Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.01.2016, 11:33   #1
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Hallo!

Ich habe seit einiger Zeit beim Aufruf von GMX (über https://www.gmx.at) immer wieder das Problem, dass ich die Seite nicht erreiche. Stattdessen bekomme ich die Fehlermeldung:

Zitat:
Diese Webseite ist nicht verfügbar.

ERR_CONNECTION_REFUSED
Das Problem tritt eher unregelmäßig auf und ich weiß nicht, wie es replizierbar ist. Mehrmaliges Aktualisieren der Seite hilft gelegentlich, manchmal auch ein Neustart des Browsers (übrigens scheint es egal zu sein, ob ich GMX über Chrome oder Edge aufrufen möchte), aber auch das ist nicht wirklich replizierbar.

Ein Virusscan mit Panda Free Antivirus brachte keine Ergebnisse.

Kann mir hier jemand weiterhelfen? Ist kein kritisches, jedoch ein sehr lästiges Problem.

Alt 23.01.2016, 13:01   #2
M-K-D-B
/// TB-Ausbilder
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Wir können nachsehen, ob Malware der Grund für dein Problem ist.


Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 23.01.2016, 15:16   #3
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Hallo Matthias!

Danke schon einmal vorab für deine Hilfe!

FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von Der Ehrenwerte (Administrator) auf DEREHRENWERTE (23-01-2016 15:10:07)
Gestartet von C:\Users\Der Ehrenwerte\Desktop
Geladene Profile: Der Ehrenwerte (Verfügbare Profile: Der Ehrenwerte)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1163264 2015-03-30] (Ruiware LLC)
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\RunOnce: [Uninstall C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\RunOnce: [Uninstall C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{e5216851-eedc-4492-8f64-a4018fa39ca4}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://nmd.msn.com
SearchScopes: HKLM -> {D6BF7EEB-4F9A-4B05-9F23-C4D7A81A5E24} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D6BF7EEB-4F9A-4B05-9F23-C4D7A81A5E24} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1177671194-2042575061-30678460-1000 -> {D6BF7EEB-4F9A-4B05-9F23-C4D7A81A5E24} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Keine Datei
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => Keine Datei
BHO: FINdBoestDeal -> {D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197} -> C:\ProgramData\FINdBoestDeal\TRwHHPXLXa.x64.dll => Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
BHO: BloccKTheeAdiAApp -> {F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90} -> C:\ProgramData\BloccKTheeAdiAApp\Pqc.x64.dll => Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-08-27] ()
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll Keine Datei
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2015-08-27] ()

FireFox:
========
FF ProfilePath: C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default
FF DefaultSearchEngine: SuchMaschine
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1177671194-2042575061-30678460-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Der Ehrenwerte\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-01] (Apple Inc.)
FF SearchPlugin: C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\searchplugins\suchmaschine.xml [2015-04-27]
FF Extension: Exif Viewer - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\extensions\exif_viewer@mozilla.doslash.org.xpi [2015-06-28]
FF Extension: anonymoX - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\client@anonymox.net.xpi [2016-01-13]
FF Extension: NoScript - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-01]
FF Extension: Panda Security Toolbar - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-09-17] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-01]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => nicht gefunden
FF HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.at/
CHR StartupUrls: Default -> "hxxps://www.google.at/?gws_rd=ssl"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\pdf.dll => Keine Datei
CHR Plugin: (20-20 3D Viewer for IKEA) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp\5.0.94.1_0\NP_2020Player_IKEA.dll (20-20 Technologies)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => Keine Datei
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Reader Application Detector) - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Der Ehrenwerte\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-20]
CHR Extension: (YouTube) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20]
CHR Extension: (Adblock für Facebook™) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc [2015-10-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-09-04]
CHR Extension: (Google Mail) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-08] (GOG.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-01] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-11-06] (Copyright 2013 SAMSUNG)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-02] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-07] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-09-15] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-09-15] (Windows (R) Win 7 DDK provider)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [Datei ist nicht signiert]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-07] ()
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87448 2015-07-16] ()
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-23 15:10 - 2016-01-23 15:11 - 00028464 _____ C:\Users\Der Ehrenwerte\Desktop\FRST.txt
2016-01-23 15:10 - 2016-01-23 15:10 - 00000000 ____D C:\FRST
2016-01-23 15:09 - 2016-01-23 15:09 - 02370560 _____ (Farbar) C:\Users\Der Ehrenwerte\Desktop\FRST64.exe
2016-01-23 14:55 - 2016-01-23 14:55 - 00016148 _____ C:\WINDOWS\system32\DEREHRENWERTE_Der Ehrenwerte_HistoryPrediction.bin
2016-01-23 10:19 - 2016-01-23 10:19 - 00927824 _____ (Google Inc.) C:\Users\Der Ehrenwerte\Downloads\ChromeSetup.exe
2016-01-19 21:47 - 2016-01-19 21:47 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\wordpress-4.4.1
2016-01-19 21:46 - 2016-01-19 21:46 - 07725585 _____ C:\Users\Der Ehrenwerte\Downloads\wordpress-4.4.1.zip
2016-01-17 19:11 - 2016-01-17 19:15 - 00047616 ___SH C:\Users\Der Ehrenwerte\Desktop\Thumbs.db
2016-01-17 17:15 - 2016-01-17 17:15 - 00248736 _____ C:\Users\Der Ehrenwerte\Downloads\Firefox Setup Stub 43.0.4.exe
2016-01-14 21:19 - 2016-01-14 21:50 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\2016-01 (Jan)
2016-01-13 19:51 - 2016-01-13 19:51 - 00079509 _____ C:\Users\Der Ehrenwerte\Downloads\KATHRIN EVA  KREGAR 257-2140436720.pdf
2016-01-13 19:51 - 2016-01-13 19:51 - 00079509 _____ C:\Users\Der Ehrenwerte\Desktop\KATHRIN EVA  KREGAR 257-2140436720.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079507 _____ C:\Users\Der Ehrenwerte\Downloads\STEFAN TSCHERNUTTER 257-2140436722.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079507 _____ C:\Users\Der Ehrenwerte\Desktop\STEFAN TSCHERNUTTER 257-2140436722.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079485 _____ C:\Users\Der Ehrenwerte\Desktop\DANIEL MORINA 257-2140436721.pdf
2016-01-13 19:48 - 2016-01-13 19:48 - 00079485 _____ C:\Users\Der Ehrenwerte\Downloads\DANIEL MORINA 257-2140436721.pdf
2016-01-12 20:54 - 2016-01-12 20:54 - 00062607 _____ C:\Users\Der Ehrenwerte\Desktop\Wacken-Flug.pdf
2016-01-12 19:44 - 2016-01-05 04:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 19:44 - 2016-01-05 04:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 19:44 - 2016-01-05 04:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 19:44 - 2016-01-05 04:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 19:44 - 2016-01-05 04:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 19:44 - 2016-01-05 04:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 19:44 - 2016-01-05 04:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 19:44 - 2016-01-05 03:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-12 19:44 - 2016-01-05 03:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 19:44 - 2016-01-05 03:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 19:44 - 2016-01-05 03:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 19:44 - 2016-01-05 03:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 19:44 - 2016-01-05 03:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 19:44 - 2016-01-05 03:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 19:44 - 2016-01-05 03:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 19:44 - 2016-01-05 03:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 19:44 - 2016-01-05 03:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 19:44 - 2016-01-05 03:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 19:44 - 2016-01-05 03:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 19:44 - 2016-01-05 03:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 19:44 - 2016-01-05 03:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 19:44 - 2016-01-05 03:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 19:44 - 2016-01-05 03:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 19:44 - 2016-01-05 03:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 19:44 - 2016-01-05 03:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 19:44 - 2016-01-05 03:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 19:44 - 2016-01-05 03:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 19:44 - 2016-01-05 03:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 19:44 - 2016-01-05 03:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 19:44 - 2016-01-05 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-12 19:44 - 2016-01-05 03:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 19:44 - 2016-01-05 03:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-12 19:44 - 2016-01-05 03:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-12 19:44 - 2016-01-05 03:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 19:44 - 2016-01-05 03:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 19:44 - 2016-01-05 03:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-12 19:44 - 2016-01-05 03:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 19:44 - 2016-01-05 03:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 19:44 - 2016-01-05 03:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 19:44 - 2016-01-05 03:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 19:44 - 2016-01-05 03:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 19:44 - 2016-01-05 03:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 19:44 - 2016-01-05 03:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 19:44 - 2016-01-05 03:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 19:44 - 2016-01-05 03:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 19:44 - 2016-01-05 03:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-12 19:44 - 2016-01-05 03:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 19:44 - 2016-01-05 02:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 19:44 - 2016-01-05 02:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 19:44 - 2016-01-05 02:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 19:44 - 2016-01-05 02:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 19:44 - 2016-01-05 02:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 19:44 - 2016-01-05 02:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 19:44 - 2016-01-05 02:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 19:44 - 2016-01-05 02:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 19:44 - 2016-01-05 02:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 19:44 - 2016-01-05 02:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 19:44 - 2016-01-05 02:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 19:44 - 2016-01-05 02:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 19:44 - 2016-01-05 02:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-12 19:44 - 2016-01-05 02:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 19:44 - 2016-01-05 02:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-12 19:44 - 2016-01-05 02:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 19:44 - 2016-01-05 02:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 19:44 - 2016-01-05 02:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 19:44 - 2016-01-05 02:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 19:44 - 2016-01-05 02:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 19:44 - 2016-01-05 02:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-12 19:44 - 2016-01-05 02:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 19:44 - 2016-01-05 02:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 19:44 - 2016-01-05 02:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 19:44 - 2016-01-05 02:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 19:44 - 2016-01-05 02:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 19:44 - 2016-01-05 02:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 19:44 - 2016-01-05 02:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 19:44 - 2016-01-05 02:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-09 10:01 - 2016-01-09 10:34 - 00000000 ____D C:\Users\Der Ehrenwerte\Documents\USBSteve
2016-01-05 17:58 - 2016-01-05 17:58 - 00314390 _____ C:\Users\Der Ehrenwerte\Desktop\MANOWAR HomeTicket (1).pdf
2016-01-04 19:44 - 2016-01-04 19:44 - 00010017 _____ C:\Users\Der Ehrenwerte\Desktop\Mappe1.xlsx
2016-01-04 18:58 - 2016-01-04 18:58 - 00029502 _____ C:\Users\Der Ehrenwerte\Downloads\kta_ei.dat
2016-01-03 11:49 - 2016-01-03 11:50 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\BluRay
2016-01-03 11:43 - 2016-01-03 11:43 - 241201002 _____ C:\Users\Der Ehrenwerte\Downloads\BDP2012WWB.zip
2016-01-02 15:13 - 2016-01-02 15:13 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\firmware-devolo-wifi-repeater-v1-1-0
2016-01-02 15:03 - 2016-01-02 15:03 - 04043418 _____ C:\Users\Der Ehrenwerte\Downloads\firmware-devolo-wifi-repeater-v1-1-0.zip
2016-01-01 15:45 - 2016-01-17 17:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-30 11:03 - 2015-12-30 11:03 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-30 11:03 - 2015-12-30 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-30 11:02 - 2015-12-30 11:03 - 00000000 ____D C:\Program Files\iTunes
2015-12-30 11:02 - 2015-12-30 11:02 - 00000000 ____D C:\Program Files\iPod
2015-12-30 11:02 - 2015-12-30 11:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-30 10:27 - 2015-12-30 10:27 - 00466728 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin99ip.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-23 15:10 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2016-01-23 14:25 - 2015-03-15 15:55 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-23 14:17 - 2011-11-30 18:08 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-23 13:17 - 2011-11-30 18:08 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-23 10:20 - 2015-05-27 17:58 - 00002331 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-23 10:20 - 2014-03-19 18:30 - 00002343 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-23 09:34 - 2015-12-11 21:58 - 00000000 ____D C:\ProgramData\Origin
2016-01-22 20:26 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-22 20:26 - 2014-08-08 16:20 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-01-21 22:34 - 2015-09-17 19:49 - 00000000 ____D C:\Program Files\Java
2016-01-21 22:34 - 2015-01-23 19:34 - 00000000 ____D C:\ProgramData\Oracle
2016-01-21 22:34 - 2014-10-16 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-21 22:33 - 2015-09-17 19:50 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-21 22:33 - 2015-09-17 19:50 - 00000000 ____D C:\Users\Der Ehrenwerte\.oracle_jre_usage
2016-01-21 19:39 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-17 17:16 - 2015-11-29 19:12 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-17 17:16 - 2012-04-26 17:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-17 17:16 - 2011-11-17 19:59 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-17 10:29 - 2015-08-01 21:49 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-17 10:29 - 2015-07-10 17:34 - 00883662 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-17 10:29 - 2015-07-10 17:34 - 00195796 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-17 10:29 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-17 10:23 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-17 10:22 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-17 10:15 - 2013-03-13 22:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 23:34 - 2011-11-17 22:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-14 21:27 - 2015-10-13 07:32 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\Helsinki 2015-10-8-12
2016-01-14 20:22 - 2014-10-01 18:27 - 00000000 ____D C:\Users\Der Ehrenwerte\Documents\Bewerbung
2016-01-14 18:06 - 2015-11-02 17:54 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 18:06 - 2014-12-23 16:27 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-13 22:34 - 2013-08-15 18:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 22:25 - 2011-11-18 15:22 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-13 22:11 - 2012-09-05 18:42 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\kati
2016-01-12 19:54 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-12 19:51 - 2015-08-01 21:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-12 19:50 - 2013-03-13 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-12 19:50 - 2013-03-13 22:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-12 19:49 - 2011-11-17 22:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-06 17:19 - 2015-12-03 20:14 - 00000000 ____D C:\WINDOWS\Panther
2016-01-06 17:15 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-01-05 17:12 - 2015-07-10 13:20 - 00370520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-04 19:34 - 2009-07-14 03:34 - 00000438 _____ C:\WINDOWS\win.ini
2016-01-03 11:45 - 2011-11-17 19:57 - 00098712 _____ C:\Users\Der Ehrenwerte\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-03 02:40 - 2015-07-10 12:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-01 21:38 - 2015-12-11 21:58 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-30 11:02 - 2011-11-17 20:12 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\DirectoryService
2012-05-29 15:30 - 2012-05-29 15:30 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\Displays
2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\Distortion
2012-07-22 08:37 - 2012-09-15 12:56 - 0001099 _____ () C:\Users\Der Ehrenwerte\AppData\Roaming\ShiftN.ini
2015-02-20 07:52 - 2015-02-20 07:52 - 0004608 _____ () C:\Users\Der Ehrenwerte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-01 21:46 - 2015-08-01 21:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-05-29 15:30 - 2012-05-29 15:30 - 0000268 ___RH () C:\ProgramData\Drum Kits
2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\ProgramData\Drums
2011-11-19 10:35 - 2011-11-19 10:46 - 0001250 _____ () C:\ProgramData\hpzinstall.log
2012-05-29 15:30 - 2012-05-29 15:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2012-05-29 15:29 - 2012-07-22 15:32 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2012-05-29 15:29 - 2012-05-29 15:36 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Einige Dateien in TEMP:
====================
C:\Users\Der Ehrenwerte\AppData\Local\Temp\amd-catalyst-15.7.1-win10-64bit.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\{E49D2321-9525-4BD2-A3B9-5D07195A4658}.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-19 20:37

