (x86)\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eclipse\eclipse.exe |
"UDP Query User{6FCF8D7B-FCAF-41A4-97FC-0C498602B023}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe" = protocol=17 | dir=in | app=c:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe |
"UDP Query User{8874D6A7-833D-4EF5-B6CF-C03844658CDD}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe |
"UDP Query User{A17134BB-9852-4C67-857D-341AD61D86E2}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe" = protocol=17 | dir=in | app=c:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe |
"UDP Query User{ABC23708-F948-4FEE-A3C1-39784C87F35A}C:\users\pako\appdata\roaming\remote control server\remote control server.exe" = protocol=17 | dir=in | app=c:\users\pako\appdata\roaming\remote control server\remote control server.exe |
"UDP Query User{CAD7267F-42E9-4F6D-8FD8-CD21615B0985}C:\spiele\age of empires ii\age2_x1\age2_x2.exe" = protocol=17 | dir=in | app=c:\spiele\age of empires ii\age2_x1\age2_x2.exe |
"UDP Query User{CC249AD1-4854-4335-B71E-71A9581D4274}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{D89E13A1-8DFC-4356-ACD2-D00D7CF40CBF}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe" = protocol=17 | dir=in | app=c:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe |
"UDP Query User{E8B4C2F2-BB9E-41EA-BDAE-D2C030786AF5}C:\program files (x86)\remote control server\remote control server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\remote control server\remote control server.exe |
"UDP Query User{F2FDC59F-1437-4776-A83C-1AD023B0E507}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe |
"UDP Query User{F3FA0139-CCF0-4F70-BEAE-0A1F96DA92CF}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{17e91253-12f4-4fa1-bd55-5d950e7799a8}" = Intel(R) PRO/Wireless Driver
"{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}" = Intel® Trusted Connect Service Client
"{1BE682E2-5AF3-485A-83D0-47CC0C1FFFDE}" = HP Device Access Manager
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{214E6139-6853-4144-AEEB-212C922159E9}" = HP Client Security Manager
"{26A24AE4-039D-4CA4-87B4-2F86418092F0}" = Java 8 Update 92 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}" = Intel(R) WiDi
"{302600C1-6BDF-4FD1-1504-148929CC1385}" = Intel(R) Wireless Bluetooth(R)(patch version 17.1.1519.1030)
"{3061DCA5-2D0B-48F9-800F-9D7C1FEB5E78}" = Microsoft Security Client
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4332723E-06E5-47F8-B106-8A2971B01368}" = Intel(R) ME UninstallLegacy
"{4BCC570D-F175-4B50-A06A-FE3506A94796}" = HP USB Port Replicator
"{55398EAC-F58E-4F19-B553-BDF8B9EFD839}" = Intel(R) Chipset Device Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0180920}" = Java SE Development Kit 8 Update 92 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{73CF7443-C49F-4A11-BD78-F6D691CDDB72}" = DisplayLink Core Software
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7C534131-6431-4ECB-9069-525CB5F75CC8}" = Dassault Systemes Software VC10 Prerequisites x86-x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.6.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{93F2A022-6C37-48B8-B241-FFABD9F60C30}" = iTunes
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AAC5C889-B75D-3368-BC63-CB660DE44C66}" = Microsoft .NET Framework 4.6.1 (DEU)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}" = Validity Fingerprint Sensor Driver
"{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}" = Synaptics WBF Fingerprint Reader
"{B96314A4-5138-460F-B769-1913B0A07D78}" = Intel(R) Rapid Storage Technology
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C2306F93-60AC-4401-B600-453376E771EC}" = Intel(R) Management Engine Components
"{C4123106-B685-48E6-B9BD-E4F911841EB4}" = Apple Mobile Device Support
"{C857169D-3F1A-4530-99A0-CAE966CE267E}" = Dassault Systemes Software VC11 Prerequisites x86-x64
"{CF1EB598-B424-436A-B15F-B763846BA970}" = Dassault Systemes Software Prerequisites x86-x64
"{D7B824DE-DA32-4772-9E5E-39C5158136A7}" = Apple Application Support (64-Bit)
"{E0729EA8-444C-4AAF-AB69-3CE907F60A38}" = Intel(R) Management Engine Components
"{F27A944C-C95A-4DB7-BC8A-AEFD9B1B5E40}" = Intel® PROSet/Wireless WiFi Software
"{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}" = Dassault Systemes Software VC9 Prerequisites x86-x64
"{FE51B16C-A025-418A-A5D6-07D93B643AFB}" = Intel(R) Management Engine Components
"8461-7759-5462-8226" = Vuze
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dassault Systemes B21_0" = Dassault Systemes Software B21
"HPProtectTools" = HP Client Security Manager
"MATLAB Production Server R2015a" = MATLAB Production Server R2015a
"Microsoft Security Client" = Microsoft Security Essentials
"PROSet" = Intel(R) Network Connections Drivers
"Python 2.7.9 (Anaconda 2.2.0 64-bit)" = Python 2.7.9 (Anaconda 2.2.0 64-bit)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.21 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{179D679D-047F-491D-8783-D4BE596D2242}" = Visual Basic for Applications (R) Core
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{28074A47-851D-4599-A270-87609F58EB57}" = HP PageLift
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{36FCBBEE-7BCE-4603-A4F5-56E73C43C820}" = HP BIOS Configuration Utility
"{384737A1-509C-46EA-A1EC-C1B6DD3BDC2D}" = HP Hotkey Support
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{40C98ADC-A44D-401E-BDDD-5094E4CF7D09}" = Avira Launcher
"{438363A8-F486-4C37-834C-4955773CB3D3}" = HP Setup
"{48D74C03-3D33-4A7E-9D93-A59FE58C1DEA}" = HP ESU for Microsoft Windows 7
"{49FE8EBA-CC77-484E-A4DB-DF4EFC0E5147}" = HP Theft Recovery
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{503CA94E-0834-4CEE-AD92-BA17AF4E809A}" = chip 1-click download service
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5EDC25EC-D966-11E4-9E5C-00163E98E7D6}" = Evernote v. 5.8.5
"{6313BCDF-1109-4682-A19D-413189817787}" = HP Port Replicator Software Installer
"{6349342F-9CEF-4A70-995A-2CF3704C2603}" = HP File Sanitizer
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{755C6515-9FEA-490C-B15E-22BB6519E57E}" = Remote Control Server
"{757cc2cc-5fed-43e4-b813-2bda78353297}" = HP SoftPaq Download Manager
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{904822F1-6C7D-4B91-B936-6A1C0810544C}" = HP Support Assistant
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}" = Avira Browser Safety
"{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications (R) Core - English
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}" = Brother MFL-Pro Suite MFC-J825DW
"{a2a04474-104a-49b3-9bf5-33afee260030}" = Intel® PROSet/Wireless Software
"{AC76BA86-0804-1033-1959-001824184103}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Deutsch
"{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}" = Apple Application Support (32-Bit)
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B5BEF5F8-BD76-4174-A47D-05A06EA62615}" = HP System Default Settings
"{B76E8F60-D517-44B1-BFCD-B6C153A60F1B}" = revoSleep
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{BC60F8B0-4365-48A3-B463-0CDDA249B07F}" = HP Documentation
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{bfb60b68-92b8-481b-b416-7e05b4ea01c9}" = Avira Launcher
"{c7f54569-0018-439c-809a-48046a4d4ebc}" = Intel® Chipsatz-Gerätesoftware
"{D5D9F4B5-7CCE-458D-9ECA-FE9EFD7D607C}_is1" = Age of Empires 3 complete version 1.14
"{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}" = HP PC Hardware Diagnostics UEFI
"{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}" = Realtek PC Camera
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}" = HP 3D DriveGuard
"{EA0F6FCD-988A-41DE-9D87-036C6B7C545D}" = Cisco AnyConnect Secure Mobility Client
"{F0809EF3-DE1B-4A3C-9825-D4ABD1BA06BC}" = HP Connection Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F24F876B-7D71-4BD6-88E9-614D3BB84242}" = Alcor Micro Smart Card Reader Driver
"{F6D61EC9-347B-4019-9F8E-E24169F7C330}" = HP Software Setup
"{FADF6CC4-5AF3-4630-AEDB-41F14BC09FCF}" = HP BIOS Configuration Utility
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.17
"Adobe Flash Player ActiveX" = Adobe Flash Player 21 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Avira Antivirus" = Avira Antivirus
"Blobby Volley 2 Version 1.0_is1" = Blobby Volley 2 Version 1.0
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"Dassault Systemes Doc English B21" = Dassault Systemes Doc English CATIA P3 B21
"EaseUS Partition Master_is1" = EaseUS Partition Master 10.5
"Foxit Reader_is1" = Foxit Reader
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{49FE8EBA-CC77-484E-A4DB-DF4EFC0E5147}" = HP Theft Recovery
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.2.1.1043
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 46.0.1 (x86 de)" = Mozilla Firefox 46.0.1 (x86 de)
"Mozilla Thunderbird 45.0 (x86 de)" = Mozilla Thunderbird 45.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.95
"SZCCID" = Alcor Micro Smart Card Reader Driver
"Texmaker" = Texmaker
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11.05.2016 00:03:40 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
Error - 11.05.2016 00:03:40 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
Error - 11.05.2016 00:40:17 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
Error - 11.05.2016 08:52:58 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
Error - 11.05.2016 08:52:58 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
Error - 11.05.2016 08:52:58 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
Error - 11.05.2016 08:53:10 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1069
Description = Profilvorgang für aktuelle SID mit unbekanntem Ausnahmefehler fehlgeschlagen.
 
Error - 11.05.2016 08:53:12 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
Error - 11.05.2016 08:53:12 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
Error - 11.05.2016 08:53:12 | Computer Name = Pako-HP840 | Source = flcdlock | ID = 1055
Description = Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco
 AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat
 ein Fehler auf.      Der Systemfehlercode lautet 0xe0000231:-    ** The error code could
not be translated **
 
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 17.05.2016 04:46:40 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
 Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE

 
Error - 17.05.2016 04:46:48 | Computer Name = Pako-HP840 | Source = acvpnui | ID = 67108866
Description = Function: MFDartBox::getDARTInstallDir File: .\MFDartBox.cpp Line: 337
Invoked
 Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine
 Daten mehr verfügbar. 
 
Error - 17.05.2016 04:46:58 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: CNetbinding::getIcfg File: .\CNetbinding.cpp Line: 175 Invoked
 Function: INetCfgLock::AcquireWriteLock Return Code: 1 (0x00000001) Description:
Unzulässige Funktion.  write lock already taken by iphlpsvc.dll
 
Error - 17.05.2016 04:46:58 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: ACIdentifierExts::GetMacAddressesOfPhysicalInterfaces File:
 .\ACIdentifierExts.cpp Line: 314 Invoked Function: CNetbinding::EnumeratePhysicalAdapters
Return
 Code: -26279926 (0xFE6F000A) Description: NETBINDING_ERROR_GETICFG
 
Error - 17.05.2016 04:46:58 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: CHostConfigMgr::determinePublicAddrCandidateFromDefRoute
File:
 .\HostConfigMgr.cpp Line: 1814 Invoked Function: CHostConfigMgr::FindDefaultRouteInterface
Return
 Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
 
Error - 17.05.2016 04:46:59 | Computer Name = Pako-HP840 | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
 1364 NULL object. Cannot establish a connection at this time.
 
Error - 17.05.2016 04:46:59 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108866
Description = Function: CHostConfigMgr::determinePublicAddrCandidateFromDefRoute
File:
 .\HostConfigMgr.cpp Line: 1814 Invoked Function: CHostConfigMgr::FindDefaultRouteInterface
Return
 Code: -24117215 (0xFE900021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED
 
Error - 17.05.2016 04:51:33 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
 274 m_pIServicePlugin is NULL
 
Error - 17.05.2016 04:51:33 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
 274 m_pIServicePlugin is NULL
 
Error - 17.05.2016 04:51:33 | Computer Name = Pako-HP840 | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
 274 m_pIServicePlugin is NULL
 
[ System Events ]
Error - 16.05.2016 05:41:14 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers
 fehlgeschlagen:  %%5
 
Error - 16.05.2016 05:41:14 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers
 fehlgeschlagen:  %%5
 
Error - 16.05.2016 05:41:14 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers
 fehlgeschlagen:  %%5
 
Error - 16.05.2016 05:41:36 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Mail Protection" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%1.
 
Error - 16.05.2016 17:13:07 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7016
Description = Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen
 Status gemeldet: 0
 
Error - 16.05.2016 17:13:07 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7016
Description = Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen
 Status gemeldet: 0
 
Error - 16.05.2016 17:13:11 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  cdrom
 
Error - 17.05.2016 04:46:34 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7016
Description = Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen
 Status gemeldet: 0
 
Error - 17.05.2016 04:46:34 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7016
Description = Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen
 Status gemeldet: 0
 
Error - 17.05.2016 04:46:54 | Computer Name = Pako-HP840 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  cdrom
 
 
< End of report >

M-K-D-B 18.05.2016 09:37
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!








Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

c.yossarian 18.05.2016 19:43
Hi Matthias!
Vielen Dank für deine Hilfe!

Es folgt das logfile von TDSSKiller, es wurden 2 Bedrohungen gefunden.