==================== Ende von FRST.txt ============================
         
__________________

Alt 23.01.2016, 15:17   #4
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von Der Ehrenwerte (2016-01-23 15:11:37)
Gestartet von C:\Users\Der Ehrenwerte\Desktop
Windows 10 Home (X64) (2015-08-01 21:19:23)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1177671194-2042575061-30678460-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1177671194-2042575061-30678460-503 - Limited - Disabled)
Der Ehrenwerte (S-1-5-21-1177671194-2042575061-30678460-1000 - Administrator - Enabled) => C:\Users\Der Ehrenwerte
Gast (S-1-5-21-1177671194-2042575061-30678460-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1177671194-2042575061-30678460-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Free Antivirus (Enabled - Out of date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Out of date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version:  - Gearbox Software)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Amazon Kindle (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{E2078C11-E9EC-BD96-037C-A3423082F2BF}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
APA-OnlineManager 6.7 (HKLM-x32\...\{CBCB226C-3F5A-46B5-8528-3433E020445B}) (Version: 6.70.0068 - APA-IT)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.3.0.7 - GOG.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{01FB1338-C19D-4AC6-BFED-AFD9AD8366ED}) (Version: 2.36.0 - Kovid Goyal)
CdCoverCreator 2.5.3 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.3 - thyanté Software)
Civilization III Complete Edition (HKLM-x32\...\InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}) (Version: 1.00.0000 - 2K Games)
Civilization III Complete Edition (x32 Version: 1.00.0000 - 2K Games) Hidden
CLARC (HKLM-x32\...\1207664563_is1) (Version: 2.1.0.2 - GOG.com)
Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.3.0.23190 - Sony Corporation)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.943.0 - Electronic Arts)
Deponia (HKLM-x32\...\1207659103_is1) (Version: 2.2.0.9 - GOG.com)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Dracula - The Resurrection (HKLM-x32\...\1207661553_is1) (Version: 2.1.0.5 - GOG.com)
Dungeons And Dragons Anthology - The Master Collection (HKLM-x32\...\{79612FB7-0B07-4E34-A346-79133691FF12}) (Version: 1.0.0 - Atari)
Earth 2160 (HKLM-x32\...\Earth 2160) (Version: 1.37 En - Zuxxez Entertainment AG)
Edna Bricht Aus (HKLM-x32\...\Edna Bricht Aus) (Version: 1.2 - Daedalic Entertainment)
F2400 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Fallout (HKLM-x32\...\Fallout) (Version:  - )
Fallout 2 (HKLM-x32\...\Fallout 2) (Version:  - )
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Bethesda Softworks)
foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski)
FTL -  Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.82 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Jagged Alliance 2: Wildfire (HKLM-x32\...\Jagged Alliance 2: Wildfire) (Version: v. 6.04 ENG - ZUXXEZ Entertainmnet AG)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.1 - LOOT Development Team)
Machinarium (HKLM-x32\...\{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1) (Version:  - Daedalic Entertainment)
MAGIX Foto & Grafik Designer 7 (HKLM-x32\...\MAGIX_{27354246-4EAF-4EE4-B203-731A8824A9DE}) (Version: 7.1.2.19859 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 (x32 Version: 7.1.2.19859 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{4F57E848-AC32-4178-BCF0-7D05A58B8F49}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\MyFreeCodec) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.0 - Nikon)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
NWZ-E440 WALKMAN Guide (HKLM-x32\...\{E96FF910-1BC9-4EE5-BC12-0A30D4E20F37}) (Version: 2.0.00.07010 - Sony Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.0.1980 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\1207660064_is1) (Version: 2.1.0.8 - GOG.com)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 8.03.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.0.4 - Panda Security)
Paper Sorcerer (HKLM-x32\...\1207664363_is1) (Version: 2.3.0.6 - GOG.com)
Perimeter (HKLM-x32\...\1207658667_is1) (Version: 2.1.0.11 - GOG.com)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.2 - Nikon)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\1207660563_is1) (Version: 2.9.0.13 - GOG.com)
Roberta Williams' Phantasmagoria (HKLM-x32\...\1207658834_is1) (Version: 2.1.0.15 - GOG.com)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link 2.0.0.1411061504 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1411061504 - Copyright 2013 SAMSUNG)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sid Meier's Alpha Centauri Planetary Pack (HKLM-x32\...\1207658936_is1) (Version: 2.1.0.24 - GOG.com)
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.00.0000 - Firaxis Games) Hidden
Silent Storm Gold (HKLM-x32\...\1207659058_is1) (Version: 2.1.0.8 - GOG.com)
Silver (HKLM-x32\...\1207659041_is1) (Version: 2.1.0.15 - GOG.com)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spacecom (HKLM-x32\...\1207665863_is1) (Version: 2.4.0.6 - GOG.com)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Star Trek™ - 25th Anniversary (HKLM-x32\...\1427108887_is1) (Version: 2.0.0.5 - GOG.com)
Star Trek™ - Judgment Rites Limited Collector's Edition (HKLM-x32\...\1429089605_is1) (Version: 2.0.0.6 - GOG.com)
Starpoint Gemini 2 - Titans (HKLM-x32\...\Starpoint Gemini 2: Titans_is1) (Version: 2.4.0.10 - GOG.com)
Starpoint Gemini 2 (HKLM-x32\...\1207666123_is1) (Version: 2.4.0.10 - GOG.com)
Startfenster (HKLM\...\Startfenster) (Version:  - Startfenster)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The 7th Guest (HKLM-x32\...\1207658999_is1) (Version: 2.1.0.21 - GOG.com)
The Banner Saga (HKLM-x32\...\1207660483_is1) (Version: 2.2.0.4 - GOG.com)
The Dark Eye - Chains of Satinav (HKLM-x32\...\1207659133_is1) (Version: 2.1.0.5 - GOG.com)
The Dark Eye - Chains of Satinav (HKLM-x32\...\Satinav) (Version: 1.0 - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Fall (HKLM-x32\...\1425568340_is1) (Version: 2.0.0.1 - GOG.com)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Tyrian 2000 (HKLM-x32\...\1207658901_is1) (Version: 2.1.0.13 - GOG.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.3.0 - Nikon)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinAce Archiver (HKLM-x32\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - Ruiware)
World of Aden - Thunderscape (HKLM-x32\...\1207659463_is1) (Version: 2.1.0.4 - GOG.com)
X - Beyond the Frontier (HKLM-x32\...\1441039631_is1) (Version: 2.0.0.3 - GOG.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {032EBC3B-8395-4F2E-8A77-FEECDE8AACB0} - \avast! Emergency Update -> Keine Datei <==== ACHTUNG
Task: {084BF2A5-481C-4718-817D-4168E5D112C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {0EF8EEF2-E319-4687-A318-9676CD53CACD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {12F6A0F6-0173-4BD9-8078-6DF91357B614} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {15D365EB-09BB-43F0-8F20-FBFCE58E8637} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {1B320F34-23F9-4246-82D1-1FCB971AF22B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {232EC9BD-53A4-403F-9BEB-415A47699F23} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {25A7FEE9-544B-426A-B3B0-3BF111D99948} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3818B644-41F9-4EB9-81AA-22E173D72F7A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3CF25BE5-CF26-4CA5-96E2-8B2953EC9515} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {4115C810-866C-470C-8A95-8247EE673F34} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {458B0D6B-B2A3-47F6-A06A-E601C7AB7C25} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {50DB9E16-7DDF-4ED2-8AB7-34E2F5182DF3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {55B12871-1406-400D-8372-55640E592621} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6856DFCE-56FD-43F7-B7EA-33E53A856750} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {733F4912-BF93-4696-B8DC-D41232CF4386} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {7592847C-F452-4C9F-9506-671F49447F38} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {850CB598-3D44-459C-A9CB-D65A9CEBF702} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {87768DEF-5F2A-4145-9F51-F45ABDEF9795} - System32\Tasks\{715AD43D-C8C4-4A1D-B305-42C1DA9CC36F} => pcalua.exe -a "C:\Users\Der Ehrenwerte\AppData\Local\Pokki\Engine\HostAppService.exe" -c /UNINSTALL149b46d4a102c0304583931ceaa3f0bf19785ee3
Task: {8AB714E0-1A95-4074-8B22-26EC88FDF6C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {8EA85BFE-1B6F-4F7A-88B1-75C2E3452119} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {9002CFC4-D89C-4F63-AE11-E3341BA5CED7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {94745958-9875-4DDB-A9E2-3781D7963848} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {9791C6AD-2ACC-420C-B07B-EB06A410DD22} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {99DCC519-686E-49D6-99A8-815DCC4343FD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9E519E89-C861-4A0A-8DBF-E38756EDF58F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {A3A3EFE5-53E3-4B7E-9340-D19ED2A29ECD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {ADB216A7-C244-427D-A437-1F2B15657CEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B09F5EB4-F9C4-488D-AE90-9B11A461FF19} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {B0A9AB4B-80AD-4C95-B1E3-3DD53DC214BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B0AC5D6E-7B2C-48C0-A2D9-33F470202773} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B3317FC2-B6EF-4F94-BED2-EB7FDB758659} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {B87700E4-CB89-454D-94AC-9C5442621771} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BCB4B6C6-7E99-481C-BDFA-D68FEEBDC294} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {C3B71185-7355-4DD3-92B5-6AE9FB486862} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C6992E22-D3DB-43B1-AF99-CBF3D58A8964} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {C9562A16-3111-42A5-900F-D855045063DB} - \{999E1F97-52CA-485C-BB39-D3184962B7BA} -> Keine Datei <==== ACHTUNG
Task: {CA40B31D-B3F8-481B-87C4-33438939621A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CDB88D2A-ACFB-4946-8501-E8DE9A91A4CA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D0314F23-3A72-4A79-BAE5-6FC047F2299D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DA763C9E-6403-4E7A-9078-E5849AF78B31} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {DDEB1531-6FC2-41AF-AB87-329CEAF5A25D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E16ED3B1-F9E8-4332-8907-476046AF1859} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E91030E1-616A-4B3A-B6A2-BCAD0C999E56} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F3212A0D-0901-4B87-80C7-BA58A6844A53} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {FB95BCD1-63FF-4D3C-932D-FD5484DE6990} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {FFA27040-E0BD-4CA3-9A1C-C90D967E38AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-01 22:37 - 2015-08-01 22:37 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 18:52 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-10-19 17:07 - 2014-11-06 15:04 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2014-10-19 17:07 - 2014-11-06 15:04 - 02633728 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2014-10-19 17:07 - 2014-11-06 15:04 - 02540544 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 10:25 - 2013-12-21 10:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 10:26 - 2013-12-21 10:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2015-08-01 22:05 - 2015-08-01 22:05 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2015-10-01 17:28 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 17:28 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 17:27 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-12-09 19:53 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 19:52 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 19:52 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 17:28 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-12-10 17:48 - 2015-12-10 17:49 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-12-10 17:48 - 2015-12-10 17:49 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-19 18:37 - 2015-11-19 18:37 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 08:48 - 2013-10-22 08:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 15:38 - 2013-04-19 15:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 18:49 - 2013-10-25 18:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2015-12-11 23:05 - 2016-01-01 21:38 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-12-11 23:05 - 2016-01-01 21:37 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-12-11 23:05 - 2016-01-01 21:37 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-12-11 23:05 - 2016-01-01 21:37 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-12-11 23:05 - 2016-01-01 21:38 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-12-11 23:05 - 2016-01-01 21:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-12-11 23:05 - 2016-01-01 21:38 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-12-11 23:05 - 2016-01-01 21:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-12-11 23:05 - 2016-01-01 21:38 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2016-01-23 10:20 - 2016-01-15 13:10 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\libglesv2.dll
2016-01-23 10:20 - 2016-01-15 13:10 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Der Ehrenwerte\Pictures\401998.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "AllShareAgent"
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{17DBE4E4-46E2-44DA-9003-9F66B9B7F8A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{AF995E56-03EF-48CC-8883-899E3CE58A0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{C87171FB-E2BF-4A8A-B09C-BA570670427F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{8BDE67D5-7241-4995-BD4E-707B7C373257}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [UDP Query User{99342CA3-BF79-4C71-B5C0-5EE318B63B1E}C:\gog games\haegemonia gold edition\haegemonia - the solon heritage\hgma.exe] => (Allow) C:\gog games\haegemonia gold edition\haegemonia - the solon heritage\hgma.exe
FirewallRules: [TCP Query User{CB259E6A-2120-4628-87E7-01C87BBE7005}C:\gog games\haegemonia gold edition\haegemonia - the solon heritage\hgma.exe] => (Allow) C:\gog games\haegemonia gold edition\haegemonia - the solon heritage\hgma.exe
FirewallRules: [{9A2D0536-5288-45D4-8025-2604A02CD061}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CBAD464-8B60-43F7-B301-246294E64508}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A537B2D2-779E-4101-99E0-043BF39E1D1B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3F080FA0-087A-4DE3-9DAC-E622BE9464DE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5B1EC853-98C5-49D4-8509-32A520CA67C3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A53C84B0-081C-454C-A771-99388D03AE05}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{6C870029-9B14-4207-AAAD-4A0527DD0F1A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{E5A147D9-70DC-4263-A4D0-09848302E061}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{0BC6CF67-5A7E-4B5E-ABBF-1CED03C44D7E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{30B53923-29A4-45DF-AE7F-AF4EE0BE8DF2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{9EF86ADF-0643-4DE7-9C48-D11DC30962A0}] => (Allow) LPort=1900
FirewallRules: [{C6CD0341-5CDE-4ACD-8D21-B1059596AD79}] => (Allow) LPort=7900
FirewallRules: [{F43021E7-591D-4942-9EA9-398D8D4D2953}] => (Allow) LPort=24234
FirewallRules: [{8AD9BBD4-E118-4165-B14C-1A58F84F7EBA}] => (Allow) LPort=7679
FirewallRules: [{01F94BAD-9889-482D-8946-2DC9A92B332F}] => (Allow) LPort=7676
FirewallRules: [{122B4DEB-9962-4750-84D7-A99461A1D96E}] => (Allow) LPort=8643
FirewallRules: [{72F7E3F8-8D12-498E-A551-4281146AC058}] => (Allow) LPort=8743
FirewallRules: [{0C346564-83C3-498B-BA1B-927B346911C9}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{63F499B9-EF41-4318-989D-910836B3BAD4}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{ACAE6CB9-91ED-447B-B17F-ECCEE03BA49B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{3F6BB728-F8D0-4AFA-B75A-B18EF4D4397D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{D647D3F3-0927-42F1-B8A5-A76E91585C1A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FA1C5062-607D-4949-A2C9-3E655A1C33B3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{A32B741D-73A3-4A09-A257-661F5C096130}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2207F963-8D20-4E55-B80D-3F7E4378CA3B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8305012A-29CC-4238-9056-51F8C59414CF}] => (Allow) C:\Program Files (x86)\Toolbar Cleaner\ToolbarCleaner.exe
FirewallRules: [{9DBB4AD0-4AA5-4706-8E89-0224A6A69515}] => (Allow) C:\Program Files (x86)\Toolbar Cleaner\ToolbarCleaner.exe
FirewallRules: [{0482B121-878F-4A1F-90B5-2D3B8B4F30DA}] => (Allow) C:\Users\Der Ehrenwerte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C69E4B1D-3980-4987-BE15-F22DA0DFFC19}] => (Allow) C:\Users\Der Ehrenwerte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0857DC6D-CB44-4D3C-8F51-E0015A3AF5E0}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3C5A55B1-40D3-4696-9980-5003391A9BE8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0DEB6B00-8EE1-451C-8A62-662537B49A44}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{CFE5872B-5DAC-4BE9-89B4-FA67EFDA8BB7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EA549500-C511-434E-8CEB-C9EA81B055A4}] => (Allow) C:\Users\Der Ehrenwerte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{234A0B46-D635-4C8B-87C0-25E4CEF5BE1E}] => (Allow) C:\Users\Der Ehrenwerte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED1A3E2E-2671-4566-B9F2-E5771B54008C}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_SSE.exe
FirewallRules: [{F92EFF05-7E33-495F-A037-E77EF532E4DF}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_SSE.exe
FirewallRules: [{9D5194B5-8F0D-4362-9B5E-E0BA72527899}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_NO_SSE.exe
FirewallRules: [{6EEBF3B1-D517-4820-A67D-CECF385ADC9A}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_NO_SSE.exe
FirewallRules: [{A1EDA99F-E737-417C-8D10-C78B7797BA4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{FC0BB76B-79D4-4254-A2CA-6D54F3FADAB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{55178A3D-09EE-41C3-B1B3-DC396C4AFDA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{957DE04F-CD00-41D8-BA2D-B10E1891195F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{BA784C1A-5FFC-4311-9871-92DA1B857C43}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{EF5EFEE6-4CD7-4B55-8428-C15B2DDA14EF}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{D3DD7621-4F05-4134-B391-4F127E0A77F3}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{69B637C9-717E-44F9-BCA7-E987A8F85735}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{97B4F564-A2A1-4B3A-9B54-F948E3FEBEF8}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [{D945E3E9-9826-46C5-A760-8675FA78E3F3}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{3AAFA6F6-FB73-496A-9C63-45B699DD8515}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{16A0E112-EE94-447B-B112-C91BC9D6053F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe
FirewallRules: [{73B3ECF2-CFA5-433B-BD97-095776C168B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe
FirewallRules: [UDP Query User{FF20536A-0832-4904-B8D6-2184F99AFAAE}C:\program files (x86)\ea games\dead space 2\deadspace2.exe] => (Allow) C:\program files (x86)\ea games\dead space 2\deadspace2.exe
FirewallRules: [TCP Query User{19D73AD3-BF93-40C5-9E17-0F3ADC60040F}C:\program files (x86)\ea games\dead space 2\deadspace2.exe] => (Allow) C:\program files (x86)\ea games\dead space 2\deadspace2.exe
FirewallRules: [{B79E8A76-C92F-4B5C-9FFD-3A066AB194F3}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{89BC3CF1-7835-438A-8794-A18C020BFFCD}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{29043C09-82F9-44FB-BC33-9504F5225953}C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\autoit3.exe] => (Allow) C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\autoit3.exe
FirewallRules: [TCP Query User{F247952E-C57A-41D3-8EAE-84C8090A8D4E}C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\autoit3.exe] => (Allow) C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\autoit3.exe
FirewallRules: [UDP Query User{9F161D59-7193-45F6-A902-13E90652BE31}C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\tools\wget.exe] => (Allow) C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\tools\wget.exe
FirewallRules: [TCP Query User{E2FE2B54-F58E-40D6-9597-ADC1634C16CD}C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\tools\wget.exe] => (Allow) C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\tools\wget.exe
FirewallRules: [{AEC9C53A-79DA-46E0-A0BE-500B3A082F54}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe
FirewallRules: [{2C33A1BC-BA17-4C5F-9F05-35352FB1BEF0}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe
FirewallRules: [UDP Query User{4E2B010A-5CE8-4271-A6B6-E3DA5032F484}C:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) C:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [TCP Query User{ADEBCAEA-1864-4962-B74D-40ABDE80CC96}C:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) C:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{D84FA374-9D53-4E7A-A849-26DC851ED83E}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{B1C615E8-BF5A-4D64-BE2C-8C1FFDAD975B}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [{EDE471E9-7BF8-4E53-AA0B-3A19929972C8}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{011E410D-EA72-4A14-A90D-40328E6B024D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{A93F3EDD-36E6-42C5-A258-732E5E36291F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3C10195B-00D8-484B-A8D9-38C2E735F074}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{CD503BBE-D338-463B-8347-0436CE312299}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{90BCBA6E-7A33-4062-B455-74A01464A686}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E3F299FE-FAD2-4B5E-A99E-0F3892EDBB4E}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{48979E56-2BDB-4DAA-92EC-9218BC6FE1F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BC208E41-B2FE-40DE-B13D-6E86AF551051}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{53F5AC76-8219-4614-A5ED-A25BAF1F0278}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{21EAA45F-060B-47A9-B3E5-C05003B700D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{1ACF4DC0-4DAA-499F-83BA-FB6F72FF467B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{28E3CBBD-4089-44E9-A390-EE8B10BC4B32}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2A306D93-E1C9-4F62-AAE4-CE331CEAC9AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{543630AE-D730-4137-9221-06B0B93B27C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{40141796-5BE1-45B5-ABDA-36DA1AB1DC63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8935424-0EF7-4A95-934A-EA14224A60CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{290A89EA-8EA2-4B5A-81EC-188FD49D7652}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C242574F-A7EC-4FA4-84FD-7D6DC11E283B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F11EEAE1-B703-4A84-BF95-D3C200EBDF5C}] => (Allow) LPort=1900
FirewallRules: [{8B9CBC2D-B5C4-4944-9E18-05C946735AF8}] => (Allow) LPort=2869
FirewallRules: [{50788BD8-3EA7-4390-9FE9-66F9739D81D8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{735FBDA0-516C-450F-A6B5-5B62EA705488}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe
FirewallRules: [{8BF3D94F-E95F-4CB4-83DA-B1B63863E6F9}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe
FirewallRules: [{46EEAB50-1249-4A91-AB8C-06AB873D27A0}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{F08D0A4F-055D-4B77-B00C-38321C4DA645}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{10F331C1-40B7-4ECD-83B3-D9BBAC5D5C36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{462A0EA2-1EF4-45E3-950A-2E2A3530787E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{887B4AA8-7996-48B0-A1B4-E343312BB0DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{67491F19-5017-4CBB-934F-1B0FE7DBABB1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D499667F-02F2-4F33-B645-B6445D58DDC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4935038E-27A3-457E-BDC4-FE666D79328E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1F92C752-6B90-4666-AEE2-FA1684960CA0}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{1AEC9D5E-C94E-4FF1-BF0E-353759A02760}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [TCP Query User{90F32036-0724-461A-AC1C-73FC5FC2784B}C:\gog games\outlast\binaries\win64\olgame.exe] => (Allow) C:\gog games\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{7CEE08CF-9084-4FCF-91D9-B31DFD0C74DF}C:\gog games\outlast\binaries\win64\olgame.exe] => (Allow) C:\gog games\outlast\binaries\win64\olgame.exe
FirewallRules: [{056D79A0-93A4-4719-9A23-C1C759616681}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{889CA1E9-DED5-4DFE-9337-0F416704EA37}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-01-2016 11:55:53 Geplanter Prüfpunkt
10-01-2016 16:21:18 Windows Update
13-01-2016 22:23:40 Windows Update
13-01-2016 22:24:28 Windows Update
17-01-2016 17:38:28 Windows Update
21-01-2016 19:44:18 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/23/2016 10:20:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.9016, Zeitstempel: 0x52a1d50f
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16603, Zeitstempel: 0x565531ee
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003cbce
ID des fehlerhaften Prozesses: 0x23f0
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Vollständiger Name des fehlerhaften Pakets: PSIA.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PSIA.exe5

Error: (01/22/2016 09:44:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/21/2016 10:34:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/21/2016 10:34:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/21/2016 07:44:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/20/2016 10:09:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/19/2016 10:35:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/18/2016 09:52:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/17/2016 10:40:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/17/2016 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "J:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).


Systemfehler:
=============
Error: (01/22/2016 09:44:40 PM) (Source: DCOM) (EventID: 10010) (User: DerEhrenwerte)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (01/22/2016 09:44:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/21/2016 10:34:46 PM) (Source: DCOM) (EventID: 10010) (User: DerEhrenwerte)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (01/21/2016 10:34:43 PM) (Source: DCOM) (EventID: 10010) (User: DerEhrenwerte)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (01/21/2016 10:34:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/20/2016 10:09:45 PM) (Source: DCOM) (EventID: 10010) (User: DerEhrenwerte)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (01/20/2016 10:09:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/19/2016 10:35:22 PM) (Source: DCOM) (EventID: 10010) (User: DerEhrenwerte)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (01/19/2016 10:35:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/18/2016 09:52:35 PM) (Source: DCOM) (EventID: 10010) (User: DerEhrenwerte)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}


CodeIntegrity:
===================================
  Date: 2015-12-20 16:12:39.204
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:39.161
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:38.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:38.507
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:38.153
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:37.994
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:35.591
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:33.356
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:07:27.117
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:07:27.073
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X6 1055T Processor
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 4092.54 MB
Verfügbarer physikalischer RAM: 1766.71 MB
Summe virtueller Speicher: 8188.54 MB
Verfügbarer virtueller Speicher: 5125.54 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:1384.81 GB) (Free:837.96 GB) NTFS
Drive i: (OEZBF) (Removable) (Total:3.73 GB) (Free:3.7 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 49F1EE31)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1384.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 5 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 23.01.2016, 15:24   #5
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



TDSSKiller-Report - Teil 1

Code:
ATTFilter
15:18:41.0780 0x185c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:18:48.0586 0x185c  ============================================================
15:18:48.0586 0x185c  Current date / time: 2016/01/23 15:18:48.0586
15:18:48.0586 0x185c  SystemInfo:
15:18:48.0586 0x185c  
15:18:48.0586 0x185c  OS Version: 10.0.10240 ServicePack: 0.0
15:18:48.0586 0x185c  Product type: Workstation
15:18:48.0586 0x185c  ComputerName: DEREHRENWERTE
15:18:48.0586 0x185c  UserName: Der Ehrenwerte
15:18:48.0586 0x185c  Windows directory: C:\WINDOWS
15:18:48.0586 0x185c  System windows directory: C:\WINDOWS
15:18:48.0586 0x185c  Running under WOW64
15:18:48.0586 0x185c  Processor architecture: Intel x64
15:18:48.0586 0x185c  Number of processors: 6
15:18:48.0586 0x185c  Page size: 0x1000
15:18:48.0586 0x185c  Boot type: Normal boot
15:18:48.0586 0x185c  ============================================================
15:18:48.0793 0x185c  KLMD registered as C:\WINDOWS\system32\drivers\28337808.sys
15:18:49.0344 0x185c  System UUID: {70208FF5-2AE4-339E-14AD-5FAA3FB6B6B0}
15:18:50.0175 0x185c  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:18:50.0220 0x185c  Drive \Device\Harddisk5\DR6 - Size: 0xEF000000 ( 3.73 Gb ), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:18:50.0225 0x185c  ============================================================
15:18:50.0225 0x185c  \Device\Harddisk0\DR0:
15:18:50.0225 0x185c  MBR partitions:
15:18:50.0225 0x185c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x96000
15:18:50.0225 0x185c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1806800, BlocksNum 0xAD19F800
15:18:50.0226 0x185c  \Device\Harddisk5\DR6:
15:18:50.0227 0x185c  MBR partitions:
15:18:50.0227 0x185c  \Device\Harddisk5\DR6\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x777FE0
15:18:50.0227 0x185c  ============================================================
15:18:50.0266 0x185c  C: <-> \Device\Harddisk0\DR0\Partition2
15:18:50.0266 0x185c  ============================================================
15:18:50.0266 0x185c  Initialize success
15:18:50.0266 0x185c  ============================================================
15:19:48.0134 0x1530  ============================================================
15:19:48.0134 0x1530  Scan started
15:19:48.0134 0x1530  Mode: Manual; SigCheck; TDLFS; 
15:19:48.0134 0x1530  ============================================================
15:19:48.0134 0x1530  KSN ping started
15:19:50.0517 0x1530  KSN ping finished: true
15:19:56.0100 0x1530  ================ Scan system memory ========================
15:19:56.0100 0x1530  System memory - ok
15:19:56.0102 0x1530  ================ Scan services =============================
15:19:56.0359 0x1530  [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:19:56.0429 0x1530  1394ohci - ok
15:19:56.0486 0x1530  [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
15:19:56.0498 0x1530  3ware - ok
15:19:56.0558 0x1530  [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:19:56.0594 0x1530  ACPI - ok
15:19:56.0618 0x1530  [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:19:56.0630 0x1530  acpiex - ok
15:19:56.0650 0x1530  [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:19:56.0660 0x1530  acpipagr - ok
15:19:56.0696 0x1530  [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
15:19:56.0721 0x1530  AcpiPmi - ok
15:19:56.0732 0x1530  [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:19:56.0743 0x1530  acpitime - ok
15:19:56.0856 0x1530  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:19:56.0878 0x1530  AdobeARMservice - ok
15:19:57.0033 0x1530  [ 93FA6CC96875A330E4B208C0A701BBD8, 98C7B57A9F4EBE98F47DFC49A4EE61B56E18F61748A0975C74EB316C75726EB5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:19:57.0055 0x1530  AdobeFlashPlayerUpdateSvc - ok
15:19:57.0118 0x1530  [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:19:57.0169 0x1530  ADP80XX - ok
15:19:57.0217 0x1530  [ A3D96563BF46FC8A0E5756B796127D14, BAD3C30714F6514D2AF725077A79FF671CC022E415786E1666C0B7C24CE3670A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
15:19:57.0242 0x1530  AFD - ok
15:19:57.0267 0x1530  [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
15:19:57.0276 0x1530  agp440 - ok
15:19:57.0300 0x1530  [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:19:57.0318 0x1530  ahcache - ok
15:19:57.0353 0x1530  [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
15:19:57.0375 0x1530  AJRouter - ok
15:19:57.0412 0x1530  [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG             C:\WINDOWS\System32\alg.exe
15:19:57.0436 0x1530  ALG - ok
15:19:57.0539 0x1530  [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
15:19:57.0589 0x1530  AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
15:19:59.0956 0x1530  Detect skipped due to KSN trusted
15:19:59.0957 0x1530  AllShare Framework DMS - ok
15:20:00.0019 0x1530  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
15:20:00.0064 0x1530  AMD External Events Utility - ok
15:20:00.0097 0x1530  [ DE51F5BB5C05D4C831ECB6E1A70E1B5E, 465834210ACE469481F75EDBB8532386029BD5277C41D084134E9E71B9BD8371 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
15:20:00.0116 0x1530  AMD FUEL Service - ok
15:20:00.0136 0x1530  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\WINDOWS\system32\DRIVERS\amdiox64.sys
15:20:00.0143 0x1530  amdiox64 - ok
15:20:00.0161 0x1530  [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
15:20:00.0177 0x1530  AmdK8 - ok
15:20:00.0206 0x1530  [ BE258C17CFD09F4210602105432E784A, FD38B50785206D6E5EADE65396030E18C8B9D993D7225057B0C24F3256BCE2E3 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
15:20:00.0212 0x1530  amdkmafd - ok
15:20:00.0229 0x1530  amdkmdag - ok
15:20:00.0300 0x1530  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
15:20:00.0333 0x1530  amdkmdap - ok
15:20:00.0353 0x1530  [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
15:20:00.0367 0x1530  AmdPPM - ok
15:20:00.0389 0x1530  [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
15:20:00.0399 0x1530  amdsata - ok
15:20:00.0424 0x1530  [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
15:20:00.0439 0x1530  amdsbs - ok
15:20:00.0449 0x1530  [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
15:20:00.0457 0x1530  amdxata - ok
15:20:00.0490 0x1530  [ EE4797DFEBBE8ACDB548DD8E80BE0A88, 9D56F835A5A9C045829EDFB546379E3448C9E539E5C2608B559DE4D052FEC769 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
15:20:00.0496 0x1530  amd_sata - ok
15:20:00.0504 0x1530  [ D56EAD71A86FD2ACAE2DB47D0A6A3A41, 2E5E6D0E00D25765CC8B9997B26DE43F305966BFA518CB72EA7CA77152001726 ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
15:20:00.0510 0x1530  amd_xata - ok
15:20:00.0520 0x1530  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.2.0  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:20:00.0527 0x1530  AODDriver4.2.0 - ok
15:20:00.0565 0x1530  [ E4AFE476D9F758514A8A571DF6A24372, A37055A2CDB577CC8B76D4B020924A6C68D94166C1C9A64F7C0E9E16692709FC ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
15:20:00.0587 0x1530  AppHostSvc - ok
15:20:00.0600 0x1530  [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID           C:\WINDOWS\system32\drivers\appid.sys
15:20:00.0612 0x1530  AppID - ok
15:20:00.0626 0x1530  [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
15:20:00.0659 0x1530  AppIDSvc - ok
15:20:00.0682 0x1530  [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
15:20:00.0698 0x1530  Appinfo - ok
15:20:00.0767 0x1530  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:20:00.0793 0x1530  Apple Mobile Device Service - ok
15:20:00.0828 0x1530  [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
15:20:00.0882 0x1530  AppReadiness - ok
15:20:00.0964 0x1530  [ D6D96E20079D902243690DCBB007F997, 4E3FAED92F6434D689CCC7AE3A077819BCD2E99D7D2C293563B2E0DCF08CC42F ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
15:20:01.0121 0x1530  AppXSvc - ok
15:20:01.0136 0x1530  [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
15:20:01.0147 0x1530  arcsas - ok
15:20:01.0272 0x1530  [ BD63768F58666341BE007DAA21B3A063, 1D6112E97042E19E4D916AA22F8AEB7FCC2F36CA45F55049D77042DAF3B8847C ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:20:01.0309 0x1530  aspnet_state - ok
15:20:01.0337 0x1530  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
15:20:01.0349 0x1530  aswHwid - ok
15:20:01.0364 0x1530  [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
15:20:01.0381 0x1530  AsyncMac - ok
15:20:01.0394 0x1530  [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
15:20:01.0403 0x1530  atapi - ok
15:20:01.0441 0x1530  [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
15:20:01.0462 0x1530  AtiHDAudioService - ok
15:20:01.0502 0x1530  [ 66828FF07CE53217582005540E31F84A, 67191E1CAF324014EB50E5C8BEE45D45C8A40C5CE02629AB83D3007E28CE2C35 ] AtiPcie         C:\WINDOWS\system32\drivers\AtiPcie64.sys
15:20:01.0510 0x1530  AtiPcie - ok
15:20:01.0545 0x1530  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
15:20:01.0564 0x1530  atksgt - ok
15:20:01.0639 0x1530  [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:20:01.0691 0x1530  AudioEndpointBuilder - ok
15:20:01.0729 0x1530  [ 6300722E8527EC54D426FD00EE5196B2, 71376BE797E8F3E2E671167DA400239D5289DE7EE56CF29564C98715B9DB1D09 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
15:20:01.0775 0x1530  Audiosrv - ok
15:20:01.0814 0x1530  [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
15:20:01.0831 0x1530  AxInstSV - ok
15:20:01.0855 0x1530  [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
15:20:01.0877 0x1530  b06bdrv - ok
15:20:01.0889 0x1530  [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:20:01.0911 0x1530  BasicDisplay - ok
15:20:01.0932 0x1530  [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
15:20:01.0943 0x1530  BasicRender - ok
15:20:01.0963 0x1530  [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
15:20:01.0969 0x1530  bcmfn2 - ok
15:20:01.0990 0x1530  [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
15:20:02.0023 0x1530  BDESVC - ok
15:20:02.0057 0x1530  [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:20:02.0077 0x1530  Beep - ok
15:20:02.0152 0x1530  [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE             C:\WINDOWS\System32\bfe.dll
15:20:02.0219 0x1530  BFE - ok
15:20:02.0311 0x1530  [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS            C:\WINDOWS\System32\qmgr.dll
15:20:02.0393 0x1530  BITS - ok
15:20:02.0439 0x1530  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:20:02.0454 0x1530  Bonjour Service - ok
15:20:02.0465 0x1530  [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
15:20:02.0490 0x1530  bowser - ok
15:20:02.0559 0x1530  [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:20:02.0615 0x1530  BrokerInfrastructure - ok
15:20:02.0653 0x1530  [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser         C:\WINDOWS\System32\browser.dll
15:20:02.0683 0x1530  Browser - ok
15:20:02.0702 0x1530  [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:20:02.0731 0x1530  BthAvrcpTg - ok
15:20:02.0759 0x1530  [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
15:20:02.0786 0x1530  BthHFEnum - ok
15:20:02.0796 0x1530  [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
15:20:02.0808 0x1530  bthhfhid - ok
15:20:02.0839 0x1530  [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
15:20:02.0870 0x1530  BthHFSrv - ok
15:20:02.0888 0x1530  [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
15:20:02.0901 0x1530  BTHMODEM - ok
15:20:02.0919 0x1530  [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv         C:\WINDOWS\system32\bthserv.dll
15:20:02.0940 0x1530  bthserv - ok
15:20:02.0966 0x1530  [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
15:20:02.0990 0x1530  buttonconverter - ok
15:20:03.0006 0x1530  [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
15:20:03.0019 0x1530  CapImg - ok
15:20:03.0038 0x1530  [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:20:03.0052 0x1530  cdfs - ok
15:20:03.0072 0x1530  [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
15:20:03.0097 0x1530  CDPSvc - ok
15:20:03.0120 0x1530  [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
15:20:03.0135 0x1530  cdrom - ok
15:20:03.0171 0x1530  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
15:20:03.0190 0x1530  CertPropSvc - ok
15:20:03.0196 0x1530  [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
15:20:03.0208 0x1530  circlass - ok
15:20:03.0229 0x1530  [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
15:20:03.0247 0x1530  CLFS - ok
15:20:03.0319 0x1530  [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
15:20:03.0352 0x1530  ClipSVC - ok
15:20:03.0377 0x1530  [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
15:20:03.0407 0x1530  CmBatt - ok
15:20:03.0466 0x1530  [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
15:20:03.0499 0x1530  CNG - ok
15:20:03.0512 0x1530  [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
15:20:03.0521 0x1530  cnghwassist - ok
15:20:03.0598 0x1530  [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
15:20:03.0618 0x1530  CompositeBus - ok
15:20:03.0622 0x1530  COMSysApp - ok
15:20:03.0640 0x1530  [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
15:20:03.0652 0x1530  condrv - ok
15:20:03.0687 0x1530  [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
15:20:03.0718 0x1530  CoreMessagingRegistrar - ok
15:20:03.0770 0x1530  [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
15:20:03.0804 0x1530  CryptSvc - ok
15:20:03.0831 0x1530  [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam             C:\WINDOWS\system32\drivers\dam.sys
15:20:03.0844 0x1530  dam - ok
15:20:03.0912 0x1530  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:20:03.0961 0x1530  DcomLaunch - ok
15:20:03.0999 0x1530  [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
15:20:04.0032 0x1530  DcpSvc - ok
15:20:04.0063 0x1530  [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
15:20:04.0093 0x1530  defragsvc - ok
15:20:04.0134 0x1530  [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:20:04.0162 0x1530  DeviceAssociationService - ok
15:20:04.0196 0x1530  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
15:20:04.0215 0x1530  DeviceInstall - ok
15:20:04.0220 0x1530  [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
15:20:04.0237 0x1530  DevQueryBroker - ok
15:20:04.0250 0x1530  [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
15:20:04.0264 0x1530  Dfsc - ok
15:20:04.0300 0x1530  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
15:20:04.0309 0x1530  dg_ssudbus - ok
15:20:04.0319 0x1530  [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
15:20:04.0351 0x1530  Dhcp - ok
15:20:04.0407 0x1530  [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
15:20:04.0433 0x1530  diagnosticshub.standardcollector.service - ok
15:20:04.0540 0x1530  [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
15:20:04.0649 0x1530  DiagTrack - ok
15:20:04.0669 0x1530  [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk            C:\WINDOWS\system32\drivers\disk.sys
15:20:04.0680 0x1530  disk - ok
15:20:04.0706 0x1530  [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
15:20:04.0728 0x1530  DmEnrollmentSvc - ok
15:20:04.0741 0x1530  [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
15:20:04.0761 0x1530  dmvsc - ok
15:20:04.0792 0x1530  [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
15:20:04.0816 0x1530  dmwappushservice - ok
15:20:04.0834 0x1530  [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:20:04.0854 0x1530  Dnscache - ok
15:20:04.0870 0x1530  [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:20:04.0892 0x1530  dot3svc - ok
15:20:04.0918 0x1530  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
15:20:04.0927 0x1530  dot4 - ok
15:20:04.0948 0x1530  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
15:20:04.0954 0x1530  Dot4Print - ok
15:20:04.0964 0x1530  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
15:20:04.0972 0x1530  dot4usb - ok
15:20:04.0999 0x1530  [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS             C:\WINDOWS\system32\dps.dll
15:20:05.0015 0x1530  DPS - ok
15:20:05.0043 0x1530  [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
15:20:05.0052 0x1530  drmkaud - ok
15:20:05.0074 0x1530  [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
15:20:05.0109 0x1530  DsmSvc - ok
15:20:05.0137 0x1530  [ D920A8B070A9BA5C9DEFC3BA7C3883B5, 8EA05CDE58930EB16B4B502561AF2DB5229658FDC1948A9A8F249A7402C21398 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
15:20:05.0154 0x1530  DsSvc - ok
15:20:05.0229 0x1530  [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:20:05.0324 0x1530  DXGKrnl - ok
15:20:05.0341 0x1530  [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
15:20:05.0358 0x1530  Eaphost - ok
15:20:05.0454 0x1530  [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
15:20:05.0575 0x1530  ebdrv - ok
15:20:05.0601 0x1530  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS             C:\WINDOWS\System32\lsass.exe
15:20:05.0616 0x1530  EFS - ok
15:20:05.0622 0x1530  [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
15:20:05.0632 0x1530  EhStorClass - ok
15:20:05.0646 0x1530  [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:20:05.0657 0x1530  EhStorTcgDrv - ok
15:20:05.0693 0x1530  [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
15:20:05.0719 0x1530  embeddedmode - ok
15:20:05.0735 0x1530  [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
15:20:05.0786 0x1530  EntAppSvc - ok
15:20:05.0807 0x1530  [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
15:20:05.0817 0x1530  ErrDev - ok
15:20:05.0843 0x1530  [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem     C:\WINDOWS\system32\es.dll
15:20:05.0879 0x1530  EventSystem - ok
15:20:05.0900 0x1530  [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
15:20:05.0921 0x1530  exfat - ok
15:20:05.0951 0x1530  [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
15:20:05.0968 0x1530  fastfat - ok
15:20:06.0015 0x1530  [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:20:06.0059 0x1530  Fax - ok
15:20:06.0105 0x1530  [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc           C:\WINDOWS\System32\drivers\fcvsc.sys
15:20:06.0119 0x1530  fcvsc - ok
15:20:06.0134 0x1530  [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
15:20:06.0146 0x1530  fdc - ok
15:20:06.0182 0x1530  [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
15:20:06.0198 0x1530  fdPHost - ok
15:20:06.0219 0x1530  [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
15:20:06.0236 0x1530  FDResPub - ok
15:20:06.0250 0x1530  [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
15:20:06.0269 0x1530  fhsvc - ok
15:20:06.0280 0x1530  [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
15:20:06.0294 0x1530  FileCrypt - ok
15:20:06.0311 0x1530  [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
15:20:06.0323 0x1530  FileInfo - ok
15:20:06.0332 0x1530  [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
15:20:06.0350 0x1530  Filetrace - ok
15:20:06.0368 0x1530  [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
15:20:06.0380 0x1530  flpydisk - ok
15:20:06.0404 0x1530  [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:20:06.0423 0x1530  FltMgr - ok
15:20:06.0493 0x1530  [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache       C:\WINDOWS\system32\FntCache.dll
15:20:06.0593 0x1530  FontCache - ok
15:20:06.0662 0x1530  [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:20:06.0678 0x1530  FontCache3.0.0.0 - ok
15:20:06.0711 0x1530  [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
15:20:06.0730 0x1530  FsDepends - ok
15:20:06.0751 0x1530  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr.sys
15:20:06.0759 0x1530  fssfltr - ok
15:20:06.0906 0x1530  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:20:06.0966 0x1530  fsssvc - ok
15:20:07.0070 0x1530  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
15:20:07.0079 0x1530  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
15:20:09.0435 0x1530  Detect skipped due to KSN trusted
15:20:09.0435 0x1530  FsUsbExDisk - ok
15:20:09.0466 0x1530  [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:20:09.0496 0x1530  Fs_Rec - ok
15:20:09.0531 0x1530  [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:20:09.0562 0x1530  fvevol - ok
15:20:09.0583 0x1530  [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
15:20:09.0593 0x1530  gagp30kx - ok
15:20:09.0729 0x1530  [ 6D18B1088696CF96CBEBD31B8A519BD4, 4B47EECD18C12749FBEFA9C20B466F1A501F238166BBAE5B1793C918305A3348 ] GalaxyClientService C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
15:20:09.0835 0x1530  GalaxyClientService - ok
15:20:10.0182 0x1530  [ 8EFA8CD6CE8E38E6F112076958D84602, F7D339598262BE5279588ABA8BCC5B3857DFABA9B8C23E6FD78766C07FF069EF ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
15:20:10.0447 0x1530  GalaxyCommunication - ok
15:20:10.0493 0x1530  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:20:10.0514 0x1530  GEARAspiWDM - ok
15:20:10.0557 0x1530  [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
15:20:10.0571 0x1530  gencounter - ok
15:20:10.0588 0x1530  [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
15:20:10.0612 0x1530  genericusbfn - ok
15:20:10.0629 0x1530  [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:20:10.0641 0x1530  GPIOClx0101 - ok
15:20:10.0704 0x1530  [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
15:20:10.0769 0x1530  gpsvc - ok
15:20:10.0800 0x1530  [ 7BF844D362EB746BC7A6DC3F57FA3E32, C07007CF6A0A2BA953FC40A5031931131CC953A8CF3B5AFA86C8811F9C4D43C4 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
15:20:10.0811 0x1530  GpuEnergyDrv - ok
15:20:10.0864 0x1530  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:20:10.0893 0x1530  gupdate - ok
15:20:10.0907 0x1530  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:20:10.0918 0x1530  gupdatem - ok
15:20:10.0952 0x1530  [ 27E248CD861AFED4DF0C48F4C853E7F0, 37BEA5E9D8ACAA871A441766B5FDD32A1091C0CB8B34DFA15596AD827C5EF1A4 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
15:20:10.0993 0x1530  HDAudBus - ok
15:20:11.0011 0x1530  [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
15:20:11.0026 0x1530  HidBatt - ok
15:20:11.0062 0x1530  [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
15:20:11.0153 0x1530  HidBth - ok
15:20:11.0176 0x1530  [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
15:20:11.0198 0x1530  hidi2c - ok
15:20:11.0208 0x1530  [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
15:20:11.0217 0x1530  hidinterrupt - ok
15:20:11.0228 0x1530  [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
15:20:11.0240 0x1530  HidIr - ok
15:20:11.0256 0x1530  [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv         C:\WINDOWS\system32\hidserv.dll
15:20:11.0268 0x1530  hidserv - ok
15:20:11.0283 0x1530  [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
15:20:11.0306 0x1530  HidUsb - ok
15:20:11.0338 0x1530  [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:20:11.0372 0x1530  HomeGroupListener - ok
15:20:11.0414 0x1530  [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:20:11.0468 0x1530  HomeGroupProvider - ok
15:20:11.0564 0x1530  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:20:11.0595 0x1530  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
15:20:13.0934 0x1530  Detect skipped due to KSN trusted
15:20:13.0934 0x1530  hpqcxs08 - ok
15:20:14.0003 0x1530  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:20:14.0029 0x1530  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
15:20:16.0383 0x1530  Detect skipped due to KSN trusted
15:20:16.0383 0x1530  hpqddsvc - ok
15:20:16.0411 0x1530  [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
15:20:16.0446 0x1530  HpSAMD - ok
15:20:16.0505 0x1530  [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
15:20:16.0554 0x1530  HTTP - ok
15:20:16.0568 0x1530  [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
15:20:16.0577 0x1530  hwpolicy - ok
15:20:16.0587 0x1530  [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
15:20:16.0597 0x1530  hyperkbd - ok
15:20:16.0610 0x1530  [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:20:16.0620 0x1530  HyperVideo - ok
15:20:16.0634 0x1530  [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
15:20:16.0663 0x1530  i8042prt - ok
15:20:16.0675 0x1530  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:20:16.0683 0x1530  iaLPSSi_GPIO - ok
15:20:16.0704 0x1530  [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:20:16.0713 0x1530  iaLPSSi_I2C - ok
15:20:16.0740 0x1530  [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
15:20:16.0767 0x1530  iaStorAV - ok
15:20:16.0797 0x1530  [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
15:20:16.0816 0x1530  iaStorV - ok
15:20:16.0838 0x1530  [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
15:20:16.0857 0x1530  ibbus - ok
15:20:16.0880 0x1614  Object required for P2P: [ 6300722E8527EC54D426FD00EE5196B2 ] Audiosrv
15:20:16.0910 0x1530  [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
15:20:16.0939 0x1530  icssvc - ok
15:20:16.0945 0x1530  IEEtwCollectorService - ok
15:20:16.0987 0x1530  [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
15:20:17.0028 0x1530  IKEEXT - ok
15:20:17.0209 0x1530  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
15:20:17.0348 0x1530  IntcAzAudAddService - ok
15:20:17.0377 0x1530  [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
15:20:17.0386 0x1530  intelide - ok
15:20:17.0407 0x1530  [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
15:20:17.0416 0x1530  intelpep - ok
15:20:17.0441 0x1530  [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
15:20:17.0454 0x1530  intelppm - ok
15:20:17.0474 0x1530  [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
15:20:17.0495 0x1530  IoQos - ok
15:20:17.0518 0x1530  [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:20:17.0532 0x1530  IpFilterDriver - ok
15:20:17.0596 0x1530  [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
15:20:17.0639 0x1530  iphlpsvc - ok
15:20:17.0656 0x1530  [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:20:17.0673 0x1530  IPMIDRV - ok
15:20:17.0697 0x1530  [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
15:20:17.0711 0x1530  IPNAT - ok
15:20:17.0810 0x1530  [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:20:17.0838 0x1530  iPod Service - ok
15:20:17.0876 0x1530  [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
15:20:17.0888 0x1530  IRENUM - ok
15:20:17.0904 0x1530  [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
15:20:17.0913 0x1530  isapnp - ok
15:20:17.0932 0x1530  [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
15:20:17.0947 0x1530  iScsiPrt - ok
15:20:17.0991 0x1530  [ 1C368C1A2733DCC5B8E15420AA2B0F6D, C43A3534E33CEAEB8359D493FDB4663CB7C1E9286862B2CEE2788E9EA060DF1D ] JRAID           C:\WINDOWS\system32\drivers\jraid.sys
15:20:18.0017 0x1530  JRAID - ok
15:20:18.0030 0x1530  [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
15:20:18.0043 0x1530  kbdclass - ok
15:20:18.0058 0x1530  [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
15:20:18.0079 0x1530  kbdhid - ok
15:20:18.0095 0x1530  [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
15:20:18.0115 0x1530  kdnic - ok
15:20:18.0155 0x1530  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso          C:\WINDOWS\system32\lsass.exe
15:20:18.0193 0x1530  KeyIso - ok
15:20:18.0205 0x1530  [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
15:20:18.0227 0x1530  KSecDD - ok
15:20:18.0240 0x1530  [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:20:18.0253 0x1530  KSecPkg - ok
15:20:18.0269 0x1530  [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
15:20:18.0280 0x1530  ksthunk - ok
15:20:18.0343 0x1530  [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
15:20:18.0389 0x1530  KtmRm - ok
15:20:18.0424 0x1530  [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
15:20:18.0444 0x1530  LanmanServer - ok
15:20:18.0488 0x1530  [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:20:18.0510 0x1530  LanmanWorkstation - ok
15:20:18.0551 0x1530  [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
15:20:18.0573 0x1530  lfsvc - ok
15:20:18.0586 0x1530  [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
15:20:18.0612 0x1530  LicenseManager - ok
15:20:18.0628 0x1530  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
15:20:18.0635 0x1530  lirsgt - ok
15:20:18.0640 0x1530  [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
15:20:18.0654 0x1530  lltdio - ok
15:20:18.0678 0x1530  [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
15:20:18.0701 0x1530  lltdsvc - ok
15:20:18.0728 0x1530  [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
15:20:18.0751 0x1530  lmhosts - ok
15:20:18.0766 0x1530  [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
15:20:18.0777 0x1530  LSI_SAS - ok
15:20:18.0793 0x1530  [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
15:20:18.0803 0x1530  LSI_SAS2i - ok
15:20:18.0822 0x1530  [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
15:20:18.0833 0x1530  LSI_SAS3i - ok
15:20:18.0845 0x1530  [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
15:20:18.0855 0x1530  LSI_SSS - ok
15:20:18.0888 0x1530  [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM             C:\WINDOWS\System32\lsm.dll
15:20:18.0924 0x1530  LSM - ok
15:20:18.0941 0x1530  [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
15:20:18.0958 0x1530  luafv - ok
15:20:18.0984 0x1530  [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker      C:\WINDOWS\System32\moshost.dll
15:20:19.0019 0x1530  MapsBroker - ok
15:20:19.0040 0x1530  [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
15:20:19.0059 0x1530  megasas - ok
15:20:19.0088 0x1530  [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
15:20:19.0112 0x1530  megasr - ok
15:20:19.0161 0x1530  [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
15:20:19.0189 0x1530  mlx4_bus - ok
15:20:19.0248 0x1530  [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
15:20:19.0285 0x1614  Object send P2P result: true
15:20:19.0307 0x1530  MMCSS - ok
15:20:19.0337 0x1530  [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem           C:\WINDOWS\system32\drivers\modem.sys
15:20:19.0351 0x1530  Modem - ok
15:20:19.0366 0x1530  [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
15:20:19.0387 0x1530  monitor - ok
15:20:19.0403 0x1530  [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
15:20:19.0412 0x1530  mouclass - ok
15:20:19.0430 0x1530  [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
15:20:19.0457 0x1530  mouhid - ok
15:20:19.0500 0x1530  [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
15:20:19.0511 0x1530  mountmgr - ok
15:20:19.0569 0x1530  [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:20:19.0598 0x1530  MozillaMaintenance - ok
15:20:19.0622 0x1530  [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
15:20:19.0639 0x1530  mpsdrv - ok
15:20:19.0703 0x1530  [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
15:20:19.0758 0x1530  MpsSvc - ok
15:20:19.0787 0x1530  [ 5B37FDC07159FE9F5F52399F7D78F60B, A0C20EB9A7918395A13A5E21917887DDC9897C475D33091B518354163CAE108A ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
15:20:19.0808 0x1530  MQAC - ok
15:20:19.0828 0x1530  [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
15:20:19.0847 0x1530  MRxDAV - ok
15:20:19.0872 0x1530  [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:20:19.0896 0x1530  mrxsmb - ok
15:20:19.0916 0x1530  [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:20:19.0945 0x1530  mrxsmb10 - ok
15:20:19.0964 0x1530  [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:20:19.0981 0x1530  mrxsmb20 - ok
15:20:20.0024 0x1530  [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
15:20:20.0068 0x1530  MsBridge - ok
15:20:20.0103 0x1530  [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
15:20:20.0129 0x1530  MSDTC - ok
15:20:20.0141 0x1530  [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:20:20.0168 0x1530  Msfs - ok
15:20:20.0198 0x1530  [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:20:20.0207 0x1530  msgpiowin32 - ok
15:20:20.0219 0x1530  [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:20:20.0234 0x1530  mshidkmdf - ok
15:20:20.0245 0x1530  [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
15:20:20.0256 0x1530  mshidumdf - ok
15:20:20.0273 0x1530  [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
15:20:20.0281 0x1530  msisadrv - ok
15:20:20.0329 0x1530  [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
15:20:20.0372 0x1530  MSiSCSI - ok
15:20:20.0378 0x1530  msiserver - ok
15:20:20.0397 0x1530  [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:20:20.0408 0x1530  MSKSSRV - ok
15:20:20.0429 0x1530  [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
15:20:20.0443 0x1530  MsLldp - ok
15:20:20.0478 0x1530  [ 85EBF0A28B8B132B67C84C6CE5EBAC29, D0012CF4822A3D16F7BF61C94C5650DC1ED310A0DD1A3333465D28C73D40ECDB ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
15:20:20.0490 0x1530  MSMQ - ok