Lieben Gruß,
Pako

Code:
20:30:44.0556 0x1c08  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
20:30:54.0036 0x1c08 
20:30:54.0036 0x1c08  Current date / time: 2016/05/18 20:30:54.0036
20:30:54.0036 0x1c08  SystemInfo:
20:30:54.0036 0x1c08 
20:30:54.0036 0x1c08  OS Version: 6.1.7601 ServicePack: 1.0
20:30:54.0036 0x1c08  Product type: Workstation
20:30:54.0037 0x1c08  ComputerName: PAKO-HP840
20:30:54.0042 0x1c08  UserName: Pako
20:30:54.0042 0x1c08  Windows directory: C:\windows
20:30:54.0042 0x1c08  System windows directory: C:\windows
20:30:54.0042 0x1c08  Running under WOW64
20:30:54.0042 0x1c08  Processor architecture: Intel x64
20:30:54.0042 0x1c08  Number of processors: 4
20:30:54.0042 0x1c08  Page size: 0x1000
20:30:54.0042 0x1c08  Boot type: Normal boot
20:30:54.0042 0x1c08  ============================================================
20:30:55.0130 0x1c08  KLMD registered as C:\windows\system32\drivers\40423767.sys
20:30:56.0089 0x1c08  System UUID: {FE25E459-C728-B4B5-C868-633DDE899BE7}
20:30:57.0225 0x1c08  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:30:57.0225 0x1c08  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:30:57.0229 0x1c08  ============================================================
20:30:57.0229 0x1c08  \Device\Harddisk0\DR0:
20:30:57.0229 0x1c08  MBR partitions:
20:30:57.0229 0x1c08  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
20:30:57.0229 0x1c08  \Device\Harddisk1\DR1:
20:30:57.0229 0x1c08  MBR partitions:
20:30:57.0229 0x1c08  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x200800
20:30:57.0229 0x1c08  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x201000, BlocksNum 0xBD77800
20:30:57.0229 0x1c08  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xBF78800, BlocksNum 0x1C19800
20:30:57.0229 0x1c08  \Device\Harddisk1\DR1\Partition4: MBR, Type 0xB, StartLBA 0xDB92000, BlocksNum 0x400000
20:30:57.0229 0x1c08  ============================================================
20:30:57.0230 0x1c08  C: <-> \Device\Harddisk1\DR1\Partition2
20:30:57.0231 0x1c08  F: <-> \Device\Harddisk1\DR1\Partition4
20:30:57.0551 0x1c08  E: <-> \Device\Harddisk0\DR0\Partition1
20:30:57.0552 0x1c08  D: <-> \Device\Harddisk1\DR1\Partition3
20:30:57.0553 0x1c08  ============================================================
20:30:57.0553 0x1c08  Initialize success
20:30:57.0553 0x1c08 
===
20:33:20.0290 0x1404 
===
20:33:20.0290 0x1404  Scan started
20:33:20.0290 0x1404  Mode: Manual; SigCheck; TDLFS;
20:33:20.0290 0x1404 
===
20:33:20.0290 0x1404  KSN ping started
20:33:23.0380 0x1404  KSN ping finished: true
20:33:23.0832 0x1404  ================ Scan system memory ========================
20:33:23.0832 0x1404  System memory - ok
20:33:23.0832 0x1404  ================ Scan services =============================
20:33:23.0879 0x1404  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
20:33:23.0988 0x1404  1394ohci - ok
20:33:24.0004 0x1404  [ AE106B87559DB159053D948221D83B60, B120963FCF9E5A84749166BBBB227FF2A7A4E5E633E385EC80FFCE4FD499B931 ] Accelerometer  C:\windows\system32\drivers\Accelerometer.sys
20:33:24.0035 0x1404  Accelerometer - ok
20:33:24.0051 0x1404  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
20:33:24.0066 0x1404  ACPI - ok
20:33:24.0082 0x1404  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\windows\system32\drivers\acpipmi.sys
20:33:24.0113 0x1404  AcpiPmi - ok
20:33:24.0113 0x1404  [ 4E179DDF5EC43973B7CFE264AAF911B2, D62E062744EE274FA10D962F534A0F16F2E9A3E34B602E67F614FCB4B9C8CB2E ] acsock          C:\windows\system32\DRIVERS\acsock64.sys
20:33:24.0160 0x1404  acsock - ok
20:33:24.0160 0x1404  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:33:24.0191 0x1404  AdobeARMservice - ok
20:33:24.0222 0x1404  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:33:24.0253 0x1404  AdobeFlashPlayerUpdateSvc - ok
20:33:24.0269 0x1404  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\windows\system32\drivers\adp94xx.sys
20:33:24.0316 0x1404  adp94xx - ok
20:33:24.0331 0x1404  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\windows\system32\drivers\adpahci.sys
20:33:24.0378 0x1404  adpahci - ok
20:33:24.0378 0x1404  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\windows\system32\drivers\adpu320.sys
20:33:24.0425 0x1404  adpu320 - ok
20:33:24.0441 0x1404  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc    C:\windows\System32\aelupsvc.dll
20:33:24.0503 0x1404  AeLookupSvc - ok
20:33:24.0519 0x1404  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD            C:\windows\system32\drivers\afd.sys
20:33:24.0597 0x1404  AFD - ok
20:33:24.0612 0x1404  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
20:33:24.0643 0x1404  agp440 - ok
20:33:24.0659 0x1404  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\windows\System32\alg.exe
20:33:24.0675 0x1404  ALG - ok
20:33:24.0675 0x1404  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
20:33:24.0690 0x1404  aliide - ok
20:33:24.0706 0x1404  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
20:33:24.0721 0x1404  amdide - ok
20:33:24.0721 0x1404  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\windows\system32\drivers\amdk8.sys
20:33:24.0737 0x1404  AmdK8 - ok
20:33:24.0753 0x1404  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
20:33:24.0768 0x1404  AmdPPM - ok
20:33:24.0784 0x1404  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\windows\system32\drivers\amdsata.sys
20:33:24.0799 0x1404  amdsata - ok
20:33:24.0815 0x1404  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
20:33:24.0831 0x1404  amdsbs - ok
20:33:24.0831 0x1404  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\windows\system32\drivers\amdxata.sys
20:33:24.0862 0x1404  amdxata - ok
20:33:24.0893 0x1404  [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
20:33:25.0002 0x1404  AntiVirMailService - ok
20:33:25.0018 0x1404  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
20:33:25.0049 0x1404  AntiVirSchedulerService - ok
20:33:25.0065 0x1404  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
20:33:25.0096 0x1404  AntiVirService - ok
20:33:25.0127 0x1404  [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
20:33:25.0299 0x1404  AntiVirWebService - ok
20:33:25.0314 0x1404  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID          C:\windows\system32\drivers\appid.sys
20:33:25.0345 0x1404  AppID - ok
20:33:25.0361 0x1404  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\windows\System32\appidsvc.dll
20:33:25.0408 0x1404  AppIDSvc - ok
20:33:25.0408 0x1404  [ 046E837786271237A76C50F7CE1F5BC6, 10EFAEC9BCEF241B3046DFECA7659E137DF42C975E50B35D841024D44A58BB98 ] Appinfo        C:\windows\System32\appinfo.dll
20:33:25.0439 0x1404  Appinfo - ok
20:33:25.0455 0x1404  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:33:25.0486 0x1404  Apple Mobile Device Service - ok
20:33:25.0486 0x1404  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt        C:\windows\System32\appmgmts.dll
20:33:25.0517 0x1404  AppMgmt - ok
20:33:25.0517 0x1404  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\windows\system32\drivers\arc.sys
20:33:25.0533 0x1404  arc - ok
20:33:25.0548 0x1404  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
20:33:25.0564 0x1404  arcsas - ok
20:33:25.0579 0x1404  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:33:25.0595 0x1404  aspnet_state - ok
20:33:25.0595 0x1404  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
20:33:25.0689 0x1404  AsyncMac - ok
20:33:25.0689 0x1404  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\windows\system32\drivers\atapi.sys
20:33:25.0720 0x1404  atapi - ok
20:33:25.0751 0x1404  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
20:33:25.0798 0x1404  AudioEndpointBuilder - ok
20:33:25.0813 0x1404  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
20:33:25.0876 0x1404  AudioSrv - ok
20:33:25.0891 0x1404  [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
20:33:25.0938 0x1404  avgntflt - ok
20:33:25.0938 0x1404  [ C9BED3BDC39FBCAA77A88308355B237E, AFC74D4BF86FB695D7D31534C174D926C8ED57E7D8E98339CE3ED060AC3BB6D0 ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
20:33:25.0985 0x1404  avipbb - ok
20:33:26.0001 0x1404  [ 125DFFF37D51A45A72934C3BF89A64CD, 19208A6544DC822D5010C835A6FA5E8AC5406CBFB277C4C9E034EF6309B113EE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
20:33:26.0047 0x1404  Avira.ServiceHost - ok
20:33:26.0063 0x1404  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
20:33:26.0079 0x1404  avkmgr - ok
20:33:26.0079 0x1404  [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt        C:\windows\system32\DRIVERS\avnetflt.sys
20:33:26.0110 0x1404  avnetflt - ok
20:33:26.0110 0x1404  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
20:33:26.0141 0x1404  AxInstSV - ok
20:33:26.0157 0x1404  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\windows\system32\drivers\bxvbda.sys
20:33:26.0188 0x1404  b06bdrv - ok
20:33:26.0203 0x1404  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
20:33:26.0235 0x1404  b57nd60a - ok
20:33:26.0281 0x1404  [ 0C4D8A266B11D747F454D0B7C7C78B1A, 8994721C833D333F659D527E803C4C0E03010B628E60AFD9D62194D93D2F9517 ] BBDemon        C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe
20:33:26.0547 0x1404  BBDemon - detected UnsignedFile.Multi.Generic ( 1 )
20:33:28.0668 0x19b4  Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
20:33:30.0556 0x1404  BBDemon ( UnsignedFile.Multi.Generic ) - warning
20:33:32.0989 0x19b4  Object send P2P result: true
20:33:32.0989 0x19b4  Object required for P2P: [ 157DA3885AA4F03C80C10DAEB0949CAA ] AntiVirMailService
20:33:33.0239 0x0d48  Object required for P2P: [ C9BED3BDC39FBCAA77A88308355B237E ] avipbb
20:33:33.0426 0x1404  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
20:33:33.0473 0x1404  BDESVC - ok
20:33:33.0473 0x1404  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
20:33:33.0520 0x1404  Beep - ok
20:33:33.0551 0x1404  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\windows\System32\bfe.dll
20:33:33.0598 0x1404  BFE - ok
20:33:33.0613 0x1404  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
20:33:33.0707 0x1404  BITS - ok
20:33:33.0707 0x1404  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\drivers\blbdrive.sys
20:33:33.0723 0x1404  blbdrive - ok
20:33:33.0754 0x1404  [ 77C8C32361C4F68D4038D5AFB0460666, 5B79B6A5DCE4A9C547FFBE923C8A1958884DAABD2C3DC087A325C5A81D50AD3B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
20:33:33.0801 0x1404  Bluetooth Device Monitor - ok
20:33:33.0847 0x1404  [ F6CDE2EB9DA7DDCD45AC7DD3570660AE, F652FBC9E3F2EA67978BEC28069FDD38F2EE4959E887966B16D39FCBBB0A8E84 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
20:33:33.0894 0x1404  Bluetooth Media Service - ok
20:33:33.0941 0x1404  [ FB933096A7CFA7BF10EBDF922D1E8CDD, 1D26496B8AAC582E4CD7DE24593D623BB8C858AE467C6F7EA7CA4D6719631571 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
20:33:33.0972 0x1404  Bluetooth OBEX Service - ok
20:33:33.0988 0x1404  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:33:34.0019 0x1404  Bonjour Service - ok
20:33:34.0035 0x1404  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
20:33:34.0050 0x1404  bowser - ok
20:33:34.0050 0x1404  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
20:33:34.0081 0x1404  BrFiltLo - ok
20:33:34.0081 0x1404  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
20:33:34.0113 0x1404  BrFiltUp - ok
20:33:34.0113 0x1404  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\windows\System32\browser.dll
20:33:34.0128 0x1404  Browser - ok
20:33:34.0144 0x1404  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb        C:\windows\system32\DRIVERS\BrSerIb.sys
20:33:34.0159 0x1404  BrSerIb - ok
20:33:34.0175 0x1404  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\windows\System32\Drivers\Brserid.sys
20:33:34.0206 0x1404  Brserid - ok
20:33:34.0206 0x1404  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
20:33:34.0237 0x1404  BrSerWdm - ok
20:33:34.0237 0x1404  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
20:33:34.0253 0x1404  BrUsbMdm - ok
20:33:34.0269 0x1404  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
20:33:34.0284 0x1404  BrUsbSer - ok
20:33:34.0284 0x1404  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\windows\system32\DRIVERS\BrUsbSIb.sys
20:33:34.0300 0x1404  BrUsbSIb - ok
20:33:34.0300 0x1404  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum        C:\windows\system32\DRIVERS\BthEnum.sys
20:33:34.0331 0x1404  BthEnum - ok
20:33:34.0347 0x1404  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
20:33:34.0362 0x1404  BTHMODEM - ok
20:33:34.0378 0x1404  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
20:33:34.0409 0x1404  BthPan - ok
20:33:34.0425 0x1404  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT        C:\windows\system32\Drivers\BTHport.sys
20:33:34.0456 0x1404  BTHPORT - ok
20:33:34.0456 0x1404  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\windows\system32\bthserv.dll
20:33:34.0503 0x1404  bthserv - ok
20:33:34.0503 0x1404  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\system32\Drivers\BTHUSB.sys
20:33:34.0534 0x1404  BTHUSB - ok
20:33:34.0534 0x1404  [ E1D7A39EA2C0A8A480B2D157AAEE981A, 2133ABD68DAB35D29D720710BEBF97D20809CA5CAC4B0F380D328F2A2C779345 ] btmaudio        C:\windows\system32\drivers\btmaud.sys
20:33:34.0549 0x1404  btmaudio - ok
20:33:34.0565 0x1404  [ 947302328B27573F8773900CD8986A45, AA102A35E70CA4860A60B8654BDDC608D72BC97301D7799FEE040CD5D0354D7F ] btmaux          C:\windows\system32\DRIVERS\btmaux.sys
20:33:34.0581 0x1404  btmaux - ok
20:33:34.0627 0x1404  [ D0B50558F46922648D499F970FB38BB2, 74FB6C58DBEBDD1C1CD8333BBE9EA686DD6D4D3007FCAF7D893A6301A6149596 ] btmhsf          C:\windows\system32\DRIVERS\btmhsf.sys
20:33:34.0674 0x1404  btmhsf - ok
20:33:34.0674 0x1404  btmlehid - ok
20:33:34.0674 0x1404  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
20:33:34.0721 0x1404  cdfs - ok
20:33:34.0737 0x1404  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\windows\system32\DRIVERS\cdrom.sys
20:33:34.0752 0x1404  cdrom - ok
20:33:34.0768 0x1404  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\windows\System32\certprop.dll
20:33:34.0799 0x1404  CertPropSvc - ok
20:33:34.0799 0x1404  [ 8010F7A8C5CCD34120542DB3E0A37A14, F44922EEB9EDF527349BFC226B24AF1231EFE5BB1A6D4A4916B086CEB19092C1 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
20:33:35.0049 0x1404  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
20:33:35.0922 0x19b4  Object send P2P result: true
20:33:36.0141 0x0d48  Object send P2P result: true
20:33:36.0141 0x0d48  Object required for P2P: [ 125DFFF37D51A45A72934C3BF89A64CD ] Avira.ServiceHost
20:33:37.0950 0x1404  chip1click ( UnsignedFile.Multi.Generic ) - warning
20:33:39.0073 0x0d48  Object send P2P result: true
20:33:39.0073 0x0d48  Object required for P2P: [ 138A53D17B040F5A3A307D44A89D0905 ] avnetflt
20:33:40.0774 0x1404  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
20:33:40.0805 0x1404  circlass - ok
20:33:40.0821 0x1404  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
20:33:40.0836 0x1404  CLFS - ok
20:33:40.0852 0x1404  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:40.0883 0x1404  clr_optimization_v2.0.50727_32 - ok
20:33:40.0883 0x1404  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:33:40.0914 0x1404  clr_optimization_v2.0.50727_64 - ok
20:33:40.0914 0x1404  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:33:40.0930 0x1404  clr_optimization_v4.0.30319_32 - ok
20:33:40.0945 0x1404  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:33:40.0961 0x1404  clr_optimization_v4.0.30319_64 - ok
20:33:40.0977 0x1404  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\drivers\CmBatt.sys
20:33:40.0992 0x1404  CmBatt - ok
20:33:40.0992 0x1404  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
20:33:41.0023 0x1404  cmdide - ok
20:33:41.0039 0x1404  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG            C:\windows\system32\Drivers\cng.sys
20:33:41.0086 0x1404  CNG - ok
20:33:41.0086 0x1404  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
20:33:41.0101 0x1404  Compbatt - ok
20:33:41.0101 0x1404  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
20:33:41.0133 0x1404  CompositeBus - ok
20:33:41.0148 0x1404  COMSysApp - ok
20:33:41.0179 0x1404  [ 6F69809C4BC6E8905652F2EFA6EEE002, D0D36544F476C2BA37921337080B2B3720160FCCC14AD94C7FB2C0A8BBBFD3A0 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
20:33:41.0273 0x1404  cphs - ok
20:33:41.0289 0x1404  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\windows\system32\drivers\crcdisk.sys
20:33:41.0304 0x1404  crcdisk - ok
20:33:41.0320 0x1404  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll
20:33:41.0335 0x1404  CryptSvc - ok
20:33:41.0351 0x1404  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC            C:\windows\system32\drivers\csc.sys
20:33:41.0398 0x1404  CSC - ok
20:33:41.0413 0x1404  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\windows\System32\cscsvc.dll