15:20:20.0510 0x1530  [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:20:20.0521 0x1530  MSPCLOCK - ok
15:20:20.0535 0x1530  [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
15:20:20.0544 0x1530  MSPQM - ok
15:20:20.0569 0x1530  [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
15:20:20.0586 0x1530  MsRPC - ok
15:20:20.0597 0x1530  [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
15:20:20.0606 0x1530  mssmbios - ok
15:20:20.0621 0x1530  [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
15:20:20.0632 0x1530  MSTEE - ok
15:20:20.0640 0x1530  [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
15:20:20.0651 0x1530  MTConfig - ok
15:20:20.0667 0x1530  [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
15:20:20.0678 0x1530  Mup - ok
15:20:20.0688 0x1530  [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
15:20:20.0699 0x1530  mvumis - ok
15:20:20.0784 0x1530  [ FD8BE8656F5B687F585868E56B7C2EAA, 61C606D3C0735EA8C1A9B71E27005474E8B161F05C994E130FFA401AB0C16817 ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
15:20:20.0811 0x1530  NanoServiceMain - ok
15:20:20.0850 0x1530  [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:20:20.0898 0x1530  NativeWifiP - ok
15:20:20.0940 0x1530  [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
15:20:20.0987 0x1530  NcaSvc - ok
15:20:21.0019 0x1530  [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
15:20:21.0069 0x1530  NcbService - ok
15:20:21.0091 0x1530  [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
15:20:21.0136 0x1530  NcdAutoSetup - ok
15:20:21.0154 0x1530  [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
15:20:21.0164 0x1530  ndfltr - ok
15:20:21.0209 0x1530  [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
15:20:21.0261 0x1530  NDIS - ok
15:20:21.0287 0x1530  [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
15:20:21.0314 0x1530  NdisCap - ok
15:20:21.0338 0x1530  [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
15:20:21.0354 0x1530  NdisImPlatform - ok
15:20:21.0371 0x1530  [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:20:21.0384 0x1530  NdisTapi - ok
15:20:21.0399 0x1530  [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
15:20:21.0411 0x1530  Ndisuio - ok
15:20:21.0416 0x1530  [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:20:21.0429 0x1530  NdisVirtualBus - ok
15:20:21.0447 0x1530  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
15:20:21.0465 0x1530  NdisWan - ok
15:20:21.0473 0x1530  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:20:21.0490 0x1530  ndiswanlegacy - ok
15:20:21.0507 0x1530  [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
15:20:21.0521 0x1530  ndproxy - ok
15:20:21.0540 0x1530  [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
15:20:21.0562 0x1530  Ndu - ok
15:20:21.0600 0x1530  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:20:21.0609 0x1530  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:20:23.0996 0x1530  Detect skipped due to KSN trusted
15:20:23.0996 0x1530  Net Driver HPZ12 - ok
15:20:24.0026 0x1530  [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
15:20:24.0061 0x1530  NetBIOS - ok
15:20:24.0098 0x1530  [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:20:24.0144 0x1530  NetBT - ok
15:20:24.0165 0x1530  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:20:24.0185 0x1530  Netlogon - ok
15:20:24.0221 0x1530  [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman          C:\WINDOWS\System32\netman.dll
15:20:24.0242 0x1530  Netman - ok
15:20:24.0358 0x1530  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:24.0387 0x1530  NetMsmqActivator - ok
15:20:24.0399 0x1530  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:24.0411 0x1530  NetPipeActivator - ok
15:20:24.0430 0x1530  [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
15:20:24.0462 0x1530  netprofm - ok
15:20:24.0496 0x1530  [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
15:20:24.0526 0x1530  NetSetupSvc - ok
15:20:24.0531 0x1530  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:24.0540 0x1530  NetTcpActivator - ok
15:20:24.0546 0x1530  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:20:24.0555 0x1530  NetTcpPortSharing - ok
15:20:24.0566 0x1530  [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
15:20:24.0579 0x1530  netvsc - ok
15:20:24.0598 0x1530  [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
15:20:24.0633 0x1530  NgcCtnrSvc - ok
15:20:24.0639 0x1530  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc          C:\WINDOWS\system32\lsass.exe
15:20:24.0649 0x1530  NgcSvc - ok
15:20:24.0689 0x1530  [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
15:20:24.0730 0x1530  NlaSvc - ok
15:20:24.0752 0x1530  [ EF729C076C2B75B5CB431482DE1E07B3, 834A450F1FDA3615213DC340B5CCFADE326082427CEE3179D32A3C462A1F251F ] NNSALPC         C:\WINDOWS\system32\DRIVERS\NNSALPC.sys
15:20:24.0762 0x1530  NNSALPC - ok
15:20:24.0782 0x1530  [ 0E6EDE400CDDEE1D76CB6B4EF9076130, 2216F3508F3A59E0FF0844F07EC6413A457BD3370B2AA657D8B6D504EE7B8C21 ] NNSHTTP         C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys
15:20:24.0794 0x1530  NNSHTTP - ok
15:20:24.0814 0x1530  [ BA0A6276D2DDCE642D4017AC0E014C54, 983E2F8EE5A8732C5849DC887D4670C91F0AC882E128DCA5B1B3F9A071FF2628 ] NNSHTTPS        C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys
15:20:24.0823 0x1530  NNSHTTPS - ok
15:20:24.0840 0x1530  [ FB1E93069755A75F8F92FEAD94078362, CD9EE8F217408405BCD41DB197A5447AC35A668E11FE6E2DEFA20D082AC3E44E ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIDS.sys
15:20:24.0850 0x1530  NNSIDS - ok
15:20:24.0881 0x1530  [ E4B9C6200A8A1213FD29FAF3C42F5F22, 32B21D03BAE08418E5E3B41D7A792378F9915A4AE24C9007B5192E98D480C12B ] NNSNAHSL        C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
15:20:24.0889 0x1530  NNSNAHSL - ok
15:20:24.0903 0x1530  [ 8EAF0E189340D0AA6E36FD3DBFCA06E6, 8096A89503BC8AD08CD3F197AD6160C8813B8EC115ABE2FFC42E21F415693A43 ] NNSPICC         C:\WINDOWS\system32\DRIVERS\NNSPICC.sys
15:20:24.0913 0x1530  NNSPICC - ok
15:20:24.0930 0x1530  [ 17C045CEB31DFD3C5016C157866B834C, 343C2900966A351AAE9C13A13AD1A807B3B34C675FF0CA87E97561911C657158 ] NNSPIHSW        C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys
15:20:24.0939 0x1530  NNSPIHSW - ok
15:20:24.0954 0x1530  [ 8E2B94D8ED57BADF66532D48963F5260, A3B928F17726D615080065B3D174438EF989E89693C0C22CDEF902DEE2707047 ] NNSPOP3         C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys
15:20:24.0963 0x1530  NNSPOP3 - ok
15:20:24.0983 0x1530  [ 51A96D0C6294DE0A44C60173B11B43FD, 5366037D4B8D63C8EF03E3BB68D5FEC04CBB33B5BD10554D8B9533CECCA4753F ] NNSPROT         C:\WINDOWS\system32\DRIVERS\NNSPROT.sys
15:20:24.0996 0x1530  NNSPROT - ok
15:20:25.0022 0x1530  [ 1203E755CE66B47F981A14D683483A46, 6E84597954A0F0A9A50EFCE0431D0A23790410DDFAEC048B5EC86C0F4137D0A3 ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPRV.sys
15:20:25.0032 0x1530  NNSPRV - ok
15:20:25.0039 0x1530  [ 73D22EA5489439A77E7AFF1A476AF4D7, 6B07B76EF0AD2C1886E0AD88CA6501A3EBBEC1AABC8F5B6CEC8DA3E8071BE5BC ] NNSSMTP         C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys
15:20:25.0048 0x1530  NNSSMTP - ok
15:20:25.0065 0x1530  [ FCAA6139267BE6BD579BE63A35D1B09C, 3F023A9C313DE53C9A5425542F4D472C516E4B928EFD33A0118F07149A4643FF ] NNSSTRM         C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys
15:20:25.0078 0x1530  NNSSTRM - ok
15:20:25.0095 0x1530  [ 7913A4658185DB56594E22F1A418D8DD, C4B4C771763F03ADDCC288EBF24D895AB8590101A722BB6010F88062F1681457 ] NNSTLSC         C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys
15:20:25.0104 0x1530  NNSTLSC - ok
15:20:25.0139 0x1530  [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:20:25.0151 0x1530  Npfs - ok
15:20:25.0169 0x1530  [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
15:20:25.0196 0x1530  npsvctrig - ok
15:20:25.0224 0x1530  [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi             C:\WINDOWS\system32\nsisvc.dll
15:20:25.0237 0x1530  nsi - ok
15:20:25.0241 0x1530  [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
15:20:25.0252 0x1530  nsiproxy - ok
15:20:25.0337 0x1530  [ BA8DC96D1DD7785EB0589CB1777208B7, 09B486A20D9F22FE50CB4FBC0C801609F522FA99F5FBC43107336B7D98457D91 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
15:20:25.0434 0x1530  NTFS - ok
15:20:25.0444 0x1530  [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:20:25.0454 0x1530  Null - ok
15:20:25.0478 0x1530  [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
15:20:25.0490 0x1530  nvraid - ok
15:20:25.0504 0x1530  [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
15:20:25.0517 0x1530  nvstor - ok
15:20:25.0533 0x1530  [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
15:20:25.0544 0x1530  nv_agp - ok
15:20:25.0637 0x1530  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:20:25.0667 0x1530  odserv - ok
15:20:25.0707 0x1530  [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
15:20:25.0730 0x1530  OneSyncSvc - ok
15:20:25.0936 0x1530  [ 40CB809645F1D0A93C535F9B0402F269, E683ED4ED824CE4E49715F23E3D3E8245B398D7A0D279E1F31470B9D7AF7E223 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:20:26.0009 0x1530  Origin Client Service - ok
15:20:26.0071 0x1530  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:20:26.0091 0x1530  ose - ok
15:20:26.0134 0x1530  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
15:20:26.0170 0x1530  p2pimsvc - ok
15:20:26.0233 0x1530  [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
15:20:26.0268 0x1530  p2psvc - ok
15:20:26.0322 0x1530  [ 742FC7886B2F155317723F1D6B045F94, BCB0DC50A64423973694DD35A270C6C9F4BB5A0A0819ECA0287B8BB9458DB137 ] PandaAgent      C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
15:20:26.0335 0x1530  PandaAgent - ok
15:20:26.0354 0x1530  panda_url_filtering - ok
15:20:26.0381 0x1530  [ 6925454E20B184E482CD65F297D51DB5, 9386542E9B20C370FCB275C7F8005DAD45C86BBC2F7B8DB3552FA49B474C5EED ] panda_url_filteringd C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys
15:20:26.0388 0x1530  panda_url_filteringd - ok
15:20:26.0400 0x1530  [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
15:20:26.0413 0x1530  Parport - ok
15:20:26.0428 0x1530  [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
15:20:26.0439 0x1530  partmgr - ok
15:20:26.0464 0x1530  [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
15:20:26.0488 0x1530  PcaSvc - ok
15:20:26.0540 0x1530  [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci             C:\WINDOWS\system32\drivers\pci.sys
15:20:26.0598 0x1530  pci - ok
15:20:26.0609 0x1530  [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
15:20:26.0621 0x1530  pciide - ok
15:20:26.0647 0x1530  [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
15:20:26.0658 0x1530  pcmcia - ok
15:20:26.0671 0x1530  [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
15:20:26.0680 0x1530  pcw - ok
15:20:26.0706 0x1530  [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
15:20:26.0723 0x1530  pdc - ok
15:20:26.0783 0x1530  [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
15:20:26.0826 0x1530  PEAUTH - ok
15:20:26.0840 0x1530  [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
15:20:26.0850 0x1530  percsas2i - ok
15:20:26.0863 0x1530  [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
15:20:26.0873 0x1530  percsas3i - ok
15:20:26.0964 0x1530  [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
15:20:27.0003 0x1530  PerfHost - ok
15:20:27.0047 0x1530  [ 839BD56425530973FF3F6F7C0057CD22, 9BADF39BC4628409CFCD5F1300C6040C49B2ED72D0FA389C6BB042E5B17E1A40 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
15:20:27.0093 0x1530  PimIndexMaintenanceSvc - ok
15:20:27.0198 0x1530  [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla             C:\WINDOWS\system32\pla.dll
15:20:27.0277 0x1530  pla - ok
15:20:27.0337 0x1530  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
15:20:27.0377 0x1530  PlugPlay - ok
15:20:27.0409 0x1530  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:20:27.0418 0x1530  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:20:29.0772 0x1530  Detect skipped due to KSN trusted
15:20:29.0773 0x1530  Pml Driver HPZ12 - ok
15:20:29.0797 0x1530  [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
15:20:29.0820 0x1530  PNRPAutoReg - ok
15:20:29.0845 0x1530  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
15:20:29.0876 0x1530  PNRPsvc - ok
15:20:29.0894 0x1530  [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\WINDOWS\System32\drivers\point64.sys
15:20:29.0903 0x1530  Point64 - ok
15:20:29.0943 0x1530  [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
15:20:29.0969 0x1530  PolicyAgent - ok
15:20:29.0991 0x1530  [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power           C:\WINDOWS\system32\umpo.dll
15:20:30.0006 0x1530  Power - ok
15:20:30.0024 0x1530  [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
15:20:30.0040 0x1530  PptpMiniport - ok
15:20:30.0190 0x1530  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
15:20:30.0357 0x1530  PrintNotify - ok
15:20:30.0385 0x1530  [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
15:20:30.0399 0x1530  Processor - ok
15:20:30.0446 0x1530  [ 8A216BBE091DA0585F6A5E8B65980961, 7A9400AF63D1B906F48C072084CC77508C91C7E69ACC1E9957D7A9C353A67710 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
15:20:30.0478 0x1530  ProfSvc - ok
15:20:30.0512 0x1530  [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
15:20:30.0525 0x1530  Psched - ok
15:20:30.0556 0x1530  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
15:20:30.0563 0x1530  PSI - ok
15:20:30.0594 0x1530  [ 80072EED0FDBC77E1F245B27995A40F2, E83B85B81A72CA67E4797017A0E44CF6074F49AD0BA1F0B7342C889CAA714B29 ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
15:20:30.0605 0x1530  PSINAflt - ok
15:20:30.0629 0x1530  [ 19BEE6C83EF303FF186B2756BC6C7CB1, A48D0601C2516003DFBB55C6097A0C193B9D71F788876D34B71BAB7802B48FAE ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys
15:20:30.0639 0x1530  PSINFile - ok
15:20:30.0652 0x1530  [ 256A4A55910490B97DD4046428680CE9, 093A958E75DFA1A6FE5EFEE2FAEF867BD255958C92B389D6EDDD82D8AE185E62 ] PSINKNC         C:\WINDOWS\system32\DRIVERS\PSINKNC.sys
15:20:30.0663 0x1530  PSINKNC - ok
15:20:30.0684 0x1530  [ 24E82387D730C4EAD43D1C3D0714F0E2, 06F1EB7529839C5375437DB2CD1840BA3F6227929A175E5058750B8BAC4A6626 ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys
15:20:30.0694 0x1530  PSINProc - ok
15:20:30.0712 0x1530  [ 7DF81D950D0A4A7D855B8C3A1BC96915, AC3F51F034E2EFDDE287AD912B01D63121873C3EBEE034E09C742247CCE25985 ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys
15:20:30.0722 0x1530  PSINProt - ok
15:20:30.0733 0x1530  [ A546D3C1C5B3B58FE46757F475F523D0, C8825E3E377BA0E78928250B3D8E2E1562F4F6E5BB05E6548E71DB197CEDD588 ] PSINReg         C:\WINDOWS\system32\DRIVERS\PSINReg.sys
15:20:30.0742 0x1530  PSINReg - ok
15:20:30.0773 0x1530  [ F803473CD0E5D36D02EB58109F1294CD, DB6FFB4100BD35D491FF1C61FB3073049C2C18038D004A6D1E279A95AB8BA2EC ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
15:20:30.0787 0x1530  PSKMAD - ok
15:20:30.0837 0x1530  [ 1FCB7FE181EFC686FFD6D18F24853638, 1BC4782B900758C7CE09E530F559FC158F5AFACA378ED20BEF96008AE82CAF03 ] PSUAService     C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
15:20:30.0861 0x1530  PSUAService - ok
15:20:30.0930 0x1530  [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE           C:\WINDOWS\system32\qwave.dll
15:20:30.0979 0x1530  QWAVE - ok
15:20:30.0995 0x1530  [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
15:20:31.0006 0x1530  QWAVEdrv - ok
15:20:31.0020 0x1530  [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:20:31.0033 0x1530  RasAcd - ok
15:20:31.0067 0x1530  [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
15:20:31.0088 0x1530  RasAgileVpn - ok
15:20:31.0125 0x1530  [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:20:31.0172 0x1530  RasAuto - ok
15:20:31.0196 0x1530  [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
15:20:31.0228 0x1530  Rasl2tp - ok
15:20:31.0258 0x1530  [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:20:31.0294 0x1530  RasMan - ok
15:20:31.0317 0x1530  [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
15:20:31.0331 0x1530  RasPppoe - ok
15:20:31.0349 0x1530  [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
15:20:31.0365 0x1530  RasSstp - ok
15:20:31.0396 0x1530  [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:20:31.0420 0x1530  rdbss - ok
15:20:31.0432 0x1530  [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
15:20:31.0458 0x1530  rdpbus - ok
15:20:31.0479 0x1530  [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
15:20:31.0494 0x1530  RDPDR - ok
15:20:31.0517 0x1530  [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:20:31.0526 0x1530  RdpVideoMiniport - ok
15:20:31.0562 0x1530  [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
15:20:31.0578 0x1530  rdyboost - ok
15:20:31.0643 0x1530  [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
15:20:31.0680 0x1530  ReFSv1 - ok
15:20:31.0743 0x1530  [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:20:31.0773 0x1530  RemoteAccess - ok
15:20:31.0787 0x1530  [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:20:31.0807 0x1530  RemoteRegistry - ok
15:20:31.0853 0x1530  [ DF84555A734BA2BDA55BCCCC47095ADD, 639814A7F5B758792FE6D84E3FF312F9CE9DACB21B93EA43394DC7A04526CB81 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
15:20:31.0897 0x1530  RetailDemo - ok
15:20:31.0909 0x1530  [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
15:20:31.0923 0x1530  RpcEptMapper - ok
15:20:31.0955 0x1530  [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:20:31.0965 0x1530  RpcLocator - ok
15:20:31.0986 0x1530  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
15:20:32.0023 0x1530  RpcSs - ok
15:20:32.0039 0x1530  [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
15:20:32.0053 0x1530  rspndr - ok
15:20:32.0075 0x1530  [ 179E6BCF8D16AD39C137CB4FCFE015C5, A1DF499AA378BDB1CB7F95ACC0C7D6929358AF4596A47FDEDFAE115461563CD5 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
15:20:32.0104 0x1530  rt640x64 - ok
15:20:32.0124 0x1530  [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
15:20:32.0134 0x1530  s3cap - ok
15:20:32.0169 0x1530  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs           C:\WINDOWS\system32\lsass.exe
15:20:32.0178 0x1530  SamSs - ok
15:20:32.0299 0x1530  [ 024139E00DB6425128F10E5DB7B7A056, 32730726CD02463B678CC3426F1C8D9F17AF42B1D85906F914529EC0B4809DD9 ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
15:20:32.0327 0x1530  Samsung Link Service - ok
15:20:32.0411 0x1530  [ 328100AF2EFD951EAB657384EC361B6F, 2DECBF74E13511395AA13F931F06F4D557E67654DA3314D0095C332FB758B4D9 ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
15:20:32.0429 0x1530  SamsungAllShareV2.0 - ok
15:20:32.0452 0x1530  [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
15:20:32.0467 0x1530  sbp2port - ok
15:20:32.0516 0x1530  [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
15:20:32.0558 0x1530  SCardSvr - ok
15:20:32.0571 0x1530  [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
15:20:32.0592 0x1530  ScDeviceEnum - ok
15:20:32.0610 0x1530  [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:20:32.0624 0x1530  scfilter - ok
15:20:32.0691 0x1530  [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:20:32.0754 0x1530  Schedule - ok
15:20:32.0788 0x1530  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
15:20:32.0807 0x1530  SCPolicySvc - ok
15:20:32.0836 0x1530  [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
15:20:32.0851 0x1530  sdbus - ok
15:20:32.0876 0x1530  [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
15:20:32.0901 0x1530  SDRSVC - ok
15:20:32.0915 0x1530  [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
15:20:32.0925 0x1530  sdstor - ok
15:20:32.0939 0x1530  [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon        C:\WINDOWS\system32\seclogon.dll
15:20:32.0957 0x1530  seclogon - ok
15:20:33.0052 0x1530  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
15:20:33.0118 0x1530  Secunia PSI Agent - ok
15:20:33.0154 0x1530  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
15:20:33.0174 0x1530  Secunia Update Agent - ok
15:20:33.0185 0x1530  [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS            C:\WINDOWS\System32\sens.dll
15:20:33.0203 0x1530  SENS - ok
15:20:33.0256 0x1530  [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
15:20:33.0317 0x1530  SensorDataService - ok
15:20:33.0358 0x1530  [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService   C:\WINDOWS\system32\SensorService.dll
15:20:33.0386 0x1530  SensorService - ok
15:20:33.0407 0x1530  [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
15:20:33.0424 0x1530  SensrSvc - ok
15:20:33.0434 0x1530  [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
15:20:33.0444 0x1530  SerCx - ok
15:20:33.0463 0x1530  [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
15:20:33.0475 0x1530  SerCx2 - ok
15:20:33.0491 0x1530  [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
15:20:33.0501 0x1530  Serenum - ok
15:20:33.0519 0x1530  [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial          C:\WINDOWS\System32\drivers\serial.sys
15:20:33.0531 0x1530  Serial - ok
15:20:33.0541 0x1530  [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
15:20:33.0557 0x1530  sermouse - ok
15:20:33.0582 0x1530  [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
15:20:33.0606 0x1530  SessionEnv - ok
15:20:33.0623 0x1530  [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
15:20:33.0634 0x1530  sfloppy - ok
15:20:33.0675 0x1530  [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:20:33.0703 0x1530  SharedAccess - ok
15:20:33.0799 0x1530  [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:20:33.0845 0x1530  ShellHWDetection - ok
15:20:33.0875 0x1530  [ 1980FE1F5A32067DAD1D8776B63C2669, 26B53EAF89CDBBA8FFA154DBB1F1DA348F894FE1F1D0CA4060E32496464DD5D2 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
15:20:33.0880 0x1530  SimpleSlideShowServer - ok
15:20:33.0889 0x1530  [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:20:33.0899 0x1530  SiSRaid2 - ok
15:20:33.0922 0x1530  [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
15:20:33.0933 0x1530  SiSRaid4 - ok
15:20:33.0967 0x1530  [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost         C:\WINDOWS\System32\smphost.dll
15:20:33.0983 0x1530  smphost - ok
15:20:34.0005 0x1530  [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
15:20:34.0038 0x1530  SmsRouter - ok
15:20:34.0080 0x1530  [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
15:20:34.0094 0x1530  SNMPTRAP - ok
15:20:34.0151 0x1530  [ 3BB48F7E33C2B76184DDF233000C09CD, D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84 ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
15:20:34.0173 0x1530  Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic ( 1 )
15:20:36.0521 0x1530  Detect skipped due to KSN trusted
15:20:36.0521 0x1530  Sony SCSI Helper Service - ok
15:20:36.0587 0x1530  [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
15:20:36.0622 0x1530  spaceport - ok
15:20:36.0638 0x1530  [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
15:20:36.0648 0x1530  SpbCx - ok
15:20:36.0683 0x1530  [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
15:20:36.0721 0x1530  Spooler - ok
15:20:36.0922 0x1530  [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
15:20:37.0200 0x1530  sppsvc - ok
15:20:37.0227 0x1530  [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:20:37.0262 0x1530  srv - ok
15:20:37.0297 0x1530  [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
15:20:37.0329 0x1530  srv2 - ok
15:20:37.0353 0x1530  [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:20:37.0370 0x1530  srvnet - ok
15:20:37.0402 0x1530  [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:20:37.0423 0x1530  SSDPSRV - ok
15:20:37.0434 0x1530  [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
15:20:37.0454 0x1530  SstpSvc - ok
15:20:37.0490 0x1530  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
15:20:37.0500 0x1530  ssudmdm - ok
15:20:37.0617 0x1530  [ 78760751FBCB900F6F68CA1700DAE2DC, 356914797056B11745E18ECD033B8DC801C3C3DD6C5127FCD430A02C4FDD34A9 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
15:20:37.0794 0x1530  StateRepository - ok
15:20:37.0891 0x1530  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:20:37.0924 0x1530  Steam Client Service - ok
15:20:37.0943 0x1530  [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
15:20:37.0953 0x1530  stexstor - ok
15:20:38.0029 0x1530  [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
15:20:38.0074 0x1530  stisvc - ok
15:20:38.0090 0x1530  [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
15:20:38.0102 0x1530  storahci - ok
15:20:38.0139 0x1530  [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
15:20:38.0161 0x1530  storflt - ok
15:20:38.0199 0x1530  [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
15:20:38.0214 0x1530  stornvme - ok
15:20:38.0230 0x1530  [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
15:20:38.0253 0x1530  storqosflt - ok
15:20:38.0275 0x1530  [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
15:20:38.0368 0x1530  StorSvc - ok
15:20:38.0387 0x1530  [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
15:20:38.0400 0x1530  storufs - ok
15:20:38.0420 0x1530  [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
15:20:38.0433 0x1530  storvsc - ok
15:20:38.0446 0x1530  [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc           C:\WINDOWS\system32\svsvc.dll
15:20:38.0467 0x1530  svsvc - ok
15:20:38.0578 0x1530  [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
15:20:38.0609 0x1530  swenum - ok
15:20:38.0647 0x1530  [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv           C:\WINDOWS\System32\swprv.dll
15:20:38.0680 0x1530  swprv - ok
15:20:38.0715 0x1530  [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
15:20:38.0737 0x1530  Synth3dVsc - ok
15:20:38.0845 0x1530  [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain         C:\WINDOWS\system32\sysmain.dll
15:20:38.0928 0x1530  SysMain - ok
15:20:38.0971 0x1530  [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:20:39.0011 0x1530  SystemEventsBroker - ok
15:20:39.0049 0x1530  [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:20:39.0100 0x1530  TabletInputService - ok
15:20:39.0154 0x1530  [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:20:39.0196 0x1530  TapiSrv - ok
15:20:39.0270 0x1530  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
15:20:39.0380 0x1530  Tcpip - ok
15:20:39.0437 0x1530  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
15:20:39.0506 0x1530  Tcpip6 - ok
15:20:39.0529 0x1530  [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
15:20:39.0543 0x1530  tcpipreg - ok
15:20:39.0579 0x1530  [ D42AC03ACF9CA67693D1D9BB4D2A0BC8, D39D5180F3CDB23B4551A8C98F3C92A960B4CC9FA48E0FE11A6D89B0C247783F ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
15:20:39.0591 0x1530  tdx - ok
15:20:39.0609 0x1530  [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
15:20:39.0619 0x1530  terminpt - ok
15:20:39.0656 0x1530  [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService     C:\WINDOWS\System32\termsrv.dll
15:20:39.0706 0x1530  TermService - ok
15:20:39.0718 0x1530  [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes          C:\WINDOWS\system32\themeservice.dll
15:20:39.0739 0x1530  Themes - ok
15:20:39.0784 0x1530  [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
15:20:39.0824 0x1530  tiledatamodelsvc - ok
15:20:39.0838 0x1530  [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
15:20:39.0872 0x1530  TimeBroker - ok
15:20:39.0894 0x1530  [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
15:20:39.0908 0x1530  TPM - ok
15:20:39.0928 0x1530  [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
15:20:39.0944 0x1530  TrkWks - ok
15:20:40.0023 0x1530  [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:20:40.0065 0x1530  TrustedInstaller - ok
15:20:40.0092 0x1530  [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
15:20:40.0111 0x1530  TsUsbFlt - ok
15:20:40.0125 0x1530  [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:20:40.0135 0x1530  TsUsbGD - ok
15:20:40.0150 0x1530  [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
15:20:40.0160 0x1530  uagp35 - ok
15:20:40.0174 0x1530  [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
15:20:40.0184 0x1530  UASPStor - ok
15:20:40.0205 0x1530  [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
15:20:40.0229 0x1530  UcmCx0101 - ok
15:20:40.0263 0x1530  [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
15:20:40.0290 0x1530  UcmUcsi - ok
15:20:40.0313 0x1530  [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
15:20:40.0326 0x1530  Ucx01000 - ok
15:20:40.0339 0x1530  [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
15:20:40.0357 0x1530  UdeCx - ok
15:20:40.0381 0x1530  [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
15:20:40.0406 0x1530  udfs - ok
15:20:40.0444 0x1530  [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
15:20:40.0453 0x1530  UEFI - ok
15:20:40.0475 0x1530  [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
15:20:40.0490 0x1530  Ufx01000 - ok
15:20:40.0505 0x1530  [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
15:20:40.0516 0x1530  UfxChipidea - ok
15:20:40.0530 0x1530  [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
15:20:40.0542 0x1530  ufxsynopsys - ok
15:20:40.0570 0x1530  [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
15:20:40.0604 0x1530  UI0Detect - ok
15:20:40.0624 0x1530  [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
15:20:40.0634 0x1530  uliagpkx - ok
15:20:40.0639 0x1530  [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
15:20:40.0662 0x1530  umbus - ok
15:20:40.0681 0x1530  [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
15:20:40.0691 0x1530  UmPass - ok
15:20:40.0723 0x1530  [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
15:20:40.0769 0x1530  UmRdpService - ok
15:20:40.0822 0x1530  [ 0D5C9E27E93AAEA3E30A1E59A7AC3DFF, 31A203DA03877E6B887930990C5BB53402F0DFFB22A6F8FC5A34EF0B99CD8A7E ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
15:20:40.0892 0x1530  UnistoreSvc - ok
15:20:40.0931 0x1530  [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:20:40.0958 0x1530  upnphost - ok
15:20:40.0980 0x1530  [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
15:20:40.0989 0x1530  UrsChipidea - ok
15:20:41.0004 0x1530  [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
15:20:41.0014 0x1530  UrsCx01000 - ok
15:20:41.0028 0x1530  [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
15:20:41.0037 0x1530  UrsSynopsys - ok
15:20:41.0060 0x1530  [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
15:20:41.0072 0x1530  usbccgp - ok
15:20:41.0096 0x1530  [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
15:20:41.0109 0x1530  usbcir - ok
15:20:41.0147 0x1530  [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
15:20:41.0158 0x1530  usbehci - ok
15:20:41.0191 0x1530  [ 5AE9C87A1ED4B243942B3FDDD902134B, E19657C637B354F968099755DD311A159E57C4BD5ED89D81BDA1C70A62DC732E ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
15:20:41.0197 0x1530  usbfilter - ok
15:20:41.0258 0x1530  [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
15:20:41.0291 0x1530  usbhub - ok
15:20:41.0333 0x1530  [ 1BDA1FD02783566F0B20EB0E2517F85C, 4C86DC962BBE4CA5AE466A37CF647D84CE2A34DA7F861751587841FC10CFA09D ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
15:20:41.0387 0x1530  USBHUB3 - ok
15:20:41.0435 0x1530  [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
15:20:41.0464 0x1530  usbohci - ok
15:20:41.0484 0x1530  [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
15:20:41.0506 0x1530  usbprint - ok
15:20:41.0528 0x1530  [ 923CA145CD0A9DFBA4CBBA60AB684C2C, EFAA1E730802490E9A53718D70484832A38345FE0A670937FC546FD245DF2CC9 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:20:41.0540 0x1530  usbscan - ok
15:20:41.0581 0x1530  [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
15:20:41.0610 0x1530  usbser - ok
15:20:41.0625 0x1530  [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:20:41.0636 0x1530  USBSTOR - ok
15:20:41.0647 0x1530  [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
15:20:41.0659 0x1530  usbuhci - ok
15:20:41.0692 0x1530  [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:20:41.0711 0x1530  USBXHCI - ok
15:20:41.0778 0x1530  [ 32212C0FE0556915E763C29DEB6D267E, C5BC9DA3AB0C41604E8F3D01AFC2C25351FF5D3967E766DD0CDB4C0239ED6312 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
15:20:41.0853 0x1530  UserDataSvc - ok
15:20:41.0927 0x1530  [ A2FD4588F579F8671E4AB1064633CB46, A2BBF6AF7D84F5AE01BFFF69F6CCBACFC0651A2DE2BBD226C6D90208298333D5 ] UserManager     C:\WINDOWS\System32\usermgr.dll
15:20:41.0983 0x1530  UserManager - ok
15:20:42.0045 0x1530  [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
15:20:42.0083 0x1530  UsoSvc - ok
15:20:42.0116 0x1530  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
         


Alt 23.01.2016, 15:25   #6
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



TDSSKiller-Report Teil 2

Code:
ATTFilter
15:20:42.0126 0x1530  VaultSvc - ok
15:20:42.0134 0x1530  [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
15:20:42.0143 0x1530  vdrvroot - ok
15:20:42.0182 0x1530  [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds             C:\WINDOWS\System32\vds.exe
15:20:42.0220 0x1530  vds - ok
15:20:42.0228 0x1530  [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
15:20:42.0242 0x1530  VerifierExt - ok
15:20:42.0269 0x1530  [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
15:20:42.0295 0x1530  vhdmp - ok
15:20:42.0308 0x1530  [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
15:20:42.0319 0x1530  vhf - ok
15:20:42.0335 0x1530  [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
15:20:42.0346 0x1530  vmbus - ok
15:20:42.0354 0x1530  [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
15:20:42.0365 0x1530  VMBusHID - ok
15:20:42.0410 0x1530  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:20:42.0444 0x1530  vmicguestinterface - ok
15:20:42.0457 0x1530  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
15:20:42.0482 0x1530  vmicheartbeat - ok
15:20:42.0495 0x1530  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:20:42.0520 0x1530  vmickvpexchange - ok
15:20:42.0532 0x1530  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
15:20:42.0557 0x1530  vmicrdv - ok
15:20:42.0570 0x1530  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
15:20:42.0594 0x1530  vmicshutdown - ok
15:20:42.0607 0x1530  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
15:20:42.0632 0x1530  vmictimesync - ok
15:20:42.0644 0x1530  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
15:20:42.0669 0x1530  vmicvmsession - ok
15:20:42.0682 0x1530  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
15:20:42.0707 0x1530  vmicvss - ok
15:20:42.0724 0x1530  [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
15:20:42.0734 0x1530  volmgr - ok
15:20:42.0750 0x1530  [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
15:20:42.0769 0x1530  volmgrx - ok
15:20:42.0792 0x1530  [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
15:20:42.0810 0x1530  volsnap - ok
15:20:42.0847 0x1530  [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
15:20:42.0866 0x1530  vpci - ok
15:20:42.0902 0x1530  [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
15:20:42.0927 0x1530  vsmraid - ok
15:20:42.0965 0x1530  [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS             C:\WINDOWS\system32\vssvc.exe
15:20:43.0021 0x1530  VSS - ok
15:20:43.0040 0x1530  [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
15:20:43.0057 0x1530  VSTXRAID - ok
15:20:43.0074 0x1530  [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
15:20:43.0085 0x1530  vwifibus - ok
15:20:43.0097 0x1530  [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
15:20:43.0111 0x1530  vwififlt - ok
15:20:43.0155 0x1530  [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time         C:\WINDOWS\system32\w32time.dll
15:20:43.0186 0x1530  W32Time - ok
15:20:43.0255 0x1530  [ 9776E4816D92B766F461957FBDA84360, 048F6ADC97767AFAB50582D0AE1E67A15B038A1C02F7982A6AD30B61AC5C7369 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
15:20:43.0286 0x1530  w3logsvc - ok
15:20:43.0324 0x1530  [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
15:20:43.0356 0x1530  W3SVC - ok
15:20:43.0375 0x1530  [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
15:20:43.0387 0x1530  WacomPen - ok
15:20:43.0419 0x1530  [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService   C:\WINDOWS\system32\WalletService.dll
15:20:43.0467 0x1530  WalletService - ok
15:20:43.0482 0x1530  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:20:43.0497 0x1530  wanarp - ok
15:20:43.0501 0x1530  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:20:43.0562 0x1530  wanarpv6 - ok
15:20:43.0577 0x1530  [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
15:20:43.0605 0x1530  WAS - ok
15:20:43.0661 0x1530  [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine        C:\WINDOWS\system32\wbengine.exe
15:20:43.0789 0x1530  wbengine - ok
15:20:43.0819 0x1530  [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
15:20:43.0857 0x1530  WbioSrvc - ok
15:20:43.0898 0x1530  [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
15:20:43.0944 0x1530  Wcmsvc - ok
15:20:43.0967 0x1530  [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
15:20:44.0002 0x1530  wcncsvc - ok
15:20:44.0015 0x1530  [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:20:44.0043 0x1530  WcsPlugInService - ok
15:20:44.0056 0x1530  [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
15:20:44.0067 0x1530  WdBoot - ok
15:20:44.0103 0x1530  [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
15:20:44.0133 0x1530  Wdf01000 - ok
15:20:44.0161 0x1530  [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
15:20:44.0177 0x1530  WdFilter - ok
15:20:44.0189 0x1530  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
15:20:44.0208 0x1530  WdiServiceHost - ok
15:20:44.0213 0x1530  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
15:20:44.0231 0x1530  WdiSystemHost - ok
15:20:44.0263 0x1530  [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
15:20:44.0309 0x1530  wdiwifi - ok
15:20:44.0333 0x1530  [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:20:44.0344 0x1530  WdNisDrv - ok
15:20:44.0369 0x1530  WdNisSvc - ok
15:20:44.0440 0x1530  [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:20:44.0482 0x1530  WebClient - ok
15:20:44.0497 0x1530  [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
15:20:44.0518 0x1530  Wecsvc - ok
15:20:44.0531 0x1530  [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
15:20:44.0547 0x1530  WEPHOSTSVC - ok
15:20:44.0563 0x1530  [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
15:20:44.0602 0x1530  wercplsupport - ok
15:20:44.0623 0x1530  [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
15:20:44.0644 0x1530  WerSvc - ok
15:20:44.0648 0x1530  wfpcapture - ok
15:20:44.0660 0x1530  [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
15:20:44.0673 0x1530  WFPLWFS - ok
15:20:44.0684 0x1530  [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
15:20:44.0699 0x1530  WiaRpc - ok
15:20:44.0728 0x1530  [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
15:20:44.0737 0x1530  WIMMount - ok
15:20:44.0740 0x1530  WinDefend - ok
15:20:44.0761 0x1530  [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
15:20:44.0774 0x1530  WindowsTrustedRT - ok
15:20:44.0789 0x1530  [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
15:20:44.0799 0x1530  WindowsTrustedRTProxy - ok
15:20:44.0842 0x1530  [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:20:44.0883 0x1530  WinHttpAutoProxySvc - ok
15:20:44.0901 0x1530  [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
15:20:44.0910 0x1530  WinMad - ok
15:20:45.0003 0x1530  [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:20:45.0048 0x1530  Winmgmt - ok
15:20:45.0150 0x1530  [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
15:20:45.0284 0x1530  WinRM - ok
15:20:45.0306 0x1530  [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB          C:\WINDOWS\System32\drivers\WinUsb.sys
15:20:45.0319 0x1530  WINUSB - ok
15:20:45.0338 0x1530  [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
15:20:45.0348 0x1530  WinVerbs - ok
15:20:45.0429 0x1530  [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
15:20:45.0572 0x1530  WlanSvc - ok
15:20:45.0642 0x1530  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:20:45.0665 0x1530  wlcrasvc - ok
15:20:45.0748 0x1530  [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
15:20:45.0867 0x1530  wlidsvc - ok
15:20:45.0888 0x1530  [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
15:20:45.0898 0x1530  WmiAcpi - ok
15:20:45.0919 0x1530  [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:20:45.0935 0x1530  wmiApSrv - ok
15:20:45.0976 0x1530  WMPNetworkSvc - ok
15:20:46.0026 0x1530  [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
15:20:46.0044 0x1530  Wof - ok
15:20:46.0106 0x1530  [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
15:20:46.0218 0x1530  workfolderssvc - ok
15:20:46.0252 0x1530  [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:20:46.0261 0x1530  wpcfltr - ok
15:20:46.0297 0x1530  [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
15:20:46.0326 0x1530  WPDBusEnum - ok
15:20:46.0340 0x1530  [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:20:46.0348 0x1530  WpdUpFltr - ok
15:20:46.0368 0x1530  [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService      C:\WINDOWS\system32\WpnService.dll
15:20:46.0388 0x1530  WpnService - ok
15:20:46.0405 0x1530  [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:20:46.0418 0x1530  ws2ifsl - ok
15:20:46.0431 0x1530  [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
15:20:46.0451 0x1530  wscsvc - ok
15:20:46.0455 0x1530  WSearch - ok
15:20:46.0607 0x1530  [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService       C:\WINDOWS\System32\WSService.dll
15:20:46.0762 0x1530  WSService - ok
15:20:46.0828 0x1530  [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
15:20:46.0939 0x1530  wuauserv - ok
15:20:46.0956 0x1530  [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
15:20:46.0970 0x1530  WudfPf - ok
15:20:46.0990 0x1530  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
15:20:47.0008 0x1530  WUDFRd - ok
15:20:47.0015 0x1530  [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
15:20:47.0031 0x1530  wudfsvc - ok
15:20:47.0039 0x1530  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:20:47.0056 0x1530  WUDFWpdFs - ok
15:20:47.0064 0x1530  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
15:20:47.0081 0x1530  WUDFWpdMtp - ok
15:20:47.0108 0x1530  [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
15:20:47.0169 0x1530  WwanSvc - ok
15:20:47.0209 0x1530  [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
15:20:47.0264 0x1530  XblAuthManager - ok
15:20:47.0310 0x1530  [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
15:20:47.0380 0x1530  XblGameSave - ok
15:20:47.0401 0x1530  [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
15:20:47.0427 0x1530  xboxgip - ok
15:20:47.0466 0x1530  [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
15:20:47.0518 0x1530  XboxNetApiSvc - ok
15:20:47.0530 0x1530  [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
15:20:47.0541 0x1530  xinputhid - ok
15:20:47.0543 0x1530  ================ Scan global ===============================
15:20:47.0592 0x1530  [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
15:20:47.0637 0x1530  [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
15:20:47.0677 0x1530  [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
15:20:47.0734 0x1530  [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
15:20:47.0754 0x1530  [ Global ] - ok
15:20:47.0755 0x1530  ================ Scan MBR ==================================
15:20:47.0775 0x1530  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:20:48.0163 0x1530  \Device\Harddisk0\DR0 - ok
15:20:48.0171 0x1530  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR6
15:20:48.0268 0x1530  \Device\Harddisk5\DR6 - ok
15:20:48.0268 0x1530  ================ Scan VBR ==================================
15:20:48.0271 0x1530  [ A13D2CAE9A9AADC5E29F28FB03C8EB18 ] \Device\Harddisk0\DR0\Partition1
15:20:48.0312 0x1530  \Device\Harddisk0\DR0\Partition1 - ok
15:20:48.0314 0x1530  [ BF87453560A5C12922756D441076C967 ] \Device\Harddisk0\DR0\Partition2
15:20:48.0359 0x1530  \Device\Harddisk0\DR0\Partition2 - ok
15:20:48.0377 0x1530  [ 14A6D1AC4CB0802B619AEA527ED1BEAE ] \Device\Harddisk5\DR6\Partition1
15:20:48.0378 0x1530  \Device\Harddisk5\DR6\Partition1 - ok
15:20:48.0381 0x1530  ================ Scan generic autorun ======================
15:20:48.0799 0x1530  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:20:49.0064 0x1530  RTHDVCPL - ok
15:20:49.0122 0x1530  [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
15:20:49.0131 0x1530  iTunesHelper - ok
15:20:49.0193 0x1530  [ 7AA219D7AEAA8BADCAC7853AE6AE3BD5, 018F85DCD9EB33DC775CCCB58B999A640B6F8FEF37898EA45600B433E77CF9AE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:20:49.0214 0x1530  APSDaemon - ok
15:20:49.0342 0x1530  [ 1F02F97238874324C4E371A41EFAE235, 0D546E150C1ADED852DD71762EB45CEF3799F7BA660EAF066E0B7B521EADA8CE ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
15:20:49.0369 0x1530  DivXMediaServer - ok
15:20:49.0444 0x1530  [ 34CA7536C887700B3A529EEF502BE431, B85E63A3BFCE89BD0069969C1D5B1652717AAF2E18065FB756D5527DA1F1E574 ] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
15:20:49.0466 0x1530  AllShareAgent - ok
15:20:49.0811 0x1530  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:20:50.0088 0x1530  OneDriveSetup - ok
15:20:50.0318 0x1530  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:20:50.0499 0x1530  OneDriveSetup - ok
15:20:50.0570 0x1530  [ 3AAA9DF77D5F41555B0587B0E1332EA5, D138F54F61BF7A6C734F1D97BA0D5F81B2C677B9006E51BBAD7952889FC36FFA ] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
15:20:50.0616 0x1530  WinPatrol - ok
15:20:50.0780 0x1530  [ EADC02F7D3B46E152704BA64D7CB90FA, 4357850EEC0DE0E41210F405C821C9FAD6E25E53C745CF34F3984EA4294A144B ] C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:20:50.0809 0x1530  OneDrive - ok
15:20:50.0853 0x1530  [ A6177D080759CF4A03EF837A38F62401, 79D1FFABDD7841D9043D4DDF1F93721BCD35D823614411FD4EAB5D2C16A86F35 ] C:\WINDOWS\system32\cmd.exe
15:20:50.0890 0x1530  Uninstall C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 - ok
15:20:50.0904 0x1530  [ A6177D080759CF4A03EF837A38F62401, 79D1FFABDD7841D9043D4DDF1F93721BCD35D823614411FD4EAB5D2C16A86F35 ] C:\WINDOWS\system32\cmd.exe
15:20:50.0924 0x1530  Uninstall C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626 - ok
15:20:50.0925 0x1530  Waiting for KSN requests completion. In queue: 177
15:20:51.0926 0x1530  Waiting for KSN requests completion. In queue: 177
15:20:52.0926 0x1530  Waiting for KSN requests completion. In queue: 177
15:20:53.0326 0x1f0c  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip
15:20:53.0927 0x1530  Waiting for KSN requests completion. In queue: 148
15:20:54.0928 0x1530  Waiting for KSN requests completion. In queue: 148
15:20:55.0752 0x1f0c  Object send P2P result: true
15:20:55.0753 0x1f0c  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6
15:20:55.0929 0x1530  Waiting for KSN requests completion. In queue: 147
15:20:56.0929 0x1530  Waiting for KSN requests completion. In queue: 147
15:20:57.0930 0x1530  Waiting for KSN requests completion. In queue: 147
15:20:58.0199 0x1f0c  Object send P2P result: true
15:20:58.0241 0x1f0c  Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc
15:20:58.0930 0x1530  Waiting for KSN requests completion. In queue: 35
15:20:59.0931 0x1530  Waiting for KSN requests completion. In queue: 35
15:21:00.0672 0x1f0c  Object send P2P result: true
15:21:01.0010 0x1530  AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71000 ( enabled : updated )
15:21:01.0013 0x1530  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
15:21:01.0018 0x1530  FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x72010 ( disabled )
15:21:01.0026 0x1530  Win FW state via NFP2: enabled ( trusted )
15:21:03.0380 0x1530  ============================================================
15:21:03.0380 0x1530  Scan finished
15:21:03.0380 0x1530  ============================================================
15:21:03.0391 0x2164  Detected object count: 0
15:21:03.0391 0x2164  Actual detected object count: 0
         
[/CODE]

Alt 23.01.2016, 21:56   #7
M-K-D-B
/// TB-Ausbilder
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Servus,



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Alt 24.01.2016, 10:10   #8
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Logdatei AdwCleaner

Code:
ATTFilter
# AdwCleaner v5.030 - Bericht erstellt am 24/01/2016 um 09:09:05
# Aktualisiert am 17/01/2016 von Xplode
# Datenbank : 2016-01-19.2 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Der Ehrenwerte - DEREHRENWERTE
# Gestartet von : C:\Users\Der Ehrenwerte\Desktop\AdwCleaner_5.030.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec
[-] Ordner Gelöscht : C:\ProgramData\FINdBoestDeal
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner Gelöscht : C:\Users\Der Ehrenwerte\AppData\Local\slimware utilities inc
[-] Ordner Gelöscht : C:\Users\Der Ehrenwerte\AppData\LocalLow\HPAppData
[-] Ordner Gelöscht : C:\Users\Der Ehrenwerte\AppData\Roaming\RHEng

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\SlimWare Utilities Inc
[-] Schlüssel Gelöscht : HKCU\Software\Yahoo\Companion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

***** [ Internetbrowser ] *****

[-] [C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : panda-cloud-antivirus-pro.softonic.de
[-] [C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : devolo.wifi

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2436 Bytes] ##########
         
Logdatei MBAM

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 24.01.2016
Suchlaufzeit: 09:21
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.24.02
Rootkit-Datenbank: v2016.01.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Der Ehrenwerte

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 430171
Abgelaufene Zeit: 24 Min., 57 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Logdatei JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64 
Ran by Der Ehrenwerte (Administrator) on 24.01.2016 at  9:52:19,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 16 

Successfully deleted: C:\ProgramData\obmdpnkbmpbdojebnejpfpbehndifhce (Folder) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.darklyrics.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.darklyrics.com_0.localstorage (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage (File) 
Successfully deleted: C:\users\Public\Documents\downloaded installers (Folder) 
Successfully deleted: C:\WINDOWS\Tasks\DriverToolkit Autorun.job (Task) 
Successfully deleted: C:\ProgramData\BloccKTheeAdiAApp (Folder)
Successfully deleted: C:\WINDOWS\SysWOW64\REND5F8.tmp (File) 