20:33:41.0445 0x1404  CscService - ok
20:33:41.0445 0x1404  [ D8B22011684EBD5CB66241FF67F8393F, 75D6D892B285A893D0AAF5415A1B2DD424656661C650239986B47501B4495353 ] CtAgentService  C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
20:33:41.0476 0x1404  CtAgentService - detected UnsignedFile.Multi.Generic ( 1 )
20:33:41.0991 0x0d48  Object send P2P result: true
20:33:44.0767 0x1404  Detect skipped due to KSN trusted
20:33:44.0767 0x1404  CtAgentService - ok
20:33:44.0767 0x1404  [ DF9CFF17918BBD3CB7FDBADDA35AEC06, 5CB2A30DFC432B41BCBF4AF8BB44ACA220DDD4EAB8178C06316605B10F305156 ] DAMDrv          C:\windows\system32\DRIVERS\DAMDrv64.sys
20:33:44.0814 0x1404  DAMDrv - ok
20:33:44.0861 0x1404  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\windows\system32\rpcss.dll
20:33:44.0955 0x1404  DcomLaunch - ok
20:33:44.0986 0x1404  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\windows\System32\defragsvc.dll
20:33:45.0079 0x1404  defragsvc - ok
20:33:45.0079 0x1404  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
20:33:45.0142 0x1404  DfsC - ok
20:33:45.0157 0x1404  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
20:33:45.0189 0x1404  Dhcp - ok
20:33:45.0235 0x1404  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack      C:\windows\system32\diagtrack.dll
20:33:45.0298 0x1404  DiagTrack - ok
20:33:45.0329 0x1404  [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
20:33:45.0376 0x1404  Disc Soft Lite Bus Service - ok
20:33:45.0376 0x1404  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
20:33:45.0407 0x1404  discache - ok
20:33:45.0423 0x1404  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\windows\system32\drivers\disk.sys
20:33:45.0438 0x1404  Disk - ok
20:33:45.0672 0x1404  [ 1758AA81C83CE783497F9F496CA971C4, 5B16D7C975D6ED6EFF8BEC329B501908321227C74061F9B64ADF129995A63464 ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
20:33:45.0953 0x1404  DisplayLinkService - ok
20:33:45.0969 0x1404  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc          C:\windows\system32\drivers\dmvsc.sys
20:33:46.0000 0x1404  dmvsc - ok
20:33:46.0000 0x1404  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
20:33:46.0031 0x1404  Dnscache - ok
20:33:46.0047 0x1404  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\windows\System32\dot3svc.dll
20:33:46.0078 0x1404  dot3svc - ok
20:33:46.0093 0x1404  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4            C:\windows\system32\DRIVERS\Dot4.sys
20:33:46.0109 0x1404  dot4 - ok
20:33:46.0125 0x1404  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print      C:\windows\system32\DRIVERS\Dot4Prt.sys
20:33:46.0140 0x1404  Dot4Print - ok
20:33:46.0140 0x1404  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb        C:\windows\system32\DRIVERS\dot4usb.sys
20:33:46.0171 0x1404  dot4usb - ok
20:33:46.0187 0x1404  [ 0A688835C4F8D4A05F15EE5BCFA2D5B7, 96F5031C70E7BD6B72B6524E97D2E355C5B9820F1FC75C037AC5A6D588352E9F ] DpHost          C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
20:33:46.0218 0x1404  DpHost - ok
20:33:46.0218 0x1404  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\windows\system32\dps.dll
20:33:46.0265 0x1404  DPS - ok
20:33:46.0265 0x1404  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud        C:\windows\system32\drivers\drmkaud.sys
20:33:46.0296 0x1404  drmkaud - ok
20:33:46.0296 0x1404  [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus  C:\windows\system32\DRIVERS\dtlitescsibus.sys
20:33:46.0312 0x1404  dtlitescsibus - ok
20:33:46.0343 0x1404  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl        C:\windows\System32\drivers\dxgkrnl.sys
20:33:46.0374 0x1404  DXGKrnl - ok
20:33:46.0390 0x1404  [ 979BB42743D1E876DEC8FA25D9058F08, 00A1CE265EB2D84D0169E3FB27E6D338B6B45B1C73C12A1DE4C6CA1159ED42D6 ] e1dexpress      C:\windows\system32\DRIVERS\e1d62x64.sys
20:33:46.0421 0x1404  e1dexpress - ok
20:33:46.0421 0x1404  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\windows\System32\eapsvc.dll
20:33:46.0468 0x1404  EapHost - ok
20:33:46.0546 0x1404  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\windows\system32\drivers\evbda.sys
20:33:46.0655 0x1404  ebdrv - ok
20:33:46.0655 0x1404  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS            C:\windows\System32\lsass.exe
20:33:46.0686 0x1404  EFS - ok
20:33:46.0702 0x1404  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\windows\ehome\ehRecvr.exe
20:33:46.0749 0x1404  ehRecvr - ok
20:33:46.0749 0x1404  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\windows\ehome\ehsched.exe
20:33:46.0764 0x1404  ehSched - ok
20:33:46.0780 0x1404  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\windows\system32\drivers\elxstor.sys
20:33:46.0827 0x1404  elxstor - ok
20:33:46.0827 0x1404  [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv        C:\windows\system32\epmntdrv.sys
20:33:46.0858 0x1404  epmntdrv - ok
20:33:46.0858 0x1404  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
20:33:46.0873 0x1404  ErrDev - ok
20:33:46.0889 0x1404  [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv        C:\windows\system32\EuGdiDrv.sys
20:33:46.0905 0x1404  EuGdiDrv - ok
20:33:46.0920 0x1404  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\windows\system32\es.dll
20:33:46.0967 0x1404  EventSystem - ok
20:33:46.0983 0x1404  [ 2761809D0BA8BD0F83463509624FD74A, BF057B1490AB912943772F3FCC97E068F365A15E67E02927E38AB31CC9EAC7D7 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:33:47.0029 0x1404  EvtEng - ok
20:33:47.0029 0x1404  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\windows\system32\drivers\exfat.sys
20:33:47.0076 0x1404  exfat - ok
20:33:47.0092 0x1404  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\windows\system32\drivers\fastfat.sys
20:33:47.0139 0x1404  fastfat - ok
20:33:47.0154 0x1404  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\windows\system32\fxssvc.exe
20:33:47.0201 0x1404  Fax - ok
20:33:47.0201 0x1404  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\windows\system32\drivers\fdc.sys
20:33:47.0217 0x1404  fdc - ok
20:33:47.0232 0x1404  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\windows\system32\fdPHost.dll
20:33:47.0263 0x1404  fdPHost - ok
20:33:47.0263 0x1404  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
20:33:47.0295 0x1404  FDResPub - ok
20:33:47.0310 0x1404  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
20:33:47.0326 0x1404  FileInfo - ok
20:33:47.0326 0x1404  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\windows\system32\drivers\filetrace.sys
20:33:47.0373 0x1404  Filetrace - ok
20:33:47.0388 0x1404  [ A598E027C97AFDF2662BE660C57EFA23, 99E8C0773BE6B93B5675C6708AF8E120BB9A616AD2A77EE899BD8C9B198F3039 ] FLCDLOCK        C:\windows\SysWOW64\flcdlock.exe
20:33:47.0419 0x1404  FLCDLOCK - ok
20:33:47.0419 0x1404  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
20:33:47.0451 0x1404  flpydisk - ok
20:33:47.0451 0x1404  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
20:33:47.0482 0x1404  FltMgr - ok
20:33:47.0513 0x1404  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache      C:\windows\system32\FntCache.dll
20:33:47.0575 0x1404  FontCache - ok
20:33:47.0575 0x1404  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:33:47.0607 0x1404  FontCache3.0.0.0 - ok
20:33:47.0607 0x1404  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\windows\system32\drivers\FsDepends.sys
20:33:47.0622 0x1404  FsDepends - ok
20:33:47.0638 0x1404  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
20:33:47.0653 0x1404  Fs_Rec - ok
20:33:47.0669 0x1404  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
20:33:47.0685 0x1404  fvevol - ok
20:33:47.0685 0x1404  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
20:33:47.0716 0x1404  gagp30kx - ok
20:33:47.0716 0x1404  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\windows\system32\DRIVERS\GEARAspiWDM.sys
20:33:47.0731 0x1404  GEARAspiWDM - ok
20:33:47.0763 0x1404  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\windows\System32\gpsvc.dll
20:33:47.0825 0x1404  gpsvc - ok
20:33:47.0825 0x1404  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
20:33:47.0841 0x1404  hcw85cir - ok
20:33:47.0856 0x1404  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
20:33:47.0887 0x1404  HdAudAddService - ok
20:33:47.0903 0x1404  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
20:33:47.0919 0x1404  HDAudBus - ok
20:33:47.0934 0x1404  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\windows\system32\drivers\HidBatt.sys
20:33:47.0950 0x1404  HidBatt - ok
20:33:47.0950 0x1404  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
20:33:47.0981 0x1404  HidBth - ok
20:33:47.0981 0x1404  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\windows\system32\drivers\hidir.sys
20:33:48.0012 0x1404  HidIr - ok
20:33:48.0012 0x1404  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\windows\system32\hidserv.dll
20:33:48.0043 0x1404  hidserv - ok
20:33:48.0059 0x1404  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
20:33:48.0075 0x1404  HidUsb - ok
20:33:48.0090 0x1404  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
20:33:48.0121 0x1404  hkmsvc - ok
20:33:48.0121 0x1404  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
20:33:48.0153 0x1404  HomeGroupListener - ok
20:33:48.0153 0x1404  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
20:33:48.0184 0x1404  HomeGroupProvider - ok
20:33:48.0199 0x1404  [ 2A48BD9758ADF8509D8D67A594E80ADF, 5E7DB3F25949039EBBF03490AC5A098A2A818417BD8192E49B852EBBB04D75CF ] HP Hotkey Service C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
20:33:48.0231 0x1404  HP Hotkey Service - ok
20:33:48.0246 0x1404  [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:33:48.0262 0x1404  HP Support Assistant Service - ok
20:33:48.0293 0x1404  [ FD9984191B6B2E1A7A175282AE2B4C80, BF1FDA430176221D2EED3E9C9237B5A66DC22E218649BDB75518D19F3E64DD33 ] hpCMSrv        C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
20:33:48.0340 0x1404  hpCMSrv - ok
20:33:48.0355 0x1404  [ 81D3B256EEA1CA79A68FA6BFF88AFB57, B54B96D0646D7554A62FADB22A99E0F8252AF5B16898B5F78495D7AA9FD65D7D ] HpDamServiceHost C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
20:33:48.0371 0x1404  HpDamServiceHost - ok
20:33:48.0371 0x1404  [ 990A8B2705C5D501716921F4BC4CC8BB, EF322D12CE4B8A3C14A7F93B952EE6F5B409BCBACF791B4AEF54C8A5E67E9E0F ] hpdskflt        C:\windows\system32\drivers\hpdskflt.sys
20:33:48.0402 0x1404  hpdskflt - ok
20:33:48.0433 0x1404  [ FB705318D2BB72B286308F496354C11F, B805BCB62CB932B17C671D3BAFC86A87F816F824D1EEEF3E0855BCB53DF5A4EB ] HPFSService    C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
20:33:48.0511 0x1404  HPFSService - ok
20:33:48.0543 0x1404  [ 937B5E3880F5EE5B1D59E8204CD3B556, 1B32EE143BFE2EAB78BDE4B97E709F3137D91916204C351C09E8D697806C7D89 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:33:48.0574 0x1404  hpqwmiex - ok
20:33:48.0589 0x1404  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
20:33:48.0605 0x1404  HpSAMD - ok
20:33:48.0605 0x1404  [ EB68A57F870DC354817C0F23109975C0, A126CFC81B0512C15AE69ECB2E1CBE0E0CB9A7000DBA65D735C3F090738E02A6 ] hpsrv          C:\windows\system32\Hpservice.exe
20:33:48.0636 0x1404  hpsrv - ok
20:33:48.0652 0x1404  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
20:33:48.0683 0x1404  HTTP - ok
20:33:48.0699 0x1404  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
20:33:48.0714 0x1404  hwpolicy - ok
20:33:48.0714 0x1404  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
20:33:48.0745 0x1404  i8042prt - ok
20:33:48.0761 0x1404  [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA        C:\windows\system32\drivers\iaStorA.sys
20:33:48.0792 0x1404  iaStorA - ok
20:33:48.0792 0x1404  [ E4B16F9770B0F04A1841C74368896870, 55A07A24686DEFB53158992F4490371D7BC6378692F353124599C9E653134236 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:33:48.0808 0x1404  IAStorDataMgrSvc - ok
20:33:48.0808 0x1404  [ AB28B4CE85BE2261276ECD3482A0AED9, 0052D158B93F9A5DADD9EFC06FAED27650F104CF79A5BCEDF97AA47D18290756 ] iaStorF        C:\windows\system32\drivers\iaStorF.sys
20:33:48.0823 0x1404  iaStorF - ok
20:33:48.0839 0x1404  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\windows\system32\drivers\iaStorV.sys
20:33:48.0870 0x1404  iaStorV - ok
20:33:48.0870 0x1404  [ 08CFD7BC9F2A6A3B97A2414B374A6318, 5D1FCE74D75593DC20F3542D853D5C80DAB82A7EF892582A29F614A8593D6154 ] iBtSiva        C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
20:33:48.0933 0x1404  iBtSiva - ok
20:33:48.0933 0x1404  [ 1A7330D3248DF74781426F57038F5E35, 53916668A3E2AFC37020130B5AB47A80F3C6F22FA93728A264D7A377E15998DD ] ibtusb          C:\windows\system32\DRIVERS\ibtusb.sys
20:33:48.0964 0x1404  ibtusb - ok
20:33:48.0964 0x1404  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:33:48.0995 0x1404  ICCS - ok
20:33:49.0011 0x1404  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:33:49.0057 0x1404  idsvc - ok
20:33:49.0198 0x1404  [ 74E26184712E2727042D74DE12D42E47, CB1537DE8B421C222AEE8D4F3386EBD18B3251D5DCC98B000568033491B955E4 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
20:33:49.0401 0x1404  igfx - ok
20:33:49.0416 0x1404  [ 9AF7D3407034C2C199A5215530AAC8F4, DDCEEF89F348D0EF8339C4A297E8AC198406062C5F62D6293F37D217E6100539 ] igfxCUIService2.0.0.0 C:\windows\system32\igfxCUIService.exe
20:33:49.0463 0x1404  igfxCUIService2.0.0.0 - ok
20:33:49.0479 0x1404  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\windows\system32\drivers\iirsp.sys
20:33:49.0494 0x1404  iirsp - ok
20:33:49.0510 0x1404  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
20:33:49.0557 0x1404  IKEEXT - ok
20:33:49.0557 0x1404  [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
20:33:49.0572 0x1404  intaud_WaveExtensible - ok
20:33:49.0681 0x1404  [ CED0A902FF810DAB258D732EA6DDD23C, 30A1378F4B8F4B9D04BA9B6767C607BCC68357CC409C4EE555AD35C1DA6881EE ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
20:33:49.0791 0x1404  IntcAzAudAddService - ok
20:33:49.0806 0x1404  [ FA06FD050994E9A42FEDFDC96992C842, 5863D218AB27032C71D5CE1315A5E7D8355316CC1D0B7BB0705E8DE00A8F0DD3 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
20:33:49.0837 0x1404  IntcDAud - ok
20:33:49.0869 0x1404  [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:33:50.0773 0x1404  Intel(R) Capability Licensing Service TCP IP Interface - ok
20:33:50.0773 0x1404  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
20:33:50.0789 0x1404  intelide - ok
20:33:50.0805 0x1404  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\drivers\intelppm.sys
20:33:50.0820 0x1404  intelppm - ok
20:33:50.0836 0x1404  [ 7796E03E2BB3E9F5940F5CB12FC4CC4F, A5B156B76757BF6339A35DE4845F19ECB4AA3F0784D227536F45AE1552F680ED ] IntelUSBoverIP  C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
20:33:50.0883 0x1404  IntelUSBoverIP - ok
20:33:50.0898 0x1404  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\windows\system32\ipbusenum.dll
20:33:50.0929 0x1404  IPBusEnum - ok
20:33:50.0929 0x1404  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
20:33:50.0976 0x1404  IpFilterDriver - ok
20:33:50.0992 0x1404  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
20:33:51.0023 0x1404  iphlpsvc - ok
20:33:51.0023 0x1404  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\windows\system32\drivers\IPMIDrv.sys
20:33:51.0054 0x1404  IPMIDRV - ok
20:33:51.0054 0x1404  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\windows\system32\drivers\ipnat.sys
20:33:51.0101 0x1404  IPNAT - ok
20:33:51.0117 0x1404  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:33:51.0148 0x1404  iPod Service - ok
20:33:51.0148 0x1404  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
20:33:51.0163 0x1404  IRENUM - ok
20:33:51.0179 0x1404  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
20:33:51.0195 0x1404  isapnp - ok
20:33:51.0195 0x1404  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
20:33:51.0226 0x1404  iScsiPrt - ok
20:33:51.0226 0x1404  [ F16094D5FAD9B28B192D94F809895FCD, F9161FEF5A52B1526341DF74AD321DB07C289C9F2E96EFFFF2CE928059D54CA1 ] iusb3hcs        C:\windows\system32\drivers\iusb3hcs.sys
20:33:51.0241 0x1404  iusb3hcs - ok
20:33:51.0257 0x1404  [ 556830DA843946F8E6B7C840F433C39F, BF1F5AAF1D28B6E47E07194840BF3C94823B3DEEEE90AFA909A61BDF795A411C ] iusb3hub        C:\windows\system32\drivers\iusb3hub.sys
20:33:51.0288 0x1404  iusb3hub - ok
20:33:51.0319 0x1404  [ C7C0F48BD5FF95644AF1A7E89F12147B, B0D530159E9ED70A6401DBB56E0A877FF523922B3834E8FACDC8022B6D1DCC26 ] iusb3xhc        C:\windows\system32\drivers\iusb3xhc.sys
20:33:51.0351 0x1404  iusb3xhc - ok
20:33:51.0351 0x1404  [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus          C:\windows\system32\DRIVERS\iwdbus.sys
20:33:51.0366 0x1404  iwdbus - ok
20:33:51.0382 0x1404  [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:33:51.0444 0x1404  jhi_service - ok
20:33:51.0444 0x1404  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
20:33:51.0460 0x1404  kbdclass - ok