Registry: 3 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D6BF7EEB-4F9A-4B05-9F23-C4D7A81A5E24} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.01.2016 at  9:55:21,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von Der Ehrenwerte (Administrator) auf DEREHRENWERTE (24-01-2016 10:06:26)
Gestartet von C:\Users\Der Ehrenwerte\Desktop
Geladene Profile: Der Ehrenwerte (Verfügbare Profile: Der Ehrenwerte)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1163264 2015-03-30] (Ruiware LLC)
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\RunOnce: [Uninstall C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\RunOnce: [Uninstall C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{e5216851-eedc-4492-8f64-a4018fa39ca4}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://nmd.msn.com
SearchScopes: HKLM -> {D6BF7EEB-4F9A-4B05-9F23-C4D7A81A5E24} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D6BF7EEB-4F9A-4B05-9F23-C4D7A81A5E24} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Keine Datei
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => Keine Datei
BHO: FINdBoestDeal -> {D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197} -> C:\ProgramData\FINdBoestDeal\TRwHHPXLXa.x64.dll => Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
BHO: BloccKTheeAdiAApp -> {F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90} -> C:\ProgramData\BloccKTheeAdiAApp\Pqc.x64.dll => Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default
FF DefaultSearchEngine: SuchMaschine
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1177671194-2042575061-30678460-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Der Ehrenwerte\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-01] (Apple Inc.)
FF SearchPlugin: C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\searchplugins\suchmaschine.xml [2015-04-27]
FF Extension: Exif Viewer - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\extensions\exif_viewer@mozilla.doslash.org.xpi [2015-06-28]
FF Extension: anonymoX - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\client@anonymox.net.xpi [2016-01-13]
FF Extension: NoScript - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-01]
FF Extension: Panda Security Toolbar - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-09-17] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-01]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => nicht gefunden
FF HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.at/
CHR StartupUrls: Default -> "hxxps://www.google.at/?gws_rd=ssl"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\pdf.dll => Keine Datei
CHR Plugin: (20-20 3D Viewer for IKEA) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp\5.0.94.1_0\NP_2020Player_IKEA.dll (20-20 Technologies)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => Keine Datei
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Reader Application Detector) - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Der Ehrenwerte\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-20]
CHR Extension: (YouTube) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20]
CHR Extension: (Adblock für Facebook™) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc [2015-10-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-09-04]
CHR Extension: (Google Mail) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-08] (GOG.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-01] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-11-06] (Copyright 2013 SAMSUNG)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-02] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-07] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-09-15] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-09-15] (Windows (R) Win 7 DDK provider)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [Datei ist nicht signiert]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-07] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87448 2015-07-16] ()
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-24 10:03 - 2016-01-24 10:03 - 00016148 _____ C:\WINDOWS\system32\DEREHRENWERTE_Der Ehrenwerte_HistoryPrediction.bin
2016-01-24 09:55 - 2016-01-24 09:55 - 00003000 _____ C:\Users\Der Ehrenwerte\Desktop\JRT.txt
2016-01-24 09:51 - 2016-01-24 09:52 - 01600184 _____ (Malwarebytes) C:\Users\Der Ehrenwerte\Desktop\JRT.exe
2016-01-24 09:51 - 2016-01-24 09:51 - 01600184 _____ (Malwarebytes) C:\Users\Der Ehrenwerte\Downloads\JRT.exe
2016-01-24 09:49 - 2016-01-24 09:49 - 00001205 _____ C:\Users\Der Ehrenwerte\Desktop\mbam.txt
2016-01-24 09:21 - 2016-01-24 09:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-24 09:20 - 2016-01-24 09:20 - 00001178 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-24 09:20 - 2016-01-24 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-01-24 09:19 - 2016-01-24 09:19 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-01-24 09:19 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-24 09:19 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-24 09:19 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-24 09:17 - 2016-01-24 09:17 - 22908888 _____ (Malwarebytes ) C:\Users\Der Ehrenwerte\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-24 09:03 - 2016-01-24 09:06 - 01505280 _____ C:\Users\Der Ehrenwerte\Desktop\AdwCleaner_5.030.exe
2016-01-23 15:18 - 2016-01-23 16:42 - 00271010 _____ C:\TDSSKiller.3.1.0.9_23.01.2016_15.18.41_log.txt
2016-01-23 15:18 - 2016-01-23 15:18 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Der Ehrenwerte\Desktop\tdsskiller.exe
2016-01-23 15:11 - 2016-01-23 15:13 - 00074453 _____ C:\Users\Der Ehrenwerte\Desktop\Addition.txt
2016-01-23 15:10 - 2016-01-24 10:06 - 00027275 _____ C:\Users\Der Ehrenwerte\Desktop\FRST.txt
2016-01-23 15:10 - 2016-01-24 10:06 - 00000000 ____D C:\FRST
2016-01-23 15:09 - 2016-01-23 15:09 - 02370560 _____ (Farbar) C:\Users\Der Ehrenwerte\Desktop\FRST64.exe
2016-01-23 10:19 - 2016-01-23 10:19 - 00927824 _____ (Google Inc.) C:\Users\Der Ehrenwerte\Downloads\ChromeSetup.exe
2016-01-19 21:47 - 2016-01-19 21:47 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\wordpress-4.4.1
2016-01-19 21:46 - 2016-01-19 21:46 - 07725585 _____ C:\Users\Der Ehrenwerte\Downloads\wordpress-4.4.1.zip
2016-01-17 19:11 - 2016-01-17 19:15 - 00047616 ___SH C:\Users\Der Ehrenwerte\Desktop\Thumbs.db
2016-01-17 17:15 - 2016-01-17 17:15 - 00248736 _____ C:\Users\Der Ehrenwerte\Downloads\Firefox Setup Stub 43.0.4.exe
2016-01-14 21:19 - 2016-01-14 21:50 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\2016-01 (Jan)
2016-01-13 19:51 - 2016-01-13 19:51 - 00079509 _____ C:\Users\Der Ehrenwerte\Downloads\KATHRIN EVA  KREGAR 257-2140436720.pdf
2016-01-13 19:51 - 2016-01-13 19:51 - 00079509 _____ C:\Users\Der Ehrenwerte\Desktop\KATHRIN EVA  KREGAR 257-2140436720.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079507 _____ C:\Users\Der Ehrenwerte\Downloads\STEFAN TSCHERNUTTER 257-2140436722.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079507 _____ C:\Users\Der Ehrenwerte\Desktop\STEFAN TSCHERNUTTER 257-2140436722.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079485 _____ C:\Users\Der Ehrenwerte\Desktop\DANIEL MORINA 257-2140436721.pdf
2016-01-13 19:48 - 2016-01-13 19:48 - 00079485 _____ C:\Users\Der Ehrenwerte\Downloads\DANIEL MORINA 257-2140436721.pdf
2016-01-12 20:54 - 2016-01-12 20:54 - 00062607 _____ C:\Users\Der Ehrenwerte\Desktop\Wacken-Flug.pdf
2016-01-12 19:44 - 2016-01-05 04:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 19:44 - 2016-01-05 04:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 19:44 - 2016-01-05 04:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 19:44 - 2016-01-05 04:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 19:44 - 2016-01-05 04:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 19:44 - 2016-01-05 04:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 19:44 - 2016-01-05 04:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 19:44 - 2016-01-05 04:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 19:44 - 2016-01-05 04:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 19:44 - 2016-01-05 03:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-12 19:44 - 2016-01-05 03:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 19:44 - 2016-01-05 03:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 19:44 - 2016-01-05 03:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 19:44 - 2016-01-05 03:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 19:44 - 2016-01-05 03:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 19:44 - 2016-01-05 03:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 19:44 - 2016-01-05 03:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 19:44 - 2016-01-05 03:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 19:44 - 2016-01-05 03:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 19:44 - 2016-01-05 03:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 19:44 - 2016-01-05 03:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 19:44 - 2016-01-05 03:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 19:44 - 2016-01-05 03:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 19:44 - 2016-01-05 03:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 19:44 - 2016-01-05 03:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 19:44 - 2016-01-05 03:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 19:44 - 2016-01-05 03:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 19:44 - 2016-01-05 03:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 19:44 - 2016-01-05 03:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 19:44 - 2016-01-05 03:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 19:44 - 2016-01-05 03:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 19:44 - 2016-01-05 03:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 19:44 - 2016-01-05 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-12 19:44 - 2016-01-05 03:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 19:44 - 2016-01-05 03:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-12 19:44 - 2016-01-05 03:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-12 19:44 - 2016-01-05 03:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 19:44 - 2016-01-05 03:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 19:44 - 2016-01-05 03:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-12 19:44 - 2016-01-05 03:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 19:44 - 2016-01-05 03:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 19:44 - 2016-01-05 03:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 19:44 - 2016-01-05 03:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 19:44 - 2016-01-05 03:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 19:44 - 2016-01-05 03:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 19:44 - 2016-01-05 03:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 19:44 - 2016-01-05 03:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 19:44 - 2016-01-05 03:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 19:44 - 2016-01-05 03:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-12 19:44 - 2016-01-05 03:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 19:44 - 2016-01-05 02:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 19:44 - 2016-01-05 02:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 19:44 - 2016-01-05 02:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 19:44 - 2016-01-05 02:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 19:44 - 2016-01-05 02:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 19:44 - 2016-01-05 02:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 19:44 - 2016-01-05 02:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 19:44 - 2016-01-05 02:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 19:44 - 2016-01-05 02:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 19:44 - 2016-01-05 02:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 19:44 - 2016-01-05 02:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 19:44 - 2016-01-05 02:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 19:44 - 2016-01-05 02:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-12 19:44 - 2016-01-05 02:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 19:44 - 2016-01-05 02:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-12 19:44 - 2016-01-05 02:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 19:44 - 2016-01-05 02:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 19:44 - 2016-01-05 02:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 19:44 - 2016-01-05 02:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 19:44 - 2016-01-05 02:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 19:44 - 2016-01-05 02:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-12 19:44 - 2016-01-05 02:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 19:44 - 2016-01-05 02:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 19:44 - 2016-01-05 02:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 19:44 - 2016-01-05 02:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 19:44 - 2016-01-05 02:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 19:44 - 2016-01-05 02:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 19:44 - 2016-01-05 02:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 19:44 - 2016-01-05 02:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-09 10:01 - 2016-01-09 10:34 - 00000000 ____D C:\Users\Der Ehrenwerte\Documents\USBSteve
2016-01-05 17:58 - 2016-01-05 17:58 - 00314390 _____ C:\Users\Der Ehrenwerte\Desktop\MANOWAR HomeTicket (1).pdf
2016-01-04 19:44 - 2016-01-04 19:44 - 00010017 _____ C:\Users\Der Ehrenwerte\Desktop\Mappe1.xlsx
2016-01-04 18:58 - 2016-01-04 18:58 - 00029502 _____ C:\Users\Der Ehrenwerte\Downloads\kta_ei.dat
2016-01-03 11:49 - 2016-01-03 11:50 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\BluRay
2016-01-03 11:43 - 2016-01-03 11:43 - 241201002 _____ C:\Users\Der Ehrenwerte\Downloads\BDP2012WWB.zip
2016-01-02 15:13 - 2016-01-02 15:13 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\firmware-devolo-wifi-repeater-v1-1-0
2016-01-02 15:03 - 2016-01-02 15:03 - 04043418 _____ C:\Users\Der Ehrenwerte\Downloads\firmware-devolo-wifi-repeater-v1-1-0.zip
2016-01-01 15:45 - 2016-01-17 17:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-30 11:03 - 2015-12-30 11:03 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-30 11:03 - 2015-12-30 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-30 11:02 - 2015-12-30 11:03 - 00000000 ____D C:\Program Files\iTunes
2015-12-30 11:02 - 2015-12-30 11:02 - 00000000 ____D C:\Program Files\iPod
2015-12-30 11:02 - 2015-12-30 11:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-30 10:27 - 2015-12-30 10:27 - 00466728 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin99ip.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-24 09:25 - 2015-03-15 15:55 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-24 09:17 - 2011-11-30 18:08 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-24 09:14 - 2011-11-30 18:08 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-24 09:13 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-24 09:12 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-24 09:12 - 2012-04-26 17:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-24 09:09 - 2015-04-26 16:44 - 00000000 ____D C:\AdwCleaner
2016-01-23 22:55 - 2015-12-11 21:58 - 00000000 ____D C:\ProgramData\Origin
2016-01-23 20:26 - 2014-08-08 16:20 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-01-23 16:55 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-23 15:12 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2016-01-23 10:20 - 2015-05-27 17:58 - 00002331 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-23 10:20 - 2014-03-19 18:30 - 00002343 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-21 22:34 - 2015-09-17 19:49 - 00000000 ____D C:\Program Files\Java
2016-01-21 22:34 - 2015-01-23 19:34 - 00000000 ____D C:\ProgramData\Oracle
2016-01-21 22:34 - 2014-10-16 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-21 22:33 - 2015-09-17 19:50 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-21 22:33 - 2015-09-17 19:50 - 00000000 ____D C:\Users\Der Ehrenwerte\.oracle_jre_usage
2016-01-21 19:39 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-17 17:16 - 2015-11-29 19:12 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-17 17:16 - 2011-11-17 19:59 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-17 10:29 - 2015-08-01 21:49 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-17 10:29 - 2015-07-10 17:34 - 00883662 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-17 10:29 - 2015-07-10 17:34 - 00195796 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-17 10:29 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-17 10:15 - 2013-03-13 22:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 23:34 - 2011-11-17 22:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-14 21:27 - 2015-10-13 07:32 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\Helsinki 2015-10-8-12
2016-01-14 20:22 - 2014-10-01 18:27 - 00000000 ____D C:\Users\Der Ehrenwerte\Documents\Bewerbung
2016-01-14 18:06 - 2015-11-02 17:54 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 18:06 - 2014-12-23 16:27 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-13 22:34 - 2013-08-15 18:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 22:25 - 2011-11-18 15:22 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-13 22:11 - 2012-09-05 18:42 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\kati
2016-01-12 19:54 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-12 19:51 - 2015-08-01 21:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-12 19:50 - 2013-03-13 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-12 19:50 - 2013-03-13 22:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-12 19:49 - 2011-11-17 22:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-06 17:19 - 2015-12-03 20:14 - 00000000 ____D C:\WINDOWS\Panther
2016-01-06 17:15 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-01-05 17:12 - 2015-07-10 13:20 - 00370520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-04 19:34 - 2009-07-14 03:34 - 00000438 _____ C:\WINDOWS\win.ini
2016-01-03 11:45 - 2011-11-17 19:57 - 00098712 _____ C:\Users\Der Ehrenwerte\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-03 02:40 - 2015-07-10 12:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-01 21:38 - 2015-12-11 21:58 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-30 11:02 - 2011-11-17 20:12 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\DirectoryService
2012-05-29 15:30 - 2012-05-29 15:30 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\Displays
2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\Distortion
2012-07-22 08:37 - 2012-09-15 12:56 - 0001099 _____ () C:\Users\Der Ehrenwerte\AppData\Roaming\ShiftN.ini
2015-02-20 07:52 - 2015-02-20 07:52 - 0004608 _____ () C:\Users\Der Ehrenwerte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-01 21:46 - 2015-08-01 21:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-05-29 15:30 - 2012-05-29 15:30 - 0000268 ___RH () C:\ProgramData\Drum Kits
2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\ProgramData\Drums
2011-11-19 10:35 - 2011-11-19 10:46 - 0001250 _____ () C:\ProgramData\hpzinstall.log
2012-05-29 15:30 - 2012-05-29 15:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2012-05-29 15:29 - 2012-07-22 15:32 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2012-05-29 15:29 - 2012-05-29 15:36 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Einige Dateien in TEMP:
====================
C:\Users\Der Ehrenwerte\AppData\Local\Temp\amd-catalyst-15.7.1-win10-64bit.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Der Ehrenwerte\AppData\Local\Temp\sqlite3.dll
C:\Users\Der Ehrenwerte\AppData\Local\Temp\{E49D2321-9525-4BD2-A3B9-5D07195A4658}.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-19 20:37

==================== Ende von FRST.txt ============================
         

Geändert von sir_ivanhoe (24.01.2016 um 10:05 Uhr)

Alt 24.01.2016, 10:10   #9
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von Der Ehrenwerte (2016-01-24 10:07:28)
Gestartet von C:\Users\Der Ehrenwerte\Desktop
Windows 10 Home (X64) (2015-08-01 21:19:23)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1177671194-2042575061-30678460-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1177671194-2042575061-30678460-503 - Limited - Disabled)
Der Ehrenwerte (S-1-5-21-1177671194-2042575061-30678460-1000 - Administrator - Enabled) => C:\Users\Der Ehrenwerte
Gast (S-1-5-21-1177671194-2042575061-30678460-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1177671194-2042575061-30678460-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Free Antivirus (Enabled - Out of date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Out of date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Alien: Isolation (HKLM-x32\...\Steam App 214490) (Version:  - Creative Assembly)
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version:  - Gearbox Software)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Amazon Kindle (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{E2078C11-E9EC-BD96-037C-A3423082F2BF}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
APA-OnlineManager 6.7 (HKLM-x32\...\{CBCB226C-3F5A-46B5-8528-3433E020445B}) (Version: 6.70.0068 - APA-IT)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.3.0.7 - GOG.com)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{01FB1338-C19D-4AC6-BFED-AFD9AD8366ED}) (Version: 2.36.0 - Kovid Goyal)
CdCoverCreator 2.5.3 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.3 - thyanté Software)
Civilization III Complete Edition (HKLM-x32\...\InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}) (Version: 1.00.0000 - 2K Games)
Civilization III Complete Edition (x32 Version: 1.00.0000 - 2K Games) Hidden
CLARC (HKLM-x32\...\1207664563_is1) (Version: 2.1.0.2 - GOG.com)
Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.3.0.23190 - Sony Corporation)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.943.0 - Electronic Arts)
Deponia (HKLM-x32\...\1207659103_is1) (Version: 2.2.0.9 - GOG.com)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Dracula - The Resurrection (HKLM-x32\...\1207661553_is1) (Version: 2.1.0.5 - GOG.com)
Dungeons And Dragons Anthology - The Master Collection (HKLM-x32\...\{79612FB7-0B07-4E34-A346-79133691FF12}) (Version: 1.0.0 - Atari)
Earth 2160 (HKLM-x32\...\Earth 2160) (Version: 1.37 En - Zuxxez Entertainment AG)
Edna Bricht Aus (HKLM-x32\...\Edna Bricht Aus) (Version: 1.2 - Daedalic Entertainment)
F2400 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Fallout (HKLM-x32\...\Fallout) (Version:  - )
Fallout 2 (HKLM-x32\...\Fallout 2) (Version:  - )
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Bethesda Softworks)
foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski)
FTL -  Advanced Edition (HKLM-x32\...\GOGPACKFTL_is1) (Version: 2.3.0.13 - GOG.com)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.82 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Jagged Alliance 2: Wildfire (HKLM-x32\...\Jagged Alliance 2: Wildfire) (Version: v. 6.04 ENG - ZUXXEZ Entertainmnet AG)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.1 - LOOT Development Team)
Machinarium (HKLM-x32\...\{4D96D2F0-8FB4-45C2-9B80-2DCB88016316}_is1) (Version:  - Daedalic Entertainment)
MAGIX Foto & Grafik Designer 7 (HKLM-x32\...\MAGIX_{27354246-4EAF-4EE4-B203-731A8824A9DE}) (Version: 7.1.2.19859 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 (x32 Version: 7.1.2.19859 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{4F57E848-AC32-4178-BCF0-7D05A58B8F49}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.8 - Black Tree Gaming)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.0 - Nikon)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
NWZ-E440 WALKMAN Guide (HKLM-x32\...\{E96FF910-1BC9-4EE5-BC12-0A30D4E20F37}) (Version: 2.0.00.07010 - Sony Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.0.1980 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\1207660064_is1) (Version: 2.1.0.8 - GOG.com)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 8.03.00.0000 - Panda Security) Hidden
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.0.4 - Panda Security)
Paper Sorcerer (HKLM-x32\...\1207664363_is1) (Version: 2.3.0.6 - GOG.com)
Perimeter (HKLM-x32\...\1207658667_is1) (Version: 2.1.0.11 - GOG.com)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.2 - Nikon)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\1207660563_is1) (Version: 2.9.0.13 - GOG.com)
Roberta Williams' Phantasmagoria (HKLM-x32\...\1207658834_is1) (Version: 2.1.0.15 - GOG.com)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link 2.0.0.1411061504 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1411061504 - Copyright 2013 SAMSUNG)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sid Meier's Alpha Centauri Planetary Pack (HKLM-x32\...\1207658936_is1) (Version: 2.1.0.24 - GOG.com)
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.00.0000 - Firaxis Games) Hidden
Silent Storm Gold (HKLM-x32\...\1207659058_is1) (Version: 2.1.0.8 - GOG.com)
Silver (HKLM-x32\...\1207659041_is1) (Version: 2.1.0.15 - GOG.com)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spacecom (HKLM-x32\...\1207665863_is1) (Version: 2.4.0.6 - GOG.com)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Star Trek™ - 25th Anniversary (HKLM-x32\...\1427108887_is1) (Version: 2.0.0.5 - GOG.com)
Star Trek™ - Judgment Rites Limited Collector's Edition (HKLM-x32\...\1429089605_is1) (Version: 2.0.0.6 - GOG.com)
Starpoint Gemini 2 - Titans (HKLM-x32\...\Starpoint Gemini 2: Titans_is1) (Version: 2.4.0.10 - GOG.com)
Starpoint Gemini 2 (HKLM-x32\...\1207666123_is1) (Version: 2.4.0.10 - GOG.com)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The 7th Guest (HKLM-x32\...\1207658999_is1) (Version: 2.1.0.21 - GOG.com)
The Banner Saga (HKLM-x32\...\1207660483_is1) (Version: 2.2.0.4 - GOG.com)
The Dark Eye - Chains of Satinav (HKLM-x32\...\1207659133_is1) (Version: 2.1.0.5 - GOG.com)
The Dark Eye - Chains of Satinav (HKLM-x32\...\Satinav) (Version: 1.0 - Daedalic Entertainment)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Fall (HKLM-x32\...\1425568340_is1) (Version: 2.0.0.1 - GOG.com)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Tyrian 2000 (HKLM-x32\...\1207658901_is1) (Version: 2.1.0.13 - GOG.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.3.0 - Nikon)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinAce Archiver (HKLM-x32\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - Ruiware)
World of Aden - Thunderscape (HKLM-x32\...\1207659463_is1) (Version: 2.1.0.4 - GOG.com)
X - Beyond the Frontier (HKLM-x32\...\1441039631_is1) (Version: 2.0.0.3 - GOG.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {032EBC3B-8395-4F2E-8A77-FEECDE8AACB0} - \avast! Emergency Update -> Keine Datei <==== ACHTUNG
Task: {084BF2A5-481C-4718-817D-4168E5D112C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {0EF8EEF2-E319-4687-A318-9676CD53CACD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {12F6A0F6-0173-4BD9-8078-6DF91357B614} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {15D365EB-09BB-43F0-8F20-FBFCE58E8637} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {1B320F34-23F9-4246-82D1-1FCB971AF22B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {232EC9BD-53A4-403F-9BEB-415A47699F23} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {25A7FEE9-544B-426A-B3B0-3BF111D99948} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3818B644-41F9-4EB9-81AA-22E173D72F7A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3CF25BE5-CF26-4CA5-96E2-8B2953EC9515} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {4115C810-866C-470C-8A95-8247EE673F34} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {458B0D6B-B2A3-47F6-A06A-E601C7AB7C25} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {50DB9E16-7DDF-4ED2-8AB7-34E2F5182DF3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {55B12871-1406-400D-8372-55640E592621} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6856DFCE-56FD-43F7-B7EA-33E53A856750} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6BA5FAB7-08CE-4129-8715-B8629E882BDE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {733F4912-BF93-4696-B8DC-D41232CF4386} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {7592847C-F452-4C9F-9506-671F49447F38} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {850CB598-3D44-459C-A9CB-D65A9CEBF702} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {87768DEF-5F2A-4145-9F51-F45ABDEF9795} - System32\Tasks\{715AD43D-C8C4-4A1D-B305-42C1DA9CC36F} => pcalua.exe -a "C:\Users\Der Ehrenwerte\AppData\Local\Pokki\Engine\HostAppService.exe" -c /UNINSTALL149b46d4a102c0304583931ceaa3f0bf19785ee3
Task: {8AB714E0-1A95-4074-8B22-26EC88FDF6C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9002CFC4-D89C-4F63-AE11-E3341BA5CED7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {94745958-9875-4DDB-A9E2-3781D7963848} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {9791C6AD-2ACC-420C-B07B-EB06A410DD22} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {99DCC519-686E-49D6-99A8-815DCC4343FD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9E519E89-C861-4A0A-8DBF-E38756EDF58F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {A3A3EFE5-53E3-4B7E-9340-D19ED2A29ECD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {ADB216A7-C244-427D-A437-1F2B15657CEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B09F5EB4-F9C4-488D-AE90-9B11A461FF19} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {B0A9AB4B-80AD-4C95-B1E3-3DD53DC214BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B0AC5D6E-7B2C-48C0-A2D9-33F470202773} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B3317FC2-B6EF-4F94-BED2-EB7FDB758659} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {B87700E4-CB89-454D-94AC-9C5442621771} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BCB4B6C6-7E99-481C-BDFA-D68FEEBDC294} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {C3B71185-7355-4DD3-92B5-6AE9FB486862} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C6992E22-D3DB-43B1-AF99-CBF3D58A8964} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {C9562A16-3111-42A5-900F-D855045063DB} - \{999E1F97-52CA-485C-BB39-D3184962B7BA} -> Keine Datei <==== ACHTUNG
Task: {CA40B31D-B3F8-481B-87C4-33438939621A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CDB88D2A-ACFB-4946-8501-E8DE9A91A4CA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D0314F23-3A72-4A79-BAE5-6FC047F2299D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DA763C9E-6403-4E7A-9078-E5849AF78B31} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {DDEB1531-6FC2-41AF-AB87-329CEAF5A25D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E16ED3B1-F9E8-4332-8907-476046AF1859} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E91030E1-616A-4B3A-B6A2-BCAD0C999E56} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F3212A0D-0901-4B87-80C7-BA58A6844A53} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {FB95BCD1-63FF-4D3C-932D-FD5484DE6990} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {FFA27040-E0BD-4CA3-9A1C-C90D967E38AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-01 22:37 - 2015-08-01 22:37 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 18:52 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-19 17:07 - 2014-11-06 15:04 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2014-10-19 17:07 - 2014-11-06 15:04 - 02633728 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2014-10-19 17:07 - 2014-11-06 15:04 - 02540544 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 10:25 - 2013-12-21 10:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 10:26 - 2013-12-21 10:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2015-08-01 22:05 - 2015-08-01 22:05 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2015-10-01 17:28 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 17:28 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 17:27 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 19:53 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 19:52 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 19:52 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 17:28 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 08:48 - 2013-10-22 08:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 15:38 - 2013-04-19 15:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 18:49 - 2013-10-25 18:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2016-01-23 10:20 - 2016-01-15 13:10 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\libglesv2.dll
2016-01-23 10:20 - 2016-01-15 13:10 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.82\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Der Ehrenwerte\Pictures\401998.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "AllShareAgent"
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\StartupApproved\Run: => "OneDrive"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{17DBE4E4-46E2-44DA-9003-9F66B9B7F8A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{AF995E56-03EF-48CC-8883-899E3CE58A0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{C87171FB-E2BF-4A8A-B09C-BA570670427F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [{8BDE67D5-7241-4995-BD4E-707B7C373257}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alien Isolation\AI.exe
FirewallRules: [UDP Query User{99342CA3-BF79-4C71-B5C0-5EE318B63B1E}C:\gog games\haegemonia gold edition\haegemonia - the solon heritage\hgma.exe] => (Allow) C:\gog games\haegemonia gold edition\haegemonia - the solon heritage\hgma.exe
FirewallRules: [TCP Query User{CB259E6A-2120-4628-87E7-01C87BBE7005}C:\gog games\haegemonia gold edition\haegemonia - the solon heritage\hgma.exe] => (Allow) C:\gog games\haegemonia gold edition\haegemonia - the solon heritage\hgma.exe
FirewallRules: [{9A2D0536-5288-45D4-8025-2604A02CD061}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CBAD464-8B60-43F7-B301-246294E64508}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A537B2D2-779E-4101-99E0-043BF39E1D1B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3F080FA0-087A-4DE3-9DAC-E622BE9464DE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5B1EC853-98C5-49D4-8509-32A520CA67C3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A53C84B0-081C-454C-A771-99388D03AE05}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{6C870029-9B14-4207-AAAD-4A0527DD0F1A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{E5A147D9-70DC-4263-A4D0-09848302E061}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{0BC6CF67-5A7E-4B5E-ABBF-1CED03C44D7E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{30B53923-29A4-45DF-AE7F-AF4EE0BE8DF2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{9EF86ADF-0643-4DE7-9C48-D11DC30962A0}] => (Allow) LPort=1900
FirewallRules: [{C6CD0341-5CDE-4ACD-8D21-B1059596AD79}] => (Allow) LPort=7900
FirewallRules: [{F43021E7-591D-4942-9EA9-398D8D4D2953}] => (Allow) LPort=24234
FirewallRules: [{8AD9BBD4-E118-4165-B14C-1A58F84F7EBA}] => (Allow) LPort=7679
FirewallRules: [{01F94BAD-9889-482D-8946-2DC9A92B332F}] => (Allow) LPort=7676
FirewallRules: [{122B4DEB-9962-4750-84D7-A99461A1D96E}] => (Allow) LPort=8643
FirewallRules: [{72F7E3F8-8D12-498E-A551-4281146AC058}] => (Allow) LPort=8743
FirewallRules: [{0C346564-83C3-498B-BA1B-927B346911C9}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{63F499B9-EF41-4318-989D-910836B3BAD4}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{ACAE6CB9-91ED-447B-B17F-ECCEE03BA49B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{3F6BB728-F8D0-4AFA-B75A-B18EF4D4397D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{D647D3F3-0927-42F1-B8A5-A76E91585C1A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FA1C5062-607D-4949-A2C9-3E655A1C33B3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{A32B741D-73A3-4A09-A257-661F5C096130}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2207F963-8D20-4E55-B80D-3F7E4378CA3B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8305012A-29CC-4238-9056-51F8C59414CF}] => (Allow) C:\Program Files (x86)\Toolbar Cleaner\ToolbarCleaner.exe
FirewallRules: [{9DBB4AD0-4AA5-4706-8E89-0224A6A69515}] => (Allow) C:\Program Files (x86)\Toolbar Cleaner\ToolbarCleaner.exe
FirewallRules: [{0482B121-878F-4A1F-90B5-2D3B8B4F30DA}] => (Allow) C:\Users\Der Ehrenwerte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C69E4B1D-3980-4987-BE15-F22DA0DFFC19}] => (Allow) C:\Users\Der Ehrenwerte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0857DC6D-CB44-4D3C-8F51-E0015A3AF5E0}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3C5A55B1-40D3-4696-9980-5003391A9BE8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{0DEB6B00-8EE1-451C-8A62-662537B49A44}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{CFE5872B-5DAC-4BE9-89B4-FA67EFDA8BB7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EA549500-C511-434E-8CEB-C9EA81B055A4}] => (Allow) C:\Users\Der Ehrenwerte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{234A0B46-D635-4C8B-87C0-25E4CEF5BE1E}] => (Allow) C:\Users\Der Ehrenwerte\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED1A3E2E-2671-4566-B9F2-E5771B54008C}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_SSE.exe
FirewallRules: [{F92EFF05-7E33-495F-A037-E77EF532E4DF}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_SSE.exe
FirewallRules: [{9D5194B5-8F0D-4362-9B5E-E0BA72527899}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_NO_SSE.exe
FirewallRules: [{6EEBF3B1-D517-4820-A67D-CECF385ADC9A}] => (Allow) C:\Program Files (x86)\Reality Pump\Earth 2160\Earth2160_NO_SSE.exe
FirewallRules: [{A1EDA99F-E737-417C-8D10-C78B7797BA4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{FC0BB76B-79D4-4254-A2CA-6D54F3FADAB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{55178A3D-09EE-41C3-B1B3-DC396C4AFDA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{957DE04F-CD00-41D8-BA2D-B10E1891195F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{BA784C1A-5FFC-4311-9871-92DA1B857C43}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{EF5EFEE6-4CD7-4B55-8428-C15B2DDA14EF}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{D3DD7621-4F05-4134-B391-4F127E0A77F3}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{69B637C9-717E-44F9-BCA7-E987A8F85735}] => (Allow) C:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{97B4F564-A2A1-4B3A-9B54-F948E3FEBEF8}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [{D945E3E9-9826-46C5-A760-8675FA78E3F3}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{3AAFA6F6-FB73-496A-9C63-45B699DD8515}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{16A0E112-EE94-447B-B112-C91BC9D6053F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe
FirewallRules: [{73B3ECF2-CFA5-433B-BD97-095776C168B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe
FirewallRules: [UDP Query User{FF20536A-0832-4904-B8D6-2184F99AFAAE}C:\program files (x86)\ea games\dead space 2\deadspace2.exe] => (Allow) C:\program files (x86)\ea games\dead space 2\deadspace2.exe
FirewallRules: [TCP Query User{19D73AD3-BF93-40C5-9E17-0F3ADC60040F}C:\program files (x86)\ea games\dead space 2\deadspace2.exe] => (Allow) C:\program files (x86)\ea games\dead space 2\deadspace2.exe
FirewallRules: [{B79E8A76-C92F-4B5C-9FFD-3A066AB194F3}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{89BC3CF1-7835-438A-8794-A18C020BFFCD}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{29043C09-82F9-44FB-BC33-9504F5225953}C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\autoit3.exe] => (Allow) C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\autoit3.exe
FirewallRules: [TCP Query User{F247952E-C57A-41D3-8EAE-84C8090A8D4E}C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\autoit3.exe] => (Allow) C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\autoit3.exe
FirewallRules: [UDP Query User{9F161D59-7193-45F6-A902-13E90652BE31}C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\tools\wget.exe] => (Allow) C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\tools\wget.exe
FirewallRules: [TCP Query User{E2FE2B54-F58E-40D6-9597-ADC1634C16CD}C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\tools\wget.exe] => (Allow) C:\users\der ehrenwerte\downloads\baldurs gate_files\big world setup\tools\wget.exe
FirewallRules: [{AEC9C53A-79DA-46E0-A0BE-500B3A082F54}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe
FirewallRules: [{2C33A1BC-BA17-4C5F-9F05-35352FB1BEF0}] => (Allow) C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe
FirewallRules: [UDP Query User{4E2B010A-5CE8-4271-A6B6-E3DA5032F484}C:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) C:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [TCP Query User{ADEBCAEA-1864-4962-B74D-40ABDE80CC96}C:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) C:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{D84FA374-9D53-4E7A-A849-26DC851ED83E}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{B1C615E8-BF5A-4D64-BE2C-8C1FFDAD975B}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [{EDE471E9-7BF8-4E53-AA0B-3A19929972C8}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{011E410D-EA72-4A14-A90D-40328E6B024D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{A93F3EDD-36E6-42C5-A258-732E5E36291F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3C10195B-00D8-484B-A8D9-38C2E735F074}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{CD503BBE-D338-463B-8347-0436CE312299}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{90BCBA6E-7A33-4062-B455-74A01464A686}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E3F299FE-FAD2-4B5E-A99E-0F3892EDBB4E}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{48979E56-2BDB-4DAA-92EC-9218BC6FE1F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BC208E41-B2FE-40DE-B13D-6E86AF551051}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{53F5AC76-8219-4614-A5ED-A25BAF1F0278}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{21EAA45F-060B-47A9-B3E5-C05003B700D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{1ACF4DC0-4DAA-499F-83BA-FB6F72FF467B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{28E3CBBD-4089-44E9-A390-EE8B10BC4B32}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2A306D93-E1C9-4F62-AAE4-CE331CEAC9AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{543630AE-D730-4137-9221-06B0B93B27C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{40141796-5BE1-45B5-ABDA-36DA1AB1DC63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8935424-0EF7-4A95-934A-EA14224A60CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{290A89EA-8EA2-4B5A-81EC-188FD49D7652}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C242574F-A7EC-4FA4-84FD-7D6DC11E283B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F11EEAE1-B703-4A84-BF95-D3C200EBDF5C}] => (Allow) LPort=1900
FirewallRules: [{8B9CBC2D-B5C4-4944-9E18-05C946735AF8}] => (Allow) LPort=2869
FirewallRules: [{50788BD8-3EA7-4390-9FE9-66F9739D81D8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{735FBDA0-516C-450F-A6B5-5B62EA705488}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe
FirewallRules: [{8BF3D94F-E95F-4CB4-83DA-B1B63863E6F9}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe
FirewallRules: [{46EEAB50-1249-4A91-AB8C-06AB873D27A0}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{F08D0A4F-055D-4B77-B00C-38321C4DA645}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{10F331C1-40B7-4ECD-83B3-D9BBAC5D5C36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{462A0EA2-1EF4-45E3-950A-2E2A3530787E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{887B4AA8-7996-48B0-A1B4-E343312BB0DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{67491F19-5017-4CBB-934F-1B0FE7DBABB1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D499667F-02F2-4F33-B645-B6445D58DDC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4935038E-27A3-457E-BDC4-FE666D79328E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1F92C752-6B90-4666-AEE2-FA1684960CA0}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{1AEC9D5E-C94E-4FF1-BF0E-353759A02760}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [TCP Query User{90F32036-0724-461A-AC1C-73FC5FC2784B}C:\gog games\outlast\binaries\win64\olgame.exe] => (Allow) C:\gog games\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{7CEE08CF-9084-4FCF-91D9-B31DFD0C74DF}C:\gog games\outlast\binaries\win64\olgame.exe] => (Allow) C:\gog games\outlast\binaries\win64\olgame.exe
FirewallRules: [{056D79A0-93A4-4719-9A23-C1C759616681}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{889CA1E9-DED5-4DFE-9337-0F416704EA37}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-01-2016 11:55:53 Geplanter Prüfpunkt
10-01-2016 16:21:18 Windows Update
13-01-2016 22:23:40 Windows Update
13-01-2016 22:24:28 Windows Update
17-01-2016 17:38:28 Windows Update
21-01-2016 19:44:18 Windows Update
24-01-2016 09:52:20 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/24/2016 09:52:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/23/2016 10:56:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/23/2016 10:20:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.9016, Zeitstempel: 0x52a1d50f
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16603, Zeitstempel: 0x565531ee
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003cbce
ID des fehlerhaften Prozesses: 0x23f0
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Vollständiger Name des fehlerhaften Pakets: PSIA.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PSIA.exe5

Error: (01/22/2016 09:44:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/21/2016 10:34:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/21/2016 10:34:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/21/2016 07:44:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/20/2016 10:09:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/19/2016 10:35:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/18/2016 09:52:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DerEhrenwerte)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (01/24/2016 09:29:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/24/2016 09:13:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/24/2016 09:12:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/24/2016 09:09:34 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (01/24/2016 09:09:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung AllShare PC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/24/2016 09:09:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia Update Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/24/2016 09:09:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/24/2016 09:09:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/24/2016 09:09:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung Link Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/24/2016 09:09:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Panda Devices Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-12-20 16:12:39.204
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:39.161
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:38.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:38.507
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:38.153
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:37.994
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:35.591
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:12:33.356
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:07:27.117
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-20 16:07:27.073
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X6 1055T Processor
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 4092.54 MB
Verfügbarer physikalischer RAM: 1995.8 MB
Summe virtueller Speicher: 8188.54 MB
Verfügbarer virtueller Speicher: 5769.01 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:1384.81 GB) (Free:836.72 GB) NTFS
Drive i: (OEZBF) (Removable) (Total:3.73 GB) (Free:3.7 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 49F1EE31)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1384.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 5 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 27.01.2016, 11:22   #10
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Ich weiß, ich sollte es nicht machen - aber ich pushe das trotzdem mal hoch, habe das Gefühl, der Thread ist irgendwie vergessen worden.

Alt 27.01.2016, 16:48   #11
M-K-D-B
/// TB-Ausbilder
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Servus,



tut mir leid. Ich hatte eigentlich schon gepostet, aber hatte zeitgleich einen Systemabsturz.

Der Post ging dann wohl nicht mehr aus.




  • Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
    Code:
    ATTFilter
    SlimWare Utilities;FINdBoestDeal;BloccKTheeAdiAApp;
             
  • Drücke auf Registry-Suche.
  • FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
  • Am Ende erstellt FRST eine Textdatei Search.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.

Alt 27.01.2016, 18:30   #12
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Zitat:
Zitat von M-K-D-B Beitrag anzeigen
Der Post ging dann wohl nicht mehr aus.
So kann es gehen

Ist aber nicht tragisch, heute ist das Problem merkwürdigerweise gar nicht aufgetreten. Hier das entsprechende Log:

Code:
ATTFilter
Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von Der Ehrenwerte (2016-01-27 18:29:25)
Gestartet von C:\Users\Der Ehrenwerte\Desktop
Start-Modus: Normal

================== Registry-Suche: "SlimWare Utilities;FINdBoestDeal;BloccKTheeAdiAApp" ===========


===================== Suchergebnis für "FINdBoestDeal" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197}]
""="FINdBoestDeal"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FindBoestDDeal.FindBoestDDeal]
""="FINdBoestDeal"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197}]
""="FINdBoestDeal"

[HKEY_USERS\S-1-5-21-1177671194-2042575061-30678460-1000\SOFTWARE\BillP Studios\WinPatrol\IEHelpers]
"FINdBoestDeal (x64)"="900"


===================== Suchergebnis für "BloccKTheeAdiAApp" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLocckTeheeAdApp.BLocckTeheeAdApp]
""="BloccKTheeAdiAApp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90}]
""="BloccKTheeAdiAApp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90}]
""="BloccKTheeAdiAApp"

[HKEY_USERS\S-1-5-21-1177671194-2042575061-30678460-1000\SOFTWARE\BillP Studios\WinPatrol\IEHelpers]
"BloccKTheeAdiAApp (x64)"="900"
====== Ende von Suche ======
         

Alt 28.01.2016, 17:04   #13
M-K-D-B
/// TB-Ausbilder
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Run: [GalaxyClient] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll Keine Datei
FF Extension: Panda Security Toolbar - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-09-17] [ist nicht signiert]
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden>
Task: {032EBC3B-8395-4F2E-8A77-FEECDE8AACB0} - \avast! Emergency Update -> Keine Datei <==== ACHTUNG
Task: {084BF2A5-481C-4718-817D-4168E5D112C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {232EC9BD-53A4-403F-9BEB-415A47699F23} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {25A7FEE9-544B-426A-B3B0-3BF111D99948} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {850CB598-3D44-459C-A9CB-D65A9CEBF702} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {87768DEF-5F2A-4145-9F51-F45ABDEF9795} - System32\Tasks\{715AD43D-C8C4-4A1D-B305-42C1DA9CC36F} => pcalua.exe -a "C:\Users\Der Ehrenwerte\AppData\Local\Pokki\Engine\HostAppService.exe" -c 
C:\Users\Der Ehrenwerte\AppData\Local\Pokki
Task: {8AB714E0-1A95-4074-8B22-26EC88FDF6C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {99DCC519-686E-49D6-99A8-815DCC4343FD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {ADB216A7-C244-427D-A437-1F2B15657CEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B87700E4-CB89-454D-94AC-9C5442621771} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C9562A16-3111-42A5-900F-D855045063DB} - \{999E1F97-52CA-485C-BB39-D3184962B7BA} -> Keine Datei <==== ACHTUNG
Task: {CA40B31D-B3F8-481B-87C4-33438939621A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F3212A0D-0901-4B87-80C7-BA58A6844A53} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {FFA27040-E0BD-4CA3-9A1C-C90D967E38AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FindBoestDDeal.FindBoestDDeal
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLocckTeheeAdApp.BLocckTeheeAdApp
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90} 
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Alt 29.01.2016, 07:07   #14
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



Fixlog.txt

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von Der Ehrenwerte (2016-01-28 18:11:43) Run:1
Gestartet von C:\Users\Der Ehrenwerte\Desktop
Geladene Profile: Der Ehrenwerte (Verfügbare Profile: Der Ehrenwerte)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Run: [GalaxyClient] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll Keine Datei
FF Extension: Panda Security Toolbar - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-09-17] [ist nicht signiert]
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden>
Task: {032EBC3B-8395-4F2E-8A77-FEECDE8AACB0} - \avast! Emergency Update -> Keine Datei <==== ACHTUNG
Task: {084BF2A5-481C-4718-817D-4168E5D112C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {232EC9BD-53A4-403F-9BEB-415A47699F23} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {25A7FEE9-544B-426A-B3B0-3BF111D99948} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {850CB598-3D44-459C-A9CB-D65A9CEBF702} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {87768DEF-5F2A-4145-9F51-F45ABDEF9795} - System32\Tasks\{715AD43D-C8C4-4A1D-B305-42C1DA9CC36F} => pcalua.exe -a "C:\Users\Der Ehrenwerte\AppData\Local\Pokki\Engine\HostAppService.exe" -c 
C:\Users\Der Ehrenwerte\AppData\Local\Pokki
Task: {8AB714E0-1A95-4074-8B22-26EC88FDF6C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {99DCC519-686E-49D6-99A8-815DCC4343FD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {ADB216A7-C244-427D-A437-1F2B15657CEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B87700E4-CB89-454D-94AC-9C5442621771} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C9562A16-3111-42A5-900F-D855045063DB} - \{999E1F97-52CA-485C-BB39-D3184962B7BA} -> Keine Datei <==== ACHTUNG
Task: {CA40B31D-B3F8-481B-87C4-33438939621A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F3212A0D-0901-4B87-80C7-BA58A6844A53} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {FFA27040-E0BD-4CA3-9A1C-C90D967E38AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FindBoestDDeal.FindBoestDDeal
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLocckTeheeAdApp.BLocckTeheeAdApp
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90} 
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient => Wert erfolgreich entfernt
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Schlüssel nicht gefunden. 
C:\WINDOWS\SysWOW64\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Wert erfolgreich entfernt
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Wert erfolgreich entfernt
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => Wert erfolgreich entfernt
"HKCR\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => Schlüssel erfolgreich entfernt
C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => erfolgreich verschoben
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fknfdieimobmimhdkfkheeejenmdjhoe" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{032EBC3B-8395-4F2E-8A77-FEECDE8AACB0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{032EBC3B-8395-4F2E-8A77-FEECDE8AACB0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{084BF2A5-481C-4718-817D-4168E5D112C5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{084BF2A5-481C-4718-817D-4168E5D112C5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{232EC9BD-53A4-403F-9BEB-415A47699F23}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{232EC9BD-53A4-403F-9BEB-415A47699F23}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25A7FEE9-544B-426A-B3B0-3BF111D99948}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25A7FEE9-544B-426A-B3B0-3BF111D99948}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{850CB598-3D44-459C-A9CB-D65A9CEBF702}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{850CB598-3D44-459C-A9CB-D65A9CEBF702}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87768DEF-5F2A-4145-9F51-F45ABDEF9795}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87768DEF-5F2A-4145-9F51-F45ABDEF9795}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{715AD43D-C8C4-4A1D-B305-42C1DA9CC36F} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{715AD43D-C8C4-4A1D-B305-42C1DA9CC36F}" => Schlüssel erfolgreich entfernt
"C:\Users\Der Ehrenwerte\AppData\Local\Pokki" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8AB714E0-1A95-4074-8B22-26EC88FDF6C2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AB714E0-1A95-4074-8B22-26EC88FDF6C2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99DCC519-686E-49D6-99A8-815DCC4343FD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99DCC519-686E-49D6-99A8-815DCC4343FD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADB216A7-C244-427D-A437-1F2B15657CEA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADB216A7-C244-427D-A437-1F2B15657CEA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B87700E4-CB89-454D-94AC-9C5442621771}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87700E4-CB89-454D-94AC-9C5442621771}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9562A16-3111-42A5-900F-D855045063DB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9562A16-3111-42A5-900F-D855045063DB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{999E1F97-52CA-485C-BB39-D3184962B7BA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA40B31D-B3F8-481B-87C4-33438939621A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA40B31D-B3F8-481B-87C4-33438939621A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3212A0D-0901-4B87-80C7-BA58A6844A53}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3212A0D-0901-4B87-80C7-BA58A6844A53}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFA27040-E0BD-4CA3-9A1C-C90D967E38AD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFA27040-E0BD-4CA3-9A1C-C90D967E38AD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FindBoestDDeal.FindBoestDDeal => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FindBoestDDeal.FindBoestDDeal => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6F0CB23-64E6-B66A-7FB1-6BED5FB7D197} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLocckTeheeAdApp.BLocckTeheeAdApp => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLocckTeheeAdApp.BLocckTeheeAdApp => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3AEA3BD-BCA5-A3CC-EDD3-0F9EDB7E2B90} => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 2.9 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:15:57 ====
         