20:33:51.0460 0x1404  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
20:33:51.0491 0x1404  kbdhid - ok
20:33:51.0491 0x1404  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso          C:\windows\system32\lsass.exe
20:33:51.0507 0x1404  KeyIso - ok
20:33:51.0507 0x1404  [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
20:33:51.0522 0x1404  KSecDD - ok
20:33:51.0538 0x1404  [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg        C:\windows\system32\Drivers\ksecpkg.sys
20:33:51.0553 0x1404  KSecPkg - ok
20:33:51.0569 0x1404  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\windows\system32\drivers\ksthunk.sys
20:33:51.0600 0x1404  ksthunk - ok
20:33:51.0616 0x1404  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\windows\system32\msdtckrm.dll
20:33:51.0663 0x1404  KtmRm - ok
20:33:51.0678 0x1404  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
20:33:51.0709 0x1404  LanmanServer - ok
20:33:51.0725 0x1404  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:33:51.0756 0x1404  LanmanWorkstation - ok
20:33:51.0772 0x1404  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
20:33:51.0803 0x1404  lltdio - ok
20:33:51.0819 0x1404  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\windows\System32\lltdsvc.dll
20:33:51.0850 0x1404  lltdsvc - ok
20:33:51.0865 0x1404  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\windows\System32\lmhsvc.dll
20:33:51.0897 0x1404  lmhosts - ok
20:33:51.0912 0x1404  [ ED5C8B920F2ACF11A26586B2FA66BF3D, D6F014F0CCAB7EDA38A8CC58F439D2A8CD89195AE84F82E25475CE11CB3883C9 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:33:51.0975 0x1404  LMS - ok
20:33:51.0975 0x1404  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
20:33:51.0990 0x1404  LSI_FC - ok
20:33:52.0006 0x1404  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\windows\system32\drivers\lsi_sas.sys
20:33:52.0021 0x1404  LSI_SAS - ok
20:33:52.0021 0x1404  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
20:33:52.0053 0x1404  LSI_SAS2 - ok
20:33:52.0053 0x1404  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
20:33:52.0084 0x1404  LSI_SCSI - ok
20:33:52.0084 0x1404  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\windows\system32\drivers\luafv.sys
20:33:52.0131 0x1404  luafv - ok
20:33:52.0131 0x1404  [ 701223C663019B62029FAB1A2385EE81, 5CD7559A61954BDABE988FD316E06C4AEB24716C685E0C910B8AB03A1339EFEF ] LUMDriver      C:\windows\system32\drivers\LUMDriver.sys
20:33:52.0162 0x1404  LUMDriver - ok
20:33:52.0162 0x1404  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\windows\system32\Mcx2Svc.dll
20:33:52.0193 0x1404  Mcx2Svc - ok
20:33:52.0209 0x1404  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\windows\system32\drivers\megasas.sys
20:33:52.0224 0x1404  megasas - ok
20:33:52.0240 0x1404  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
20:33:52.0271 0x1404  MegaSR - ok
20:33:52.0271 0x1404  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\windows\system32\drivers\TeeDriverx64.sys
20:33:52.0302 0x1404  MEIx64 - ok
20:33:52.0302 0x1404  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\windows\system32\mmcss.dll
20:33:52.0349 0x1404  MMCSS - ok
20:33:52.0349 0x1404  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\windows\system32\drivers\modem.sys
20:33:52.0396 0x1404  Modem - ok
20:33:52.0396 0x1404  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\windows\system32\DRIVERS\monitor.sys
20:33:52.0411 0x1404  monitor - ok
20:33:52.0427 0x1404  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
20:33:52.0443 0x1404  mouclass - ok
20:33:52.0443 0x1404  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
20:33:52.0474 0x1404  mouhid - ok
20:33:52.0474 0x1404  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
20:33:52.0489 0x1404  mountmgr - ok
20:33:52.0505 0x1404  [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:33:52.0521 0x1404  MozillaMaintenance - ok
20:33:52.0536 0x1404  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
20:33:52.0567 0x1404  MpFilter - ok
20:33:52.0583 0x1404  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
20:33:52.0599 0x1404  mpio - ok
20:33:52.0614 0x1404  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
20:33:52.0645 0x1404  mpsdrv - ok
20:33:52.0677 0x1404  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
20:33:52.0739 0x1404  MpsSvc - ok
20:33:52.0739 0x1404  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
20:33:52.0770 0x1404  MRxDAV - ok
20:33:52.0786 0x1404  [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
20:33:52.0817 0x1404  mrxsmb - ok
20:33:52.0817 0x1404  [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
20:33:52.0848 0x1404  mrxsmb10 - ok
20:33:52.0864 0x1404  [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
20:33:52.0879 0x1404  mrxsmb20 - ok
20:33:52.0879 0x1404  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
20:33:52.0895 0x1404  msahci - ok
20:33:52.0911 0x1404  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\windows\system32\drivers\msdsm.sys
20:33:52.0926 0x1404  msdsm - ok
20:33:52.0942 0x1404  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\windows\System32\msdtc.exe
20:33:52.0957 0x1404  MSDTC - ok
20:33:52.0973 0x1404  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
20:33:53.0004 0x1404  Msfs - ok
20:33:53.0004 0x1404  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\windows\System32\drivers\mshidkmdf.sys
20:33:53.0051 0x1404  mshidkmdf - ok
20:33:53.0051 0x1404  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
20:33:53.0067 0x1404  msisadrv - ok
20:33:53.0082 0x1404  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\windows\system32\iscsiexe.dll
20:33:53.0129 0x1404  MSiSCSI - ok
20:33:53.0129 0x1404  msiserver - ok
20:33:53.0129 0x1404  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\windows\system32\drivers\MSKSSRV.sys
20:33:53.0176 0x1404  MSKSSRV - ok
20:33:53.0176 0x1404  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc        C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:33:53.0191 0x1404  MsMpSvc - ok
20:33:53.0191 0x1404  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
20:33:53.0238 0x1404  MSPCLOCK - ok
20:33:53.0238 0x1404  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\windows\system32\drivers\MSPQM.sys
20:33:53.0269 0x1404  MSPQM - ok
20:33:53.0285 0x1404  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\windows\system32\drivers\MsRPC.sys
20:33:53.0316 0x1404  MsRPC - ok
20:33:53.0316 0x1404  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
20:33:53.0332 0x1404  mssmbios - ok
20:33:53.0347 0x1404  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\windows\system32\drivers\MSTEE.sys
20:33:53.0379 0x1404  MSTEE - ok
20:33:53.0394 0x1404  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
20:33:53.0410 0x1404  MTConfig - ok
20:33:53.0410 0x1404  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\windows\system32\Drivers\mup.sys
20:33:53.0441 0x1404  Mup - ok
20:33:53.0441 0x1404  [ FAA1B47AEADDB64CB9A4D31A894AA8F8, 4FDE81AF3B5C2C6652A14E97BD763275704AA13FF5691002CF1197055E4B039C ] MyWiFiDHCPDNS  C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:33:53.0472 0x1404  MyWiFiDHCPDNS - ok
20:33:53.0488 0x1404  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
20:33:53.0550 0x1404  napagent - ok
20:33:53.0550 0x1404  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\windows\system32\DRIVERS\nwifi.sys
20:33:53.0581 0x1404  NativeWifiP - ok
20:33:53.0613 0x1404  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\windows\system32\drivers\ndis.sys
20:33:53.0644 0x1404  NDIS - ok
20:33:53.0644 0x1404  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\windows\system32\DRIVERS\ndiscap.sys
20:33:53.0691 0x1404  NdisCap - ok
20:33:53.0691 0x1404  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
20:33:53.0737 0x1404  NdisTapi - ok
20:33:53.0737 0x1404  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\windows\system32\DRIVERS\ndisuio.sys
20:33:53.0769 0x1404  Ndisuio - ok
20:33:53.0784 0x1404  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\windows\system32\DRIVERS\ndiswan.sys
20:33:53.0815 0x1404  NdisWan - ok
20:33:53.0831 0x1404  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\windows\system32\drivers\NDProxy.sys
20:33:53.0862 0x1404  NDProxy - ok
20:33:53.0878 0x1404  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\windows\system32\DRIVERS\netbios.sys
20:33:53.0909 0x1404  NetBIOS - ok
20:33:53.0925 0x1404  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\windows\system32\DRIVERS\netbt.sys
20:33:53.0956 0x1404  NetBT - ok
20:33:53.0971 0x1404  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon        C:\windows\system32\lsass.exe
20:33:53.0987 0x1404  Netlogon - ok
20:33:53.0987 0x1404  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
20:33:54.0034 0x1404  Netman - ok
20:33:54.0049 0x1404  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:33:54.0081 0x1404  NetMsmqActivator - ok
20:33:54.0081 0x1404  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:33:54.0096 0x1404  NetPipeActivator - ok
20:33:54.0112 0x1404  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
20:33:54.0159 0x1404  netprofm - ok
20:33:54.0159 0x1404  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:33:54.0174 0x1404  NetTcpActivator - ok
20:33:54.0190 0x1404  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:33:54.0205 0x1404  NetTcpPortSharing - ok
20:33:54.0283 0x1404  [ 87473262743FB71A63E3A506385DA836, 7ABB6650E9BC840AF5342072F78B7802BCF700EB94078A47951D4172124156E2 ] NETwNs64        C:\windows\system32\DRIVERS\Netwsw02.sys
20:33:54.0408 0x1404  NETwNs64 - ok
20:33:54.0408 0x1404  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\windows\system32\drivers\nfrd960.sys
20:33:54.0439 0x1404  nfrd960 - ok
20:33:54.0439 0x1404  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:33:54.0471 0x1404  NisDrv - ok
20:33:54.0486 0x1404  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
20:33:54.0502 0x1404  NisSrv - ok
20:33:54.0517 0x1404  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
20:33:54.0549 0x1404  NlaSvc - ok
20:33:54.0549 0x1404  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
20:33:54.0580 0x1404  Npfs - ok
20:33:54.0595 0x1404  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\windows\system32\nsisvc.dll
20:33:54.0627 0x1404  nsi - ok
20:33:54.0627 0x1404  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
20:33:54.0673 0x1404  nsiproxy - ok
20:33:54.0705 0x1404  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
20:33:54.0783 0x1404  Ntfs - ok
20:33:54.0783 0x1404  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
20:33:54.0814 0x1404  Null - ok
20:33:54.0829 0x1404  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
20:33:54.0845 0x1404  nvraid - ok
20:33:54.0861 0x1404  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
20:33:54.0876 0x1404  nvstor - ok
20:33:54.0876 0x1404  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
20:33:54.0907 0x1404  nv_agp - ok
20:33:54.0907 0x1404  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
20:33:54.0923 0x1404  ohci1394 - ok
20:33:54.0939 0x1404  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
20:33:54.0970 0x1404  p2pimsvc - ok
20:33:54.0970 0x1404  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
20:33:55.0001 0x1404  p2psvc - ok
20:33:55.0001 0x1404  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\windows\system32\drivers\parport.sys
20:33:55.0032 0x1404  Parport - ok
20:33:55.0032 0x1404  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\windows\system32\drivers\partmgr.sys
20:33:55.0063 0x1404  partmgr - ok
20:33:55.0063 0x1404  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll
20:33:55.0079 0x1404  PcaSvc - ok
20:33:55.0095 0x1404  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\windows\system32\drivers\pci.sys
20:33:55.0126 0x1404  pci - ok
20:33:55.0126 0x1404  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
20:33:55.0141 0x1404  pciide - ok
20:33:55.0157 0x1404  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
20:33:55.0173 0x1404  pcmcia - ok
20:33:55.0173 0x1404  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\windows\system32\drivers\pcw.sys
20:33:55.0204 0x1404  pcw - ok
20:33:55.0219 0x1404  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
20:33:55.0266 0x1404  PEAUTH - ok
20:33:55.0297 0x1404  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc    C:\windows\system32\peerdistsvc.dll
20:33:55.0344 0x1404  PeerDistSvc - ok
20:33:55.0360 0x1404  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
20:33:55.0391 0x1404  PerfHost - ok
20:33:55.0422 0x1404  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\windows\system32\pla.dll
20:33:55.0500 0x1404  pla - ok
20:33:55.0516 0x1404  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
20:33:55.0531 0x1404  PlugPlay - ok
20:33:55.0547 0x1404  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\windows\system32\pnrpauto.dll
20:33:55.0563 0x1404  PNRPAutoReg - ok
20:33:55.0563 0x1404  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\windows\system32\pnrpsvc.dll
20:33:55.0594 0x1404  PNRPsvc - ok
20:33:55.0609 0x1404  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\windows\System32\ipsecsvc.dll
20:33:55.0656 0x1404  PolicyAgent - ok
20:33:55.0672 0x1404  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power          C:\windows\system32\umpo.dll
20:33:55.0687 0x1404  Power - ok
20:33:55.0687 0x1404  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
20:33:55.0734 0x1404  PptpMiniport - ok
20:33:55.0734 0x1404  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\windows\system32\drivers\processr.sys
20:33:55.0765 0x1404  Processor - ok
20:33:55.0765 0x1404  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\windows\system32\profsvc.dll
20:33:55.0797 0x1404  ProfSvc - ok
20:33:55.0797 0x1404  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\windows\system32\lsass.exe
20:33:55.0812 0x1404  ProtectedStorage - ok
20:33:55.0812 0x1404  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
20:33:55.0859 0x1404  Psched - ok
20:33:55.0890 0x1404  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
20:33:55.0953 0x1404  ql2300 - ok
20:33:55.0968 0x1404  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
20:33:55.0984 0x1404  ql40xx - ok
20:33:55.0999 0x1404  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\windows\system32\qwave.dll
20:33:56.0015 0x1404  QWAVE - ok
20:33:56.0031 0x1404  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
20:33:56.0046 0x1404  QWAVEdrv - ok
20:33:56.0046 0x1404  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
20:33:56.0093 0x1404  RasAcd - ok
20:33:56.0093 0x1404  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\windows\system32\DRIVERS\AgileVpn.sys
20:33:56.0140 0x1404  RasAgileVpn - ok
20:33:56.0140 0x1404  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\windows\System32\rasauto.dll
20:33:56.0171 0x1404  RasAuto - ok
20:33:56.0187 0x1404  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\windows\system32\DRIVERS\rasl2tp.sys
20:33:56.0233 0x1404  Rasl2tp - ok
20:33:56.0233 0x1404  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
20:33:56.0280 0x1404  RasMan - ok
20:33:56.0280 0x1404  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
20:33:56.0327 0x1404  RasPppoe - ok
20:33:56.0327 0x1404  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\windows\system32\DRIVERS\rassstp.sys
20:33:56.0389 0x1404  RasSstp - ok
20:33:56.0405 0x1404  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\windows\system32\DRIVERS\rdbss.sys
20:33:56.0452 0x1404  rdbss - ok
20:33:56.0452 0x1404  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
20:33:56.0483 0x1404  rdpbus - ok
20:33:56.0483 0x1404  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
20:33:56.0514 0x1404  RDPCDD - ok
20:33:56.0530 0x1404  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR          C:\windows\system32\drivers\rdpdr.sys
20:33:56.0545 0x1404  RDPDR - ok
20:33:56.0561 0x1404  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
20:33:56.0592 0x1404  RDPENCDD - ok
20:33:56.0592 0x1404  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
20:33:56.0639 0x1404  RDPREFMP - ok
20:33:56.0639 0x1404  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
20:33:56.0670 0x1404  RdpVideoMiniport - ok
20:33:56.0686 0x1404  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\windows\system32\drivers\RDPWD.sys
20:33:56.0701 0x1404  RDPWD - ok
20:33:56.0717 0x1404  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
20:33:56.0733 0x1404  rdyboost - ok
20:33:56.0748 0x1404  [ B16782353A0FF62FF4E92145FC9FEDDA, 45E28A34CD115574C8E315EB51F33DD88E3DB178736294036C8B00C3386158A7 ] RegSrvc        C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:33:56.0764 0x1404  RegSrvc - ok
20:33:56.0764 0x1404  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
20:33:56.0811 0x1404  RemoteAccess - ok
20:33:56.0811 0x1404  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
20:33:56.0857 0x1404  RemoteRegistry - ok
20:33:56.0873 0x1404  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
20:33:56.0889 0x1404  RFCOMM - ok
20:33:56.0904 0x1404  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
20:33:56.0935 0x1404  RpcEptMapper - ok
20:33:56.0935 0x1404  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
20:33:56.0951 0x1404  RpcLocator - ok
20:33:56.0967 0x1404  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs          C:\windows\system32\rpcss.dll
20:33:56.0998 0x1404  RpcSs - ok
20:33:57.0013 0x1404  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
20:33:57.0045 0x1404  rspndr - ok
20:33:57.0060 0x1404  [ E8384111FDD1FC2D39FD114A50F79A84, AB8BC4251C2B1AFF3B890001CB9EAB905659EA0BEFEFB1F2126E10748196496D ] RSUSBSTOR      C:\windows\System32\Drivers\RtsUStor.sys
20:33:57.0091 0x1404  RSUSBSTOR - ok
20:33:57.0091 0x1404  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\windows\System32\Drivers\RtsUVStor.sys
20:33:57.0123 0x1404  RSUSBVSTOR - ok
20:33:57.0138 0x1404  [ B85642BE0761159B63CFFC137384E17F, ACB04AC581EE475543AEA3003E3643DC2A007C4D3F1831C120F1D07BDAFF2FA4 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:33:57.0169 0x1404  RtkAudioService - ok
20:33:57.0169 0x1404  [ 1C4B1188E9329CA82EE89CDBC70C8BEF, A086896C3058377CEE1A5BC1BFF11B02A33CCBD3C7CD42B7B17E05CE155E5D4D ] RTSPER          C:\windows\system32\DRIVERS\RtsPer.sys
20:33:57.0201 0x1404  RTSPER - ok
20:33:57.0279 0x1404  [ CA58B86268A2634FE10FDC889A39AF1E, 6F9FFE79289DAEA85D3954ABFB06B772503D4C3A3A941F098F3B30BA03764F30 ] rtsuvc          C:\windows\system32\DRIVERS\rtsuvc.sys
20:33:57.0372 0x1404  rtsuvc - ok
20:33:57.0372 0x1404  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap          C:\windows\system32\drivers\vms3cap.sys
20:33:57.0388 0x1404  s3cap - ok
20:33:57.0403 0x1404  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs          C:\windows\system32\lsass.exe
20:33:57.0419 0x1404  SamSs - ok
20:33:57.0419 0x1404  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
20:33:57.0435 0x1404  sbp2port - ok
20:33:57.0450 0x1404  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
20:33:57.0481 0x1404  SCardSvr - ok
20:33:57.0497 0x1404  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
20:33:57.0528 0x1404  scfilter - ok
20:33:57.0559 0x1404  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\windows\system32\schedsvc.dll
20:33:57.0606 0x1404  Schedule - ok
20:33:57.0622 0x1404  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\windows\System32\certprop.dll
20:33:57.0653 0x1404  SCPolicySvc - ok
20:33:57.0669 0x1404  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
20:33:57.0684 0x1404  SDRSVC - ok
20:33:57.0684 0x1404  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
20:33:57.0715 0x1404  secdrv - ok
20:33:57.0715 0x1404  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\windows\system32\seclogon.dll
20:33:57.0747 0x1404  seclogon - ok
20:33:57.0747 0x1404  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
20:33:57.0793 0x1404  SENS - ok
20:33:57.0793 0x1404  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
20:33:57.0809 0x1404  SensrSvc - ok
20:33:57.0809 0x1404  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\windows\system32\drivers\serenum.sys
20:33:57.0825 0x1404  Serenum - ok
20:33:57.0840 0x1404  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
20:33:57.0856 0x1404  Serial - ok
20:33:57.0856 0x1404  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
20:33:57.0871 0x1404  sermouse - ok
20:33:57.0887 0x1404  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
20:33:57.0918 0x1404  SessionEnv - ok
20:33:57.0934 0x1404  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\windows\system32\drivers\sffdisk.sys
20:33:57.0949 0x1404  sffdisk - ok
20:33:57.0949 0x1404  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
20:33:57.0981 0x1404  sffp_mmc - ok
20:33:57.0981 0x1404  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\windows\system32\drivers\sffp_sd.sys
20:33:57.0996 0x1404  sffp_sd - ok
20:33:57.0996 0x1404  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\windows\system32\drivers\sfloppy.sys
20:33:58.0012 0x1404  sfloppy - ok
20:33:58.0027 0x1404  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
20:33:58.0074 0x1404  SharedAccess - ok
20:33:58.0090 0x1404  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:33:58.0137 0x1404  ShellHWDetection - ok
20:33:58.0137 0x1404  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
20:33:58.0152 0x1404  SiSRaid2 - ok
20:33:58.0152 0x1404  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
20:33:58.0183 0x1404  SiSRaid4 - ok
20:33:58.0183 0x1404  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
20:33:58.0230 0x1404  SkypeUpdate - ok
20:33:58.0230 0x1404  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\windows\system32\DRIVERS\smb.sys
20:33:58.0261 0x1404  Smb - ok
20:33:58.0261 0x1404  [ F457434FA3D1E4C10AC27E1DA2BDD36A, B9666F7722A145B50C6BCCF176FB0F4CE96BF6C4D85A623A0904F1861E88CB5E ] SmbDrv          C:\windows\system32\drivers\Smb_driver_AMDASF.sys
20:33:58.0293 0x1404  SmbDrv - ok
20:33:58.0293 0x1404  [ 1DCFC828177375856E8830C45EFFA3D2, 8967559FB816B2E41BAAF388DCC711B2394FAD5D387BA0F1FA1AAE611D248D43 ] SmbDrvI        C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
20:33:58.0324 0x1404  SmbDrvI - ok
20:33:58.0324 0x1404  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
20:33:58.0339 0x1404  SNMPTRAP - ok
20:33:58.0355 0x1404  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\windows\system32\drivers\spldr.sys
20:33:58.0371 0x1404  spldr - ok
20:33:58.0386 0x1404  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\windows\System32\spoolsv.exe
20:33:58.0417 0x1404  Spooler - ok
20:33:58.0495 0x1404  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
20:33:58.0620 0x1404  sppsvc - ok
20:33:58.0620 0x1404  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\windows\system32\sppuinotify.dll
20:33:58.0667 0x1404  sppuinotify - ok
20:33:58.0683 0x1404  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\windows\system32\DRIVERS\srv.sys
20:33:58.0714 0x1404  srv - ok
20:33:58.0729 0x1404  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
20:33:58.0761 0x1404  srv2 - ok
20:33:58.0776 0x1404  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
20:33:58.0792 0x1404  srvnet - ok
20:33:58.0807 0x1404  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\windows\System32\ssdpsrv.dll
20:33:58.0854 0x1404  SSDPSRV - ok
20:33:58.0854 0x1404  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\windows\system32\sstpsvc.dll
20:33:58.0885 0x1404  SstpSvc - ok
20:33:58.0901 0x1404  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
20:33:58.0917 0x1404  stexstor - ok
20:33:58.0917 0x1404  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
20:33:58.0932 0x1404  StillCam - ok
20:33:58.0948 0x1404  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
20:33:58.0995 0x1404  stisvc - ok
20:33:58.0995 0x1404  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt        C:\windows\system32\drivers\vmstorfl.sys
20:33:59.0010 0x1404  storflt - ok
20:33:59.0010 0x1404  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc        C:\windows\system32\storsvc.dll
20:33:59.0026 0x1404  StorSvc - ok
20:33:59.0041 0x1404  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc        C:\windows\system32\drivers\storvsc.sys
20:33:59.0057 0x1404  storvsc - ok
20:33:59.0057 0x1404  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
20:33:59.0073 0x1404  swenum - ok
20:33:59.0088 0x1404  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\windows\System32\swprv.dll
20:33:59.0151 0x1404  swprv - ok
20:33:59.0166 0x1404  [ 0D0571F9CFCCC3D662489744EE9E3202, CAB43E2A40E60C5D2608D0A9B676C404E3B36F23675D8F0768CC6652970BAE0C ] SynTP          C:\windows\system32\DRIVERS\SynTP.sys
20:33:59.0182 0x1404  SynTP - ok
20:33:59.0229 0x1404  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain        C:\windows\system32\sysmain.dll
20:33:59.0291 0x1404  SysMain - ok
20:33:59.0307 0x1404  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
20:33:59.0322 0x1404  TabletInputService - ok
20:33:59.0338 0x1404  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\windows\System32\tapisrv.dll
20:33:59.0385 0x1404  TapiSrv - ok
20:33:59.0416 0x1404  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\windows\system32\drivers\tcpip.sys
20:33:59.0494 0x1404  Tcpip - ok
20:33:59.0541 0x1404  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
20:33:59.0587 0x1404  TCPIP6 - ok
20:33:59.0603 0x1404  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
20:33:59.0619 0x1404  tcpipreg - ok
20:33:59.0634 0x1404  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
20:33:59.0650 0x1404  TDPIPE - ok
20:33:59.0650 0x1404  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\windows\system32\drivers\tdtcp.sys
20:33:59.0681 0x1404  TDTCP - ok
20:33:59.0681 0x1404  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx            C:\windows\system32\DRIVERS\tdx.sys
20:33:59.0712 0x1404  tdx - ok
20:33:59.0712 0x1404  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
20:33:59.0728 0x1404  TermDD - ok
20:33:59.0759 0x1404  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\windows\System32\termsrv.dll
20:33:59.0790 0x1404  TermService - ok
20:33:59.0790 0x1404  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
20:33:59.0821 0x1404  Themes - ok
20:33:59.0821 0x1404  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\windows\system32\mmcss.dll
20:33:59.0853 0x1404  THREADORDER - ok
20:33:59.0868 0x1404  [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM            C:\windows\system32\drivers\tpm.sys
20:33:59.0884 0x1404  TPM - ok
20:33:59.0899 0x1404  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
20:33:59.0931 0x1404  TrkWks - ok
20:33:59.0946 0x1404  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:33:59.0977 0x1404  TrustedInstaller - ok
20:33:59.0993 0x1404  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
20:34:00.0024 0x1404  tssecsrv - ok
20:34:00.0024 0x1404  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
20:34:00.0055 0x1404  TsUsbFlt - ok
20:34:00.0055 0x1404  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD        C:\windows\system32\drivers\TsUsbGD.sys
20:34:00.0071 0x1404  TsUsbGD - ok
20:34:00.0087 0x1404  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
20:34:00.0118 0x1404  tunnel - ok
20:34:00.0118 0x1404  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
20:34:00.0149 0x1404  uagp35 - ok
20:34:00.0149 0x1404  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
20:34:00.0196 0x1404  udfs - ok
20:34:00.0211 0x1404  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\windows\system32\UI0Detect.exe
20:34:00.0227 0x1404  UI0Detect - ok
20:34:00.0243 0x1404  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
20:34:00.0258 0x1404  uliagpkx - ok
20:34:00.0258 0x1404  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\windows\system32\DRIVERS\umbus.sys
20:34:00.0289 0x1404  umbus - ok
20:34:00.0289 0x1404  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
20:34:00.0305 0x1404  UmPass - ok
20:34:00.0321 0x1404  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\windows\System32\umrdp.dll
20:34:00.0336 0x1404  UmRdpService - ok
20:34:00.0352 0x1404  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
20:34:00.0399 0x1404  upnphost - ok
20:34:00.0399 0x1404  [ FF487F426CF073CB6553D9F1BB14A19D, FB010E9921AF00C51D9712B23F4EA1C37AF7F44769942C990EFFE78E13907C90 ] usb3Hub        C:\windows\system32\DRIVERS\usb3Hub.sys
20:34:00.0430 0x1404  usb3Hub - ok
20:34:00.0430 0x1404  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64      C:\windows\system32\Drivers\usbaapl64.sys
20:34:00.0477 0x1404  USBAAPL64 - ok
20:34:00.0477 0x1404  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\windows\system32\DRIVERS\usbccgp.sys
20:34:00.0508 0x1404  usbccgp - ok
20:34:00.0508 0x1404  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
20:34:00.0539 0x1404  usbcir - ok
20:34:00.0539 0x1404  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\windows\system32\DRIVERS\usbehci.sys
20:34:00.0570 0x1404  usbehci - ok
20:34:00.0570 0x1404  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\drivers\usbhub.sys
20:34:00.0601 0x1404  usbhub - ok
20:34:00.0601 0x1404  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\windows\system32\drivers\usbohci.sys
20:34:00.0617 0x1404  usbohci - ok
20:34:00.0633 0x1404  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
20:34:00.0648 0x1404  usbprint - ok
20:34:00.0664 0x1404  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan        C:\windows\system32\DRIVERS\usbscan.sys
20:34:00.0679 0x1404  usbscan - ok
20:34:00.0679 0x1404  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR        C:\windows\system32\DRIVERS\USBSTOR.SYS
20:34:00.0711 0x1404  USBSTOR - ok
20:34:00.0726 0x1404  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\windows\system32\drivers\usbuhci.sys
20:34:00.0742 0x1404  usbuhci - ok
20:34:00.0742 0x1404  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
20:34:00.0773 0x1404  usbvideo - ok
20:34:00.0789 0x1404  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\windows\System32\uxsms.dll
20:34:00.0820 0x1404  UxSms - ok
20:34:00.0835 0x1404  [ 90DE4F1F0742E75B227870F0FC8D714F, B9EB074C12FB845B7289EB3A7864184E0D343FDC456ED8F529D0EFEE75D5AEC7 ] valWBFPolicyService C:\windows\system32\valWBFPolicyService.exe
20:34:00.0851 0x1404  valWBFPolicyService - ok
20:34:00.0867 0x1404  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc        C:\windows\system32\lsass.exe
20:34:00.0882 0x1404  VaultSvc - ok
20:34:00.0945 0x1404  [ 2A4070AF8A1674161905D8D0264423DC, 5EDC8C4F7E39CDE28EA00C0A9C0F56D1D65A23BADCE7151F0106AA8075405AD1 ] vcsFPService    C:\windows\system32\vcsFPService.exe
20:34:01.0054 0x1404  vcsFPService - ok
20:34:01.0054 0x1404  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
20:34:01.0069 0x1404  vdrvroot - ok
20:34:01.0085 0x1404  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\windows\System32\vds.exe
20:34:01.0147 0x1404  vds - ok
20:34:01.0147 0x1404  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\windows\system32\DRIVERS\vgapnp.sys
20:34:01.0163 0x1404  vga - ok
20:34:01.0179 0x1404  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\windows\System32\drivers\vga.sys
20:34:01.0210 0x1404  VgaSave - ok
20:34:01.0210 0x1404  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\windows\system32\drivers\vhdmp.sys
20:34:01.0241 0x1404  vhdmp - ok
20:34:01.0241 0x1404  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
20:34:01.0257 0x1404  viaide - ok
20:34:01.0272 0x1404  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus          C:\windows\system32\drivers\vmbus.sys
20:34:01.0303 0x1404  vmbus - ok
20:34:01.0303 0x1404  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\windows\system32\drivers\VMBusHID.sys
20:34:01.0319 0x1404  VMBusHID - ok
20:34:01.0319 0x1404  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
20:34:01.0350 0x1404  volmgr - ok
20:34:01.0350 0x1404  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\windows\system32\drivers\volmgrx.sys
20:34:01.0381 0x1404  volmgrx - ok
20:34:01.0381 0x1404  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap        C:\windows\system32\drivers\volsnap.sys
20:34:01.0413 0x1404  volsnap - ok
20:34:01.0428 0x1404  [ 7B06BD62D6CFD065B94BE40F4634B130, 3F327911FDA5C7D0FA7FA6F2C732D824D605422CBDC183BAE34DEBA962D424D1 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
20:34:01.0475 0x1404  vpnagent - ok
20:34:01.0491 0x1404  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva          C:\windows\system32\DRIVERS\vpnva64-6.sys
20:34:01.0506 0x1404  vpnva - ok
20:34:01.0522 0x1404  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\windows\system32\drivers\vsmraid.sys
20:34:01.0553 0x1404  vsmraid - ok
20:34:01.0600 0x1404  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\windows\system32\vssvc.exe
20:34:01.0662 0x1404  VSS - ok
20:34:01.0678 0x1404  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
20:34:01.0693 0x1404  vwifibus - ok
20:34:01.0693 0x1404  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
20:34:01.0725 0x1404  vwififlt - ok
20:34:01.0725 0x1404  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp        C:\windows\system32\DRIVERS\vwifimp.sys
20:34:01.0756 0x1404  vwifimp - ok
20:34:01.0756 0x1404  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\windows\system32\w32time.dll
20:34:01.0803 0x1404  W32Time - ok
20:34:01.0818 0x1404  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
20:34:01.0834 0x1404  WacomPen - ok
20:34:01.0849 0x1404  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
20:34:01.0881 0x1404  WANARP - ok
20:34:01.0881 0x1404  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
20:34:01.0927 0x1404  Wanarpv6 - ok
20:34:01.0959 0x1404  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ]
.....

c.yossarian 18.05.2016 19:44
TEIL 2:

Code:
WatAdminSvc    C:\windows\system32\Wat\WatAdminSvc.exe
20:34:02.0021 0x1404  WatAdminSvc - ok
20:34:02.0052 0x1404  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
20:34:02.0115 0x1404  wbengine - ok
20:34:02.0115 0x1404  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
20:34:02.0146 0x1404  WbioSrvc - ok
20:34:02.0146 0x1404  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\windows\System32\wcncsvc.dll
20:34:02.0177 0x1404  wcncsvc - ok
20:34:02.0193 0x1404  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:34:02.0208 0x1404  WcsPlugInService - ok
20:34:02.0208 0x1404  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
20:34:02.0224 0x1404  Wd - ok
20:34:02.0255 0x1404  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
20:34:02.0286 0x1404  Wdf01000 - ok
20:34:02.0286 0x1404  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
20:34:02.0302 0x1404  WdiServiceHost - ok
20:34:02.0317 0x1404  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\windows\system32\wdi.dll
20:34:02.0333 0x1404  WdiSystemHost - ok
20:34:02.0349 0x1404  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient      C:\windows\System32\webclnt.dll
20:34:02.0380 0x1404  WebClient - ok
20:34:02.0380 0x1404  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
20:34:02.0427 0x1404  Wecsvc - ok
20:34:02.0442 0x1404  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\windows\System32\wercplsupport.dll
20:34:02.0489 0x1404  wercplsupport - ok
20:34:02.0489 0x1404  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
20:34:02.0536 0x1404  WerSvc - ok
20:34:02.0551 0x1404  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
20:34:02.0598 0x1404  WfpLwf - ok
20:34:02.0598 0x1404  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
20:34:02.0614 0x1404  WIMMount - ok
20:34:02.0614 0x1404  WinDefend - ok
20:34:02.0629 0x1404  WinHttpAutoProxySvc - ok
20:34:02.0645 0x1404  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\windows\system32\wbem\WMIsvc.dll
20:34:02.0692 0x1404  Winmgmt - ok
20:34:02.0754 0x1404  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\windows\system32\WsmSvc.dll
20:34:02.0817 0x1404  WinRM - ok
20:34:02.0832 0x1404  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\windows\system32\DRIVERS\WinUsb.sys
20:34:02.0848 0x1404  WinUSB - ok
20:34:02.0879 0x1404  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\windows\System32\wlansvc.dll
20:34:02.0926 0x1404  Wlansvc - ok
20:34:02.0926 0x1404  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\windows\system32\drivers\wmiacpi.sys
20:34:02.0957 0x1404  WmiAcpi - ok
20:34:02.0957 0x1404  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
20:34:02.0988 0x1404  wmiApSrv - ok
20:34:02.0988 0x1404  WMPNetworkSvc - ok
20:34:03.0004 0x1404  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
20:34:03.0019 0x1404  WPCSvc - ok
20:34:03.0019 0x1404  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
20:34:03.0051 0x1404  WPDBusEnum - ok
20:34:03.0051 0x1404  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\windows\system32\drivers\ws2ifsl.sys
20:34:03.0097 0x1404  ws2ifsl - ok
20:34:03.0113 0x1a84  Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
20:34:03.0113 0x1404  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
20:34:03.0144 0x1404  wscsvc - ok
20:34:03.0160 0x1404  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys
20:34:03.0175 0x1404  WSDPrintDevice - ok
20:34:03.0191 0x1404  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan        C:\windows\system32\DRIVERS\WSDScan.sys
20:34:03.0207 0x1404  WSDScan - ok
20:34:03.0207 0x1404  WSearch - ok
20:34:03.0285 0x1404  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\windows\system32\wuaueng.dll
20:34:03.0363 0x1404  wuauserv - ok
20:34:03.0378 0x1404  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
20:34:03.0394 0x1404  WudfPf - ok
20:34:03.0409 0x1404  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
20:34:03.0441 0x1404  WUDFRd - ok
20:34:03.0441 0x1404  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\windows\System32\WUDFSvc.dll
20:34:03.0472 0x1404  wudfsvc - ok
20:34:03.0472 0x1404  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\windows\System32\wwansvc.dll
20:34:03.0503 0x1404  WwanSvc - ok
20:34:03.0597 0x1404  [ DFE071BEAA1AC65D49ECBEFC15B73D30, 510AD2507FAEFFBB6FD229484070D4DC704EFA3931EFBA5BE9115E699438F530 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:34:03.0706 0x1404  ZeroConfigService - ok
20:34:03.0737 0x1404  ================ Scan global ===============================
20:34:03.0737 0x1404  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
20:34:03.0753 0x1404  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\windows\system32\winsrv.dll
20:34:03.0784 0x1404  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\windows\system32\winsrv.dll
20:34:03.0799 0x1404  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
20:34:03.0815 0x1404  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
20:34:03.0815 0x1404  [ Global ] - ok
20:34:03.0815 0x1404  ================ Scan MBR ==================================
20:34:03.0831 0x1404  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:34:04.0907 0x1404  \Device\Harddisk0\DR0 - ok
20:34:04.0907 0x1404  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:34:04.0985 0x1404  \Device\Harddisk1\DR1 - ok
20:34:04.0985 0x1404  ================ Scan VBR ==================================
20:34:04.0985 0x1404  [ 6F1F0081CE943F46C3EB31437F0DD08D ] \Device\Harddisk0\DR0\Partition1
20:34:04.0985 0x1404  \Device\Harddisk0\DR0\Partition1 - ok
20:34:05.0001 0x1404  [ 8F2CCD6CBEF24D7EF077D91133862A0B ] \Device\Harddisk1\DR1\Partition1
20:34:05.0001 0x1404  \Device\Harddisk1\DR1\Partition1 - ok
20:34:05.0001 0x1404  [ E156E91A410C51D614A16EFA6762EF33 ] \Device\Harddisk1\DR1\Partition2
20:34:05.0001 0x1404  \Device\Harddisk1\DR1\Partition2 - ok
20:34:05.0016 0x1404  [ BD3E0DDC2930C85909705F42FFE884F5 ] \Device\Harddisk1\DR1\Partition3
20:34:05.0016 0x1404  \Device\Harddisk1\DR1\Partition3 - ok
20:34:05.0016 0x1404  [ D0B9C3B9FBCA927479D13B370C07F376 ] \Device\Harddisk1\DR1\Partition4
20:34:05.0016 0x1404  \Device\Harddisk1\DR1\Partition4 - ok
20:34:05.0016 0x1404  ================ Scan generic autorun ======================
20:34:05.0032 0x1404  [ 7C17C957880958754F70963E3C8EABBD, F933F2AD913811DE5C1340CB7E76E53F6F3A2AE27943B6AAE0A1A250DA70B439 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:34:05.0094 0x1404  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
20:34:06.0030 0x1a84  Object send P2P result: true
20:34:06.0030 0x1a84  Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
20:34:08.0027 0x1404  Detect skipped due to KSN trusted
20:34:08.0027 0x1404  IAStorIcon - ok
20:34:08.0167 0x1404  [ 0A2ED726A7EF486C21C1DB83C8B7CDB1, 95EA4F5A03FFE73C43C402358E3B3186E4BFED78C3BC71C486E918BFEA0C23AD ] C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe
20:34:08.0370 0x1404  Remote Control Server - detected UnsignedFile.Multi.Generic ( 1 )
20:34:08.0963 0x1a84  Object send P2P result: true
20:34:11.0693 0x1404  Detect skipped due to KSN trusted
20:34:11.0693 0x1404  Remote Control Server - ok
20:34:11.0740 0x1404  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] C:\Program Files\Microsoft Security Client\msseces.exe
20:34:11.0802 0x1404  MSC - ok
20:34:11.0802 0x1404  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
20:34:11.0818 0x1404  iTunesHelper - ok
20:34:11.0818 0x1404  SynTPEnh - ok
20:34:11.0989 0x1404  [ C3E586CEC67E041E3F40638C1AFE9CE8, 4D8D0E06210BA07552BA98B7DFD62842A4102C0C1B40B5A7B74947716ED7C4E0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:34:12.0192 0x1404  RTHDVCPL - ok
20:34:12.0192 0x1404  BTMTrayAgent - ok
20:34:12.0208 0x1404  [ 854AE1687E2DD764023B5153AADC9529, 6ACC9A40A0E93EC9276D1CCD77A531DA4156BF6F797770E647018587C50DD0F8 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
20:34:12.0223 0x1404  USB3MON - ok
20:34:12.0270 0x1404  [ BBC22DD837C07EF330A9F73E7841D52F, B53E78FE624F74360B1BC84DF3EECCC5A4113DB38115356E27B41047A627CB69 ] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
20:34:12.0348 0x1404  HP File Sanitizer - ok
20:34:12.0348 0x1404  YouCam Mirage - ok
20:34:12.0348 0x1404  [ EDD0CDA1CBFC2A1C8A0673145C4B7F53, 6C008F52E314772FDF9A023858EDDEF10995CEA15BB5DF9BDB534D10A771D186 ] c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
20:34:12.0364 0x1404  YouCam Tray - ok
20:34:12.0379 0x1404  [ 1DF3DCE54EDF5E85D15BA381ED98FAC3, 91CDEC8ADD48A40AB4D4E49B5AF0CEB01AA7A063B6C2103E16038D46C417868F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
20:34:12.0442 0x1404  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
20:34:15.0780 0x1404  Detect skipped due to KSN trusted
20:34:15.0780 0x1404  ControlCenter4 - ok
20:34:15.0874 0x1404  [ 3ADAEB3EEF3EEDD48B120D6F32CFF595, 96DA6921AE69934A7DA6EF91D0725749262A0A65E9C3CB72FE1BCA60B0F0F045 ] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
20:34:16.0061 0x1404  EaseUS EPM tray - ok
20:34:16.0077 0x1404  [ 62634246BADBB538F78309510CAAEFDA, 74AEF5CA769BF72AC64D22A5C8CFA84438DD7611011987D10DFD81D447B65F5D ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
20:34:16.0092 0x1404  Avira SystrayStartTrigger - ok
20:34:16.0108 0x1404  [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
20:34:16.0186 0x1404  avgnt - ok
20:34:16.0186 0x1404  [ C5FE188ED572E1E133AED87258BF70BC, 4557C1E202DC8F644FC80D8848EC59202C757E5EF857F24A33DD872DF678E17D ] C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
20:34:16.0217 0x1404  QLBController - ok
20:34:16.0217 0x1404  [ F4BC46AD4FC1F2F3372EBF8505D00436, 94F752406AC4968A917691A2E2A09C2EBAAA24E549E3BC0F5F256A8233DF86D5 ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
20:34:16.0233 0x1404  AccelerometerSysTrayApplet - ok
20:34:16.0248 0x1404  [ 6DDE7441D30088B7E606C53BF5D16F7C, 8A5A50676AF5F7577E2460016F91F8D37E69A0F940A4DB7DF8BEA7B427457D19 ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
20:34:16.0264 0x1404  HPConnectionManager - ok
20:34:16.0295 0x1404  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:34:16.0373 0x1404  Sidebar - ok
20:34:16.0373 0x1404  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:34:16.0404 0x1404  mctadmin - ok
20:34:16.0435 0x1404  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:34:16.0482 0x1404  Sidebar - ok
20:34:16.0482 0x1404  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:34:16.0498 0x1404  mctadmin - ok
20:34:16.0607 0x1404  [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
20:34:16.0732 0x1404  DAEMON Tools Lite Automount - ok
20:34:16.0732 0x1404  Waiting for KSN requests completion. In queue: 17
20:34:17.0746 0x1404  Waiting for KSN requests completion. In queue: 17
20:34:18.0760 0x1404  Waiting for KSN requests completion. In queue: 17
20:34:19.0774 0x1404  Waiting for KSN requests completion. In queue: 17
20:34:20.0913 0x1404  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
20:34:20.0928 0x1404  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
20:34:20.0944 0x1404  Win FW state via NFP2: enabled ( trusted )
20:34:23.0783 0x1404 
===
20:34:23.0783 0x1404  Scan finished
20:34:23.0783 0x1404 
===
20:34:23.0799 0x176c  Detected object count: 2
20:34:23.0799 0x176c  Actual detected object count: 2
20:34:53.0720 0x176c  BBDemon ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:53.0720 0x176c  BBDemon ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:34:53.0735 0x176c  chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
20:34:53.0735 0x176c  chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:35:43.0062 0x1c08 
===

M-K-D-B 19.05.2016 14:23
Servus,


die "Funde" von TDSS-Killer sind nicht immer schädlich.




Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

M-K-D-B 22.05.2016 13:10
Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

c.yossarian 23.05.2016 12:11
Hallo!

Tut mir Leid, ich war übers Wochenende nicht da und konnte nicht zum Computer..

Das mbar-Tool hat nichts gefunden.

unten ist das Logfile.

Liebe Grüße!

Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.05.22.02
  rootkit: v2016.05.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.17609
Pako :: PAKO-HP840 [administrator]

22.05.2016 12:39:10
mbar-log-2016-05-22 (12-39-10).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 304740
Time elapsed: 11 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

M-K-D-B 23.05.2016 13:52
Servus,




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

c.yossarian 24.05.2016 11:57
Grüß dich,

es folgen die Logdateien in chronischer Reihenfolge.
Es hat nur der AdwCleaner einige Registry Dateien glöscht, sonst wurde glaub ich nichts gefunden.

Vielen lieben Dank,
Pako

AdwCleaner:
Code:
# AdwCleaner v5.117 - Bericht erstellt am 24/05/2016 um 12:20:37
# Aktualisiert am 15/05/2016 von Xplode
# Datenbank : 2016-05-23.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Pako - PAKO-HP840
# Gestartet von : C:\Users\Pako\Desktop\AdwCleaner_5.117.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\OCS

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1071 Bytes] - [10/05/2016 09:36:14]
C:\AdwCleaner\AdwCleaner[C2].txt - [1092 Bytes] - [24/05/2016 12:20:37]
C:\AdwCleaner\AdwCleaner[S1].txt - [973 Bytes] - [10/05/2016 09:34:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [1218 Bytes] - [24/05/2016 12:19:20]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1310 Bytes] ##########
MBAM:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 24.05.2016
Suchlaufzeit: 12:29
Protokolldatei: mbm.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.05.24.03
Rootkit-Datenbank: v2016.05.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Pako

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 303960
Abgelaufene Zeit: 8 Min., 41 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-05-2016
durchgeführt von Pako (Administrator) auf PAKO-HP840 (24-05-2016 12:52:26)
Gestartet von C:\Users\Pako\Desktop
Geladene Profile: Pako &  (Verfügbare Profile: Pako)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [Remote Control Server] => C:\Users\Pako\AppData\Roaming\Remote Control Server\Remote Control Server.exe [5168128 2015-04-08] (Steppschuh)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2863344 2014-10-31] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168920 2014-10-07] (CyberLink Corp.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe [2089056 2015-04-14] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [430304 2015-11-17] (HP)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [191200 2015-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1034240 2016-02-18] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\...\MountPoints2: {e236d276-2d3b-11e5-8728-5cb901b2644d} - G:\setup.exe
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e236d276-2d3b-11e5-8728-5cb901b2644d} - G:\setup.exe
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {e236d276-2d3b-11e5-8728-5cb901b2644d} - G:\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{9986CD45-0234-442F-ABDC-AE185A5A32C1}: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{CB9F8693-0D92-4816-9BE6-3CC2480CDCAC}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM14/4
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM14/4
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-02] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "backup.ftp", "79.143.176.23"
FF NetworkProxy: "backup.ftp_port", 443
FF NetworkProxy: "backup.socks", "79.143.176.23"
FF NetworkProxy: "backup.socks_port", 443
FF NetworkProxy: "backup.ssl", "79.143.176.23"
FF NetworkProxy: "backup.ssl_port", 443
FF NetworkProxy: "ftp", "91.228..53.28"
FF NetworkProxy: "ftp_port", 8089
FF NetworkProxy: "http", "91.228..53.28"
FF NetworkProxy: "http_port", 8089
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.228..53.28"
FF NetworkProxy: "socks_port", 8089
FF NetworkProxy: "ssl", "91.228..53.28"
FF NetworkProxy: "ssl_port", 8089
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-09-28] (DigitalPersona, Inc.)
FF Extension: Avira Browser Safety - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\abs@avira.com [2016-05-13]
FF Extension: YouTube mp3 - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\info@youtube-mp3.org.xpi [2016-04-29]
FF Extension: Adblock Plus - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: web_clipper - C:\Users\Pako\AppData\Roaming\Mozilla\Firefox\Profiles\apep5xqp.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-04-29]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-03-10] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-09-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 BBDemon; C:\Program Files\Dassault Systemes\B21\win_b64\code\bin\CATSysDemon.exe [46592 2011-01-08] (Dassault Systemes) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [81408 2016-04-28] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-08-15] () [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-02] (DisplayLink Corp.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-09-28] (DigitalPersona, Inc.)
R2 FLCDLOCK; C:\windows\SysWOW64\flcdlock.exe [573240 2015-04-24] (Hewlett-Packard Company)
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [782048 2015-11-17] (HP)
R2 HpDamServiceHost; C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2015-04-23] (Hewlett-Packard Development Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102560 2015-10-19] (HP)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [149608 2015-06-05] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [76288 2015-09-24] (Synaptics Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-16] (Avira Operations GmbH & Co. KG)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-04-01] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2015-01-13] (Motorola Solutions, Inc.)
R2 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2015-04-23] (Hewlett-Packard Company)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-18] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-06-07] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [255216 2016-03-14] (Intel Corporation)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-24] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2015-03-13] (Intel Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2980568 2014-11-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [32496 2014-10-31] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2016-02-18] (Cisco Systems, Inc.)
S3 btmlehid; \SystemRoot\system32\drivers\btmlehid.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-24 12:52 - 2016-05-24 12:52 - 00024462 _____ C:\Users\Pako\Desktop\FRST.txt
2016-05-24 12:51 - 2016-05-24 12:51 - 00000000 ____D C:\Users\Pako\Desktop\FRST-OlderVersion
2016-05-24 12:49 - 2016-05-24 12:49 - 00009383 _____ C:\Users\Pako\Desktop\JRT.txt
2016-05-24 12:46 - 2016-05-24 12:46 - 00001207 _____ C:\Users\Pako\Desktop\mbm.txt
2016-05-24 12:24 - 2016-05-24 12:24 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-24 12:22 - 2016-05-24 12:22 - 00001392 _____ C:\Users\Pako\Desktop\AdwCleaner[C2].txt
2016-05-24 12:15 - 2016-05-24 12:16 - 22851472 _____ (Malwarebytes ) C:\Users\Pako\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-24 12:15 - 2016-05-24 12:15 - 01610816 _____ (Malwarebytes) C:\Users\Pako\Desktop\JRT.exe
2016-05-24 12:13 - 2016-05-24 12:13 - 03651136 _____ C:\Users\Pako\Desktop\AdwCleaner_5.117.exe
2016-05-24 10:06 - 2016-05-24 12:22 - 00001078 _____ C:\windows\system32dbgraw.bmp
2016-05-22 12:23 - 2016-05-22 12:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-05-22 12:22 - 2016-05-22 12:48 - 00000000 ____D C:\Users\Pako\Desktop\mbar
2016-05-22 12:22 - 2016-05-22 12:22 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Pako\Desktop\mbar-1.09.3.1001.exe
2016-05-18 20:30 - 2016-05-18 23:07 - 00480590 _____ C:\TDSSKiller.3.1.0.9_18.05.2016_20.30.44_log.txt
2016-05-18 20:29 - 2016-05-18 20:29 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Pako\Desktop\tdsskiller.exe
2016-05-17 12:47 - 2016-05-24 12:52 - 00000000 ____D C:\FRST
2016-05-17 12:47 - 2016-05-24 12:51 - 02383360 _____ (Farbar) C:\Users\Pako\Desktop\FRST64.exe
2016-05-17 12:45 - 2016-05-17 19:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-17 12:40 - 2016-05-17 12:40 - 00602112 _____ (OldTimer Tools) C:\Users\Pako\Desktop\OTL.exe
2016-05-16 23:16 - 2016-05-16 23:16 - 00001805 _____ C:\Users\Public\Desktop\Vuze.lnk
2016-05-14 23:56 - 2016-05-14 23:56 - 00001002 _____ C:\Users\Pako\Desktop\Eclipse.lnk
2016-05-13 16:15 - 2016-05-13 16:15 - 00000000 ____D C:\Users\Pako\.tooling
2016-05-13 16:09 - 2016-05-13 16:09 - 00002464 _____ C:\Users\Pako\Desktop\CATIA V5R21.lnk
2016-05-13 16:08 - 2016-05-14 23:56 - 00000000 ____D C:\Users\Pako\AppData\Local\Eclipse
2016-05-13 16:07 - 2016-05-13 16:14 - 00000000 ____D C:\Users\Pako\.eclipse
2016-05-13 16:05 - 2016-02-18 04:38 - 00000000 ____D C:\Program Files (x86)\eclipse
2016-05-13 16:02 - 2016-05-13 16:02 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Sun
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Sun
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\Users\Pako\.oracle_jre_usage
2016-05-13 16:02 - 2016-05-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-13 16:01 - 2016-05-13 16:03 - 00000000 ____D C:\ProgramData\Oracle
2016-05-13 16:00 - 2016-05-13 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-13 16:00 - 2016-05-13 16:01 - 00000000 ____D C:\Program Files\Java
2016-05-13 15:59 - 2016-05-13 15:59 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Oracle
2016-05-13 15:40 - 2016-05-13 15:40 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-05-11 15:31 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-11 15:31 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-11 15:31 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-11 15:31 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-11 15:31 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-11 15:31 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-05-11 15:31 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-05-11 15:31 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-05-11 15:31 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-05-11 15:31 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-05-11 15:31 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-05-11 15:31 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-05-11 15:31 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-05-11 15:31 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-05-11 15:31 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-05-11 15:31 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-11 15:31 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-05-11 15:31 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-05-11 15:31 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-11 15:31 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-11 15:31 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-11 15:31 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-05-11 15:31 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-05-11 15:31 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-05-11 15:31 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-05-11 15:31 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-05-11 15:31 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 15:31 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 15:31 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-05-11 15:31 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-05-11 15:31 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-05-11 15:30 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-11 15:30 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-10 09:41 - 2016-05-24 12:26 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 09:40 - 2016-05-24 12:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-10 09:40 - 2016-05-10 09:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-10 09:40 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-05-10 09:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-05-10 09:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-05-10 09:34 - 2016-05-24 12:20 - 00000000 ____D C:\AdwCleaner
2016-05-09 21:16 - 2016-05-09 21:16 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-05-09 21:16 - 2016-05-09 21:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-05-09 17:14 - 2016-05-10 09:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-02 14:17 - 2016-05-03 11:57 - 00000000 ____D C:\Users\Pako\Desktop\Numerische Methoden
2016-05-02 14:07 - 2016-05-03 11:57 - 00000000 ____D C:\Users\Pako\AppData\Roaming\jupyter
2016-05-02 14:07 - 2016-05-02 14:07 - 00000000 ____D C:\Users\Pako\.jupyter
2016-05-02 14:04 - 2016-05-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-24 12:29 - 2009-07-14 06:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-24 12:29 - 2009-07-14 06:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-24 12:27 - 2015-03-27 00:43 - 00715172 _____ C:\windows\system32\perfh007.dat
2016-05-24 12:27 - 2015-03-27 00:43 - 00154722 _____ C:\windows\system32\perfc007.dat
2016-05-24 12:27 - 2009-07-14 07:13 - 01651686 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-24 12:27 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-24 12:24 - 2015-04-08 19:47 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-24 12:22 - 2015-04-08 15:02 - 00000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-24 12:22 - 2015-04-08 15:02 - 00000000 __SHD C:\Users\Pako\IntelGraphicsProfiles
2016-05-24 12:21 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-24 12:14 - 2015-04-08 19:43 - 00003176 _____ C:\windows\System32\Tasks\HPCeeScheduleForPako
2016-05-24 12:14 - 2015-04-08 19:43 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForPako.job
2016-05-24 12:11 - 2015-04-15 13:26 - 00000000 ____D C:\Users\Pako\AppData\Roaming\Azureus
2016-05-24 11:17 - 2015-05-26 19:16 - 00000000 ____D C:\Users\Pako\AppData\LocalLow\Temp
2016-05-24 10:52 - 2015-04-08 15:25 - 00000000 ____D C:\Users\Pako\AppData\Roaming\vlc
2016-05-23 13:06 - 2015-04-08 15:02 - 00003934 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{593D9C55-FF5A-4232-BB72-86BBBE12F8A1}
2016-05-21 12:50 - 2015-04-08 15:02 - 00000000 ____D C:\Users\Pako\AppData\Roaming\hpqLog
2016-05-19 12:39 - 2015-04-11 17:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-18 08:04 - 2015-04-08 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-16 23:16 - 2015-04-15 13:26 - 00001805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2016-05-16 23:16 - 2015-04-15 13:26 - 00000000 ____D C:\Program Files\Vuze
2016-05-16 11:41 - 2016-01-07 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-16 11:27 - 2016-01-07 09:52 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-05-16 11:27 - 2016-01-07 09:52 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2016-05-15 11:08 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2016-05-15 00:19 - 2009-07-14 06:45 - 00285808 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-15 00:18 - 2015-04-09 20:22 - 00000000 ____D C:\windows\system32\appraiser
2016-05-15 00:18 - 2015-03-27 00:29 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 00:15 - 2015-04-09 20:08 - 00000000 ____D C:\windows\system32\MRT
2016-05-15 00:09 - 2015-04-09 20:08 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-13 16:15 - 2015-04-08 15:02 - 00000000 ____D C:\Users\Pako
2016-05-13 16:08 - 2015-04-09 21:11 - 00000000 ____D C:\Uni
2016-05-13 15:40 - 2015-04-08 22:10 - 00000000 ____D C:\Users\Pako\AppData\Local\Downloaded Installations
2016-05-13 15:24 - 2015-04-08 19:47 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:24 - 2015-04-08 19:47 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:24 - 2015-04-08 19:47 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 10:54 - 2013-12-03 21:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-12 18:27 - 2015-04-11 17:01 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 09:55 - 2015-04-09 09:53 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-10 09:55 - 2015-04-09 09:53 - 00000000 ___SD C:\windows\system32\GWX
2016-05-09 21:21 - 2015-05-05 08:10 - 00000000 ____D C:\t00ls
2016-05-03 11:55 - 2015-04-26 18:20 - 00000000 ____D C:\Users\Pako\.matplotlib
2016-05-02 14:05 - 2015-04-08 16:39 - 00000000 ____D C:\Program Files\Anaconda
2016-05-02 14:04 - 2015-04-08 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)
2016-05-02 13:28 - 2015-04-26 18:20 - 00000000 ____D C:\Users\Pako\.spyder2
2016-04-29 14:42 - 2016-03-10 10:54 - 00000000 ____D C:\SWSetup
2016-04-29 14:21 - 2015-04-08 18:28 - 00000000 ____D C:\Users\Pako\AppData\Local\ElevatedDiagnostics
2016-04-27 18:31 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-27 00:55 - 2015-03-27 00:56 - 8952034 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-03-27 01:06 - 2016-03-14 22:36 - 1992428 _____ () C:\ProgramData\hpdam_install_log.txt
2015-03-27 01:03 - 2015-03-27 01:03 - 0543880 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2016-03-10 18:19 - 2016-03-10 18:21 - 1609326 _____ () C:\ProgramData\SynFPRmsiLogs.log

Einige Dateien in TEMP:
====================
C:\Users\Pako\AppData\Local\Temp\avgnt.exe
C:\Users\Pako\AppData\Local\Temp\Extract.exe
C:\Users\Pako\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pako\AppData\Local\Temp\libeay32.dll
C:\Users\Pako\AppData\Local\Temp\msvcr120.dll
C:\Users\Pako\AppData\Local\Temp\sqlite3.dll


Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-18 00:39

==================== Ende von FRST.txt ============================
Addition.txt:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-05-2016
durchgeführt von Pako (2016-05-24 12:52:52)
Gestartet von C:\Users\Pako\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-04-08 13:02:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1335190260-3303876769-2765954222-500 - Administrator - Disabled)
Gast (S-1-5-21-1335190260-3303876769-2765954222-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1335190260-3303876769-2765954222-1003 - Limited - Enabled)
Pako (S-1-5-21-1335190260-3303876769-2765954222-1002 - Administrator - Enabled) => C:\Users\Pako

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Age of Empires 3 complete version 1.14 (HKLM-x32\...\{D5D9F4B5-7CCE-458D-9ECA-FE9EFD7D607C}_is1) (Version: 1.14 - vol1)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.42.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.42.0 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-J825DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 1.9.4.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.02075 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.2.02075 - Cisco Systems, Inc.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.5806 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dassault Systemes Doc English CATIA P3 B21 (HKLM-x32\...\Dassault Systemes Doc English B21) (Version:  - )
Dassault Systemes Software B21 (HKLM\...\Dassault Systemes B21_0) (Version:  - )
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC11 Prerequisites x86-x64 (HKLM\...\{C857169D-3F1A-4530-99A0-CAE966CE267E}) (Version: 11.0.1 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
DisplayLink Core Software (HKLM\...\{73CF7443-C49F-4A11-BD78-F6D691CDDB72}) (Version: 7.6.55673.0 - DisplayLink Corp.)
EaseUS Partition Master 10.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.5 (HKLM-x32\...\{5EDC25EC-D966-11E4-9E5C-00163E98E7D6}) (Version: 5.8.5.7193 - Evernote Corp.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{36FCBBEE-7BCE-4603-A4F5-56E73C43C820}) (Version: 4.0.11.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{FADF6CC4-5AF3-4630-AEDB-41F14BC09FCF}) (Version: 4.0.15.1 - HP Inc.)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.17.2042 - HP Inc.)
HP Connection Manager (HKLM-x32\...\{F0809EF3-DE1B-4A3C-9825-D4ABD1BA06BC}) (Version: 4.8.10.1 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{1BE682E2-5AF3-485A-83D0-47CC0C1FFFDE}) (Version: 8.3.7.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{BC60F8B0-4365-48A3-B463-0CDDA249B07F}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{48D74C03-3D33-4A7E-9D93-A59FE58C1DEA}) (Version: 2.6.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.27.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{384737A1-509C-46EA-A1EC-C1B6DD3BDC2D}) (Version: 6.2.17.1 - HP)
HP PageLift (HKLM-x32\...\{28074A47-851D-4599-A270-87609F58EB57}) (Version: 1.0.15.1 - Hewlett-Packard Company)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.37 - HP)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{757cc2cc-5fed-43e4-b813-2bda78353297}) (Version: 4.2.4.0 - HP)
HP Software Setup (HKLM-x32\...\{F6D61EC9-347B-4019-9F8E-E24169F7C330}) (Version: 8.7.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{B5BEF5F8-BD76-4174-A47D-05A06EA62615}) (Version: 2.7.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{49FE8EBA-CC77-484E-A4DB-DF4EFC0E5147}) (Version: 8.3.0.8 - Hewlett-Packard Company)
HP USB Port Replicator (HKLM\...\{4BCC570D-F175-4B50-A06A-FE3506A94796}) (Version: 7.6.55872.0 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1519.1030) (HKLM\...\{302600C1-6BDF-4FD1-1504-148929CC1385}) (Version: 17.1.1504.0518 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java SE Development Kit 8 Update 92 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB Production Server R2015a (HKLM\...\MATLAB Production Server R2015a) (Version: 2.1 - MathWorks)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Python 2.7.9 (Anaconda 2.2.0 64-bit) (HKLM\...\Python 2.7.9 (Anaconda 2.2.0 64-bit)) (Version: 2.2.0 - Continuum Analytics, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7383 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11072 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
revoSleep (HKLM-x32\...\{B76E8F60-D517-44B1-BFCD-B6C153A60F1B}) (Version: 2.4.0 - Revo)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.37.3 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}) (Version: 4.5.321.0 - Synaptics)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.2.0 - Azureus Software, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0E846346-8E27-43C5-9BA3-4CD87E0D9564} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-13] (Hewlett-Packard Company)
Task: {1DAECF30-3828-48D2-B84E-B836842E138D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {45D59522-84E4-4292-8C85-3DFF77E8F3DB} - System32\Tasks\HPCeeScheduleForPako => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {5CC7D514-7270-4DBB-8D9B-77B40B992FEB} - System32\Tasks\{D1A6AE07-7B25-46D9-948B-EE7254EA23C1} => pcalua.exe -a "C:\Spiele\Age of Empires II\AoFE_Launcher.exe" -d "C:\Spiele\Age of Empires II"
Task: {5D243527-641A-4CC1-942F-10A90BEA2E85} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {ADB08556-EF60-40F8-A7FE-9D72487E81B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {C95AF739-4354-461A-A75C-6007A9D6ADF2} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForPako.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-05-28 10:14 - 2014-05-28 10:14 - 00336056 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2015-07-01 09:45 - 2015-07-01 09:45 - 00022528 _____ () C:\windows\System32\us005lm.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-15 19:51 - 2014-08-15 19:51 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2015-04-13 21:00 - 2005-04-22 06:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2014-06-26 23:52 - 2014-06-26 23:52 - 02654936 _____ () C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2016-02-18 06:24 - 2016-02-18 06:24 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2010-06-14 18:41 - 2010-06-14 18:41 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-10-10 18:37 - 2014-10-10 18:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1335190260-3303876769-2765954222-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1335190260-3303876769-2765954222-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Pako\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{26194502-22AA-4709-AC14-A1B377061E1D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{55897B62-922E-406A-91E2-39189ADB539E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{050A4F1D-B28D-4172-8615-BF74A549145D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3F3F8700-CA53-4945-BE7F-646E02D92B41}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3DB1C88B-C304-48E1-B26B-9BDC222152A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D687D8D-42C9-4AD6-904C-B45D47242D9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F73A59E-EC31-4785-AB6F-0453471E36A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C487E073-6A9B-41DF-992C-2A23FA95F839}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{ED5D9F8C-31DE-4CB8-9585-C2063ACB031A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [TCP Query User{A1113639-9AF8-417C-BB27-F77C7421A42D}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [UDP Query User{E8B4C2F2-BB9E-41EA-BDAE-D2C030786AF5}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe
FirewallRules: [TCP Query User{4D0E1D55-7C01-4283-B011-6CA49CACC9E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{5F9A2BC6-5606-4B97-9FD4-24C5EADF8B9B}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [TCP Query User{CF04BF2B-CD8C-4189-9A40-577D8B1319E8}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [UDP Query User{ABC23708-F948-4FEE-A3C1-39784C87F35A}C:\users\pako\appdata\roaming\remote control server\remote control server.exe] => (Allow) C:\users\pako\appdata\roaming\remote control server\remote control server.exe
FirewallRules: [{572C5DA1-80D5-4B17-A8B5-58572A31D368}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{99B0FD3C-B481-453B-894B-5C627B2F0B44}] => (Allow) C:\Program Files (x86)\Brother\Brmfl11a\FAXRX.exe
FirewallRules: [{1A6D2200-9E00-4DF7-B29C-F9091B3E214A}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{16DF6E00-323C-4DC5-91F0-6692BD767132}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{4397C81B-F804-4B28-9B23-B75102BC9B86}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{E892C429-305C-4577-8793-3137479C3157}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{184FF14E-9FD3-4C8F-AC9A-B59D5B6C08AD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{E61669F1-4AA2-48A8-B3F4-ED576879069E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95992D6D-80DA-4A9F-88E5-A8259F897348}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{C84856A1-F94C-40D1-A72E-38FF6900BB6E}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{0370DA74-30C3-4EA4-8629-287BB4673275}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{8785BFCD-8433-40BC-9E08-D0A714C49885}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CC249AD1-4854-4335-B71E-71A9581D4274}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{A780842E-9BB9-4871-9D09-CC8AADBC6FE7}C:\spiele\age of empires 3\age3y.exe] => (Allow) C:\spiele\age of empires 3\age3y.exe
FirewallRules: [UDP Query User{548D2FED-8586-48AA-8647-400A3E7B90DB}C:\spiele\age of empires 3\age3y.exe] => (Allow) C:\spiele\age of empires 3\age3y.exe
FirewallRules: [TCP Query User{152B4FAE-FE6D-42F5-BA02-C48BB9E7FAAF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{F3FA0139-CCF0-4F70-BEAE-0A1F96DA92CF}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{C1D615EE-F9E7-4702-BDAC-14B5BDCB6C72}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{CAD7267F-42E9-4F6D-8FD8-CD21615B0985}C:\spiele\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\spiele\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{F1E3FFB8-28B1-4F30-B4AD-2B61856564F2}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe
FirewallRules: [UDP Query User{F2FDC59F-1437-4776-A83C-1AD023B0E507}C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2.assassins of kings.enhanced edition.v 3.4.4.1 + 12 dlc\bin\witcher2.exe
FirewallRules: [TCP Query User{6B5B1209-03B1-4EC9-ADF3-0EC08152AAB7}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{8874D6A7-833D-4EF5-B6CF-C03844658CDD}C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe] => (Block) C:\spiele\the witcher 2 enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{A595BFB1-C585-4DEB-A042-8E7FC8ACA1F5}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{A17134BB-9852-4C67-857D-341AD61D86E2}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{417C69D2-0311-45C0-A803-2C375E5B50BB}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{6FCF8D7B-FCAF-41A4-97FC-0C498602B023}C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe] => (Allow) C:\program files\catia\dassault systemes\b24\win_b64\code\bin\cnext.exe
FirewallRules: [{4A68009D-174F-496A-BCD2-EE9DC14143B3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{55164A65-1AF2-4A22-90FF-B75D9E9A9E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F61977B-6F2B-453F-8FCE-5160379EDCD3}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{0F0AA636-B729-4C97-8F5A-E0AB89A86E6D}C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{AF4F8F09-0835-44FC-B384-7A9B901CF0DF}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{0E4803D4-C350-419F-A898-DF5F70176E8F}C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b25\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{42A8C856-7C7E-42B1-A2C3-3F533179FDFF}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{4D6D5AA5-7F2B-48EA-A5DE-4142279187CA}C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe] => (Allow) C:\program files\dassault systemes\b21\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{E903F21E-808A-470D-B373-DD0613AE9EA7}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{D89E13A1-8DFC-4356-ACD2-D00D7CF40CBF}C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe] => (Block) C:\program files\dassault systemes\b21\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{0A5C10DF-E118-4F05-A778-53DAF5FACA79}C:\program files (x86)\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [UDP Query User{6E10132D-5776-445F-A829-A42AAA56656B}C:\program files (x86)\eclipse\eclipse.exe] => (Allow) C:\program files (x86)\eclipse\eclipse.exe
FirewallRules: [{E0970823-DBAF-4A16-86D9-34367AF59301}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{87B1E4F0-93AE-48B9-8053-1639CA935F91}] => (Allow) C:\Program Files\Vuze\Azureus.exe

==================== Wiederherstellungspunkte =========================

22-05-2016 12:25:40 Windows Update
24-05-2016 12:48:42 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/24/2016 12:48:48 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/24/2016 12:22:11 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/24/2016 12:22:10 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/24/2016 12:22:10 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/24/2016 12:22:10 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/24/2016 12:22:06 PM) (Source: flcdlock) (EventID: 1069) (User: )
Description: Profilvorgang für aktuelle SID mit unbekanntem Ausnahmefehler fehlgeschlagen.

Error: (05/24/2016 12:21:45 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/24/2016 12:21:44 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/24/2016 12:21:43 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **

Error: (05/24/2016 12:21:41 PM) (Source: flcdlock) (EventID: 1055) (User: )
Description: Beim Aufzählen von Gerät {4D36E972-E325-11CE-BFC1-08002BE10318}Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 trat ein Fehler auf.


Der Systemfehlercode lautet 0xe0000231:-

** The error code could not be translated **


Systemfehler:
=============
Error: (05/24/2016 12:22:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (05/24/2016 12:21:38 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/24/2016 12:21:38 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/24/2016 12:21:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (05/24/2016 12:21:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/24/2016 12:21:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (05/24/2016 12:21:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/24/2016 12:21:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\IWMSSvc.dll

Error: (05/24/2016 12:21:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\IWMSSvc.dll

Error: (05/24/2016 12:21:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\IWMSSvc.dll


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8067.11 MB
Verfügbarer physikalischer RAM: 5427.25 MB
Summe virtueller Speicher: 12113.29 MB
Verfügbarer virtueller Speicher: 9125.06 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:94.73 GB) (Free:15.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Daten) (Fixed) (Total:298.09 GB) (Free:61.68 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.93 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9CC5D5D8)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: D15CF63D)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=94.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

M-K-D-B 24.05.2016 14:04
Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles. :)



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

M-K-D-B 27.05.2016 21:08
Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131