Logdatei HitmanPro

Code:
ATTFilter
HitmanPro 3.7.12.253
www.hitmanpro.com

   Computer name . . . . : DEREHRENWERTE
   Windows . . . . . . . : 10.0.0.10240.X64/6
   User name . . . . . . : DerEhrenwerte\Der Ehrenwerte
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-01-28 18:35:49
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 8m 15s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 6

   Objects scanned . . . : 2.448.346
   Files scanned . . . . : 84.294
   Remnants scanned  . . : 854.699 files / 1.509.353 keys

Malware _____________________________________________________________________

   C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
      Size . . . . . . . : 115.224 bytes
      Age  . . . . . . . : 133.0 days (2015-09-17 18:11:27)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 7DF1312E0FEF3EB44420E6A04420A7A7D630A1555CC566052990411132E1F046
      Product  . . . . . : Panda Security Toolbar
      Description  . . . : Panda Security Toolbar Link Library
      Version  . . . . . : 1.0.0.24
      Copyright  . . . . :  © 2015 Panda Security and Visicom Media Inc.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:WebToolbar.Win32.Agent.bhe
      Fuzzy  . . . . . . : 90.0
      Startup
         HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\
      References
         HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\
         HKU\S-1-5-21-1177671194-2042575061-30678460-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\

   C:\Users\Der Ehrenwerte\Downloads\slender-v0-9-5-Downloader.exe
      Size . . . . . . . : 532.480 bytes
      Age  . . . . . . . : 1278.0 days (2012-07-29 19:06:16)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : 0F219697C241E3E5BDEF3EA7E02AECBC72BE1BCECBDF50640C753A96CAA096A6
      Product  . . . . . : OCSClient
      Publisher  . . . . : www.download-sponsor.de
      Version  . . . . . : 1.00
      Copyright  . . . . : Copyright @ www.download-sponsor.de
      LanguageID . . . . : 1033
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.lh
      Fuzzy  . . . . . . : 100.0


Suspicious files ____________________________________________________________

   C:\Users\Der Ehrenwerte\Desktop\FRST64.exe
      Size . . . . . . . : 2.370.560 bytes
      Age  . . . . . . . : 5.1 days (2016-01-23 15:09:08)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : DF31FB13657FE69EF6D27FC5E54FB2982E48F1FBB90C373B7541EE4FF5C55276
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         
ESET-Logfile

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fa4e390eeb7a5044b5fd3e19adac4576
# end=init
# utc_time=2016-01-28 05:56:53
# local_time=2016-01-28 06:56:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 27865
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fa4e390eeb7a5044b5fd3e19adac4576
# end=updated
# utc_time=2016-01-28 06:33:25
# local_time=2016-01-28 07:33:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=fa4e390eeb7a5044b5fd3e19adac4576
# engine=27865
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-28 10:24:41
# local_time=2016-01-28 11:24:41 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Panda Free Antivirus'
# compatibility_mode=1557 16777213 87 98 8858993 222063701 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 11510125 17493893 0 0
# scanned=529451
# found=16
# cleaned=0
# scan_time=13875
sh=E6DF3DA3A9ECEBE1FE7515CD6679F1B10A5F9F9B ft=1 fh=c71c0011637bc6c3 vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Accelesys\Accelesys_x64.dll.vir"
sh=0670783B87F0C80F960DE1B700B2D1C86BB494F8 ft=1 fh=62d97b553ab6b306 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\dtuser.exe"
sh=657882914BFCEF75CE68A4EBC4F0D8DE4AEE1307 ft=1 fh=5a124620a0b6215a vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
sh=0670783B87F0C80F960DE1B700B2D1C86BB494F8 ft=1 fh=62d97b553ab6b306 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\pandasecuritytb\dtuser.exe"
sh=61AFF5CD459A466838336C7C67AAC836CA9FD484 ft=1 fh=dd839861fba368e8 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll"
sh=FC455B3E2E4140C5EB9F1897E9E22D9240F5004C ft=1 fh=141979260406bffc vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\pandasecuritytb\pandasecuritytb.dll"
sh=C6E9C18B997F9A82B1AFD311B13681C5DC54A01F ft=1 fh=4ea2f57798fab6e9 vn="Variante von Win32/Toolbar.Visicom.E evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe"
sh=76938D8F6282013F922782A04FB5591EAB2901E1 ft=1 fh=b81ce4f0305d3c4a vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{4FECF406-1D07-48F4-AA1F-5525940FD6F0}\Custom.dll"
sh=76938D8F6282013F922782A04FB5591EAB2901E1 ft=1 fh=b81ce4f0305d3c4a vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{4FECF406-1D07-48F4-AA1F-5525940FD6F0}\Custom.dll"
sh=3B93F5E24556DC5346E33EE41A7FEDB929DE90A4 ft=1 fh=312ade2b93542d86 vn="Win32/Adware.1ClickDownload.AX Anwendung" ac=I fn="C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000"
sh=8F8FBE0FB573EF685A184967703DCA203594EC6C ft=0 fh=0000000000000000 vn="Win32/InstalleRex.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Der Ehrenwerte\Downloads\.tsuarch"
sh=1DFC5F6F64CB56D04C3EEA5DA32EC43E58EB72A7 ft=1 fh=29ea6a66be887c11 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Der Ehrenwerte\Downloads\ashampoo_winoptimizer_6_6.60_7593.exe"
sh=1B4A1CC2C740D55AB0A39EA185D3ACC7F5615522 ft=1 fh=77b67014d1f9f560 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Der Ehrenwerte\Downloads\CdCoverCreator-Setup-2.5.3.exe"
sh=8D2C913F550952BFC672C737730319082EED902F ft=1 fh=f1fd5c2580bb1d29 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Der Ehrenwerte\Downloads\cleaning-suite-v2-1.exe"
sh=F931845ED1E32F3EBF97A61020AD20168160D5AE ft=1 fh=838c05f3722ddfc5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Der Ehrenwerte\Downloads\Fallout 3 Patch - CHIP-Installer.exe"
sh=0D9318A2E2CF8FD54DF9EDEBF1A92081663FBAEE ft=1 fh=77b670143b46f13b vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Der Ehrenwerte\Downloads\slender-v0-9-5-Downloader.exe"
         

Alt 29.01.2016, 07:22   #15
sir_ivanhoe
 
GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Standard

GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)



FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von Der Ehrenwerte (Administrator) auf DEREHRENWERTE (29-01-2016 07:19:54)
Gestartet von C:\Users\Der Ehrenwerte\Desktop
Geladene Profile: Der Ehrenwerte (Verfügbare Profile: Der Ehrenwerte)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1163264 2015-03-30] (Ruiware LLC)
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\RunOnce: [Uninstall C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\RunOnce: [Uninstall C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5907.0716] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Der Ehrenwerte\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{e5216851-eedc-4492-8f64-a4018fa39ca4}: [DhcpNameServer] 195.34.133.21 212.186.211.21

Internet Explorer:
==================
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-1177671194-2042575061-30678460-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://nmd.msn.com
SearchScopes: HKLM -> {D6BF7EEB-4F9A-4B05-9F23-C4D7A81A5E24} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D6BF7EEB-4F9A-4B05-9F23-C4D7A81A5E24} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Keine Datei
BHO: Kein Name -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)

FireFox:
========
FF ProfilePath: C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default
FF DefaultSearchEngine: SuchMaschine
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1177671194-2042575061-30678460-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Der Ehrenwerte\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-01] (Apple Inc.)
FF SearchPlugin: C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\searchplugins\suchmaschine.xml [2015-04-27]
FF Extension: Exif Viewer - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\extensions\exif_viewer@mozilla.doslash.org.xpi [2015-06-28]
FF Extension: anonymoX - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\client@anonymox.net.xpi [2016-01-13]
FF Extension: NoScript - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-01]
FF Extension: Adblock Plus - C:\Users\Der Ehrenwerte\AppData\Roaming\Mozilla\Firefox\Profiles\2kv8tudf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-01]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => nicht gefunden
FF HKU\S-1-5-21-1177671194-2042575061-30678460-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.at/
CHR StartupUrls: Default -> "hxxps://www.google.at/?gws_rd=ssl"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\pdf.dll => Keine Datei
CHR Plugin: (20-20 3D Viewer for IKEA) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp\5.0.94.1_0\NP_2020Player_IKEA.dll (20-20 Technologies)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => Keine Datei
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Reader Application Detector) - C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Der Ehrenwerte\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-20]
CHR Extension: (YouTube) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-18]
CHR Extension: (Google Docs Offline) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-29]
CHR Extension: (Adblock für Facebook™) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc [2015-10-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-09-04]
CHR Extension: (Google Mail) - C:\Users\Der Ehrenwerte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-15] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-08] (GOG.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-01] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-11-06] (Copyright 2013 SAMSUNG)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [Datei ist nicht signiert]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-02] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-07] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [Datei ist nicht signiert]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-07] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103824 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-16] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-16] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120208 2015-07-16] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112536 2015-07-16] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87448 2015-07-16] ()
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-16] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309648 2015-07-16] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179608 2015-07-16] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-16] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-16] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-16] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173464 2015-07-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [130968 2015-07-21] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207256 2015-07-21] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133528 2015-07-21] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [143768 2015-07-21] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117144 2015-07-21] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-29 04:47 - 2016-01-29 04:47 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Local\ActiveSync
2016-01-29 04:44 - 2016-01-29 04:44 - 00000020 ___SH C:\Users\Der Ehrenwerte\ntuser.ini
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-01-29 04:43 - 2016-01-29 04:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-01-29 04:39 - 2016-01-29 04:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-29 04:28 - 2016-01-29 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-01-29 04:28 - 2016-01-29 04:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2016-01-29 04:28 - 2016-01-29 04:28 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-01-29 04:28 - 2016-01-29 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-01-29 04:28 - 2016-01-29 04:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2016-01-29 04:28 - 2016-01-29 04:28 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-01-29 04:27 - 2016-01-29 04:27 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-29 04:27 - 2016-01-29 04:27 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2016-01-29 04:27 - 2016-01-29 04:27 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2016-01-29 04:20 - 2016-01-29 04:29 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-01-29 04:20 - 2016-01-29 04:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-01-29 04:18 - 2016-01-29 04:48 - 00000000 ____D C:\Users\Der Ehrenwerte
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Vorlagen
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Startmenü
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Netzwerkumgebung
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Lokale Einstellungen
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Eigene Dateien
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Druckumgebung
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Documents\Eigene Videos
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Documents\Eigene Musik
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Documents\Eigene Bilder
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\AppData\Local\Verlauf
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\AppData\Local\Anwendungsdaten
2016-01-29 04:18 - 2016-01-29 04:18 - 00000000 _SHDL C:\Users\Der Ehrenwerte\Anwendungsdaten
2016-01-29 04:17 - 2016-01-29 04:38 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-29 04:17 - 2016-01-29 04:17 - 01989310 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-29 04:14 - 2016-01-29 04:20 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-29 04:14 - 2016-01-29 04:20 - 00000000 ____D C:\ProgramData\AMD
2016-01-29 04:14 - 2016-01-29 04:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-01-29 04:14 - 2016-01-29 04:14 - 00000000 ____D C:\Program Files\ATI Technologies
2016-01-29 04:14 - 2016-01-29 04:14 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-01-29 04:13 - 2016-01-29 04:29 - 00000000 ____D C:\Program Files\AMD
2016-01-29 04:13 - 2016-01-29 04:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-01-29 04:13 - 2016-01-29 04:13 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-01-29 04:13 - 2016-01-29 04:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-01-29 04:13 - 2016-01-29 04:13 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-01-29 04:12 - 2016-01-29 04:12 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-29 04:12 - 2016-01-29 04:12 - 00000000 ____D C:\Program Files\Realtek
2016-01-29 04:12 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-01-29 04:10 - 2016-01-29 04:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-01-29 04:08 - 2016-01-29 04:30 - 00366088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-29 04:07 - 2016-01-29 06:00 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-29 04:05 - 2016-01-29 04:05 - 00000000 ____D C:\Windows.old
2016-01-29 04:04 - 2016-01-29 04:04 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-01-29 04:04 - 2016-01-29 04:04 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-01-29 04:04 - 2016-01-29 04:04 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-01-29 04:04 - 2016-01-29 04:04 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-29 04:04 - 2016-01-29 04:04 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-29 04:04 - 2016-01-29 04:04 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-29 04:04 - 2016-01-29 04:04 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-29 04:04 - 2016-01-29 04:04 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-01-29 04:04 - 2016-01-29 04:04 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-01-29 04:04 - 2016-01-29 04:04 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-01-29 04:04 - 2016-01-29 04:04 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-01-29 04:04 - 2016-01-29 04:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-01-29 04:04 - 2016-01-29 04:04 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-01-29 04:04 - 2016-01-29 04:04 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-01-29 04:04 - 2016-01-29 04:04 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-01-29 04:04 - 2016-01-29 04:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-29 04:03 - 2016-01-29 04:03 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-01-29 04:03 - 2016-01-29 04:03 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-29 04:03 - 2016-01-29 04:03 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-29 04:03 - 2016-01-29 04:03 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-01-29 04:03 - 2016-01-29 04:03 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-01-29 04:03 - 2016-01-29 04:03 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-01-29 04:03 - 2016-01-29 04:03 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-01-29 04:03 - 2016-01-29 04:03 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-01-29 04:03 - 2016-01-29 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-01-29 04:00 - 2016-01-29 04:00 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\Program Files\MSBuild
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-29 03:57 - 2016-01-29 03:57 - 00000000 ____D C:\inetpub
2016-01-29 03:56 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-01-29 03:56 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-29 03:56 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-01-29 03:56 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-01-29 03:56 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-01-29 03:56 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-28 18:49 - 2016-01-28 18:52 - 02870984 _____ (ESET) C:\Users\Der Ehrenwerte\Desktop\esetsmartinstaller_deu.exe
2016-01-28 18:35 - 2016-01-28 18:52 - 00000000 ____D C:\ProgramData\HitmanPro
2016-01-28 18:34 - 2016-01-28 18:35 - 11323704 _____ (SurfRight B.V.) C:\Users\Der Ehrenwerte\Desktop\HitmanPro_x64.exe
2016-01-28 18:11 - 2016-01-28 18:15 - 00014737 _____ C:\Users\Der Ehrenwerte\Desktop\Fixlog.txt
2016-01-27 18:29 - 2016-01-27 18:29 - 00001452 _____ C:\Users\Der Ehrenwerte\Desktop\Search.txt
2016-01-27 12:35 - 2016-01-29 04:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 3
2016-01-27 11:48 - 2016-01-29 04:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2
2016-01-27 11:46 - 2016-01-27 11:46 - 05224460 _____ C:\Users\Der Ehrenwerte\Downloads\3954187019.epub
2016-01-24 11:58 - 2016-01-24 11:58 - 00827872 _____ C:\Users\Der Ehrenwerte\Desktop\Scannen0001.pdf
2016-01-24 09:55 - 2016-01-24 09:55 - 00003000 _____ C:\Users\Der Ehrenwerte\Desktop\JRT.txt
2016-01-24 09:51 - 2016-01-24 09:52 - 01600184 _____ (Malwarebytes) C:\Users\Der Ehrenwerte\Desktop\JRT.exe
2016-01-24 09:51 - 2016-01-24 09:51 - 01600184 _____ (Malwarebytes) C:\Users\Der Ehrenwerte\Downloads\JRT.exe
2016-01-24 09:49 - 2016-01-24 09:49 - 00001205 _____ C:\Users\Der Ehrenwerte\Desktop\mbam.txt
2016-01-24 09:21 - 2016-01-24 09:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-24 09:20 - 2016-01-29 04:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-01-24 09:20 - 2016-01-24 09:20 - 00001178 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-24 09:19 - 2016-01-24 09:19 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-01-24 09:19 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-24 09:19 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-24 09:19 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-24 09:17 - 2016-01-24 09:17 - 22908888 _____ (Malwarebytes ) C:\Users\Der Ehrenwerte\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-24 09:03 - 2016-01-24 09:06 - 01505280 _____ C:\Users\Der Ehrenwerte\Desktop\AdwCleaner_5.030.exe
2016-01-23 15:18 - 2016-01-23 16:42 - 00271010 _____ C:\TDSSKiller.3.1.0.9_23.01.2016_15.18.41_log.txt
2016-01-23 15:18 - 2016-01-23 15:18 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Der Ehrenwerte\Desktop\tdsskiller.exe
2016-01-23 15:11 - 2016-01-24 10:08 - 00073029 _____ C:\Users\Der Ehrenwerte\Desktop\Addition.txt
2016-01-23 15:10 - 2016-01-29 07:21 - 00026590 _____ C:\Users\Der Ehrenwerte\Desktop\FRST.txt
2016-01-23 15:10 - 2016-01-29 07:19 - 00000000 ____D C:\FRST
2016-01-23 15:09 - 2016-01-23 15:09 - 02370560 _____ (Farbar) C:\Users\Der Ehrenwerte\Desktop\FRST64.exe
2016-01-23 10:19 - 2016-01-23 10:19 - 00927824 _____ (Google Inc.) C:\Users\Der Ehrenwerte\Downloads\ChromeSetup.exe
2016-01-19 21:47 - 2016-01-19 21:47 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\wordpress-4.4.1
2016-01-19 21:46 - 2016-01-19 21:46 - 07725585 _____ C:\Users\Der Ehrenwerte\Downloads\wordpress-4.4.1.zip
2016-01-17 19:11 - 2016-01-28 18:15 - 00077824 ___SH C:\Users\Der Ehrenwerte\Desktop\Thumbs.db
2016-01-14 21:19 - 2016-01-14 21:50 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\2016-01 (Jan)
2016-01-13 19:51 - 2016-01-13 19:51 - 00079509 _____ C:\Users\Der Ehrenwerte\Downloads\KATHRIN EVA  KREGAR 257-2140436720.pdf
2016-01-13 19:51 - 2016-01-13 19:51 - 00079509 _____ C:\Users\Der Ehrenwerte\Desktop\KATHRIN EVA  KREGAR 257-2140436720.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079507 _____ C:\Users\Der Ehrenwerte\Downloads\STEFAN TSCHERNUTTER 257-2140436722.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079507 _____ C:\Users\Der Ehrenwerte\Desktop\STEFAN TSCHERNUTTER 257-2140436722.pdf
2016-01-13 19:50 - 2016-01-13 19:50 - 00079485 _____ C:\Users\Der Ehrenwerte\Desktop\DANIEL MORINA 257-2140436721.pdf
2016-01-13 19:48 - 2016-01-13 19:48 - 00079485 _____ C:\Users\Der Ehrenwerte\Downloads\DANIEL MORINA 257-2140436721.pdf
2016-01-12 20:54 - 2016-01-12 20:54 - 00062607 _____ C:\Users\Der Ehrenwerte\Desktop\Wacken-Flug.pdf
2016-01-09 10:01 - 2016-01-09 10:34 - 00000000 ____D C:\Users\Der Ehrenwerte\Documents\USBSteve
2016-01-05 17:58 - 2016-01-05 17:58 - 00314390 _____ C:\Users\Der Ehrenwerte\Desktop\MANOWAR HomeTicket (1).pdf
2016-01-04 19:44 - 2016-01-04 19:44 - 00010017 _____ C:\Users\Der Ehrenwerte\Desktop\Mappe1.xlsx
2016-01-04 18:58 - 2016-01-04 18:58 - 00029502 _____ C:\Users\Der Ehrenwerte\Downloads\kta_ei.dat
2016-01-03 11:49 - 2016-01-03 11:50 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\BluRay
2016-01-03 11:43 - 2016-01-03 11:43 - 241201002 _____ C:\Users\Der Ehrenwerte\Downloads\BDP2012WWB.zip
2016-01-02 15:13 - 2016-01-02 15:13 - 00000000 ____D C:\Users\Der Ehrenwerte\Downloads\firmware-devolo-wifi-repeater-v1-1-0
2016-01-02 15:03 - 2016-01-02 15:03 - 04043418 _____ C:\Users\Der Ehrenwerte\Downloads\firmware-devolo-wifi-repeater-v1-1-0.zip
2016-01-01 15:45 - 2016-01-17 17:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-30 11:03 - 2016-01-29 04:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-30 11:03 - 2015-12-30 11:03 - 00001829 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-30 11:02 - 2015-12-30 11:03 - 00000000 ____D C:\Program Files\iTunes
2015-12-30 11:02 - 2015-12-30 11:02 - 00000000 ____D C:\Program Files\iPod
2015-12-30 11:02 - 2015-12-30 11:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-30 10:27 - 2015-12-30 10:27 - 00466728 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin99ip.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-29 07:17 - 2011-11-30 18:08 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-29 06:25 - 2015-03-15 15:55 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-29 05:45 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-29 05:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-29 05:04 - 2014-02-02 12:02 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Local\Packages
2016-01-29 05:03 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-01-29 04:50 - 2015-08-01 22:26 - 00002461 _____ C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-29 04:50 - 2015-08-01 22:26 - 00000000 ___RD C:\Users\Der Ehrenwerte\OneDrive
2016-01-29 04:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-29 04:46 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-29 04:45 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-01-29 04:45 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-01-29 04:45 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 04:45 - 2015-08-01 22:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-29 04:44 - 2011-11-30 18:08 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-29 04:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-01-29 04:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2016-01-29 04:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2016-01-29 04:43 - 2015-08-01 21:13 - 00019974 _____ C:\WINDOWS\diagerr.xml
2016-01-29 04:43 - 2015-08-01 21:13 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2016-01-29 04:39 - 2015-08-01 22:14 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-01-29 04:39 - 2015-03-15 15:55 - 00003142 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-29 04:39 - 2014-12-23 16:27 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-29 04:39 - 2014-10-12 11:36 - 00003658 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-29 04:39 - 2014-10-12 11:36 - 00003434 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-29 04:39 - 2014-09-12 14:06 - 00002420 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2016-01-29 04:39 - 2014-09-12 14:06 - 00002394 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2016-01-29 04:39 - 2014-09-12 14:06 - 00002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2016-01-29 04:39 - 2014-09-12 14:06 - 00002378 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2016-01-29 04:39 - 2014-09-12 14:06 - 00002376 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2016-01-29 04:38 - 2015-10-30 19:35 - 00888008 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-29 04:38 - 2015-10-30 19:35 - 00197092 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-29 04:37 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-01-29 04:37 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-01-29 04:29 - 2015-12-11 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-01-29 04:29 - 2015-12-11 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-01-29 04:29 - 2015-12-11 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast [GOG.com]
2016-01-29 04:29 - 2015-12-11 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master of Orion 2 [GOG.com]
2016-01-29 04:29 - 2015-12-11 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Fall [GOG.com]
2016-01-29 04:29 - 2015-12-11 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLARC [GOG.com]
2016-01-29 04:29 - 2015-11-30 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meier's Alpha Centauri Planetary Pack [GOG.com]
2016-01-29 04:29 - 2015-11-30 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tyrian 2000 [GOG.com]
2016-01-29 04:29 - 2015-11-30 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Storm Gold [GOG.com]
2016-01-29 04:29 - 2015-11-30 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek - Judgment Rites [GOG.com]
2016-01-29 04:29 - 2015-11-30 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Trek 25th Anniversary [GOG.com]
2016-01-29 04:29 - 2015-11-21 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starpoint Gemini 2 [GOG.com]
2016-01-29 04:29 - 2015-11-21 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dracula - The Resurrection [GOG.com]
2016-01-29 04:29 - 2015-11-21 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deponia [GOG.com]
2016-01-29 04:29 - 2015-11-21 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Dark Eye - Chains of Satinav [GOG.com]
2016-01-29 04:29 - 2015-11-13 07:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silver [GOG.com]
2016-01-29 04:29 - 2015-11-12 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phantasmagoria [GOG.com]
2016-01-29 04:29 - 2015-11-12 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderscape [GOG.com]
2016-01-29 04:29 - 2015-11-11 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paper Sorcerer [GOG.com]
2016-01-29 04:29 - 2015-11-11 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The 7th Guest [GOG.com]
2016-01-29 04:29 - 2015-11-11 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perimeter [GOG.com]
2016-01-29 04:29 - 2015-11-10 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Risk of Rain [GOG.com]
2016-01-29 04:29 - 2015-11-09 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X - Beyond the Frontier [GOG.com]
2016-01-29 04:29 - 2015-10-30 19:44 - 00000000 ____D C:\WINDOWS\ShellNew
2016-01-29 04:29 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-01-29 04:29 - 2015-10-30 07:28 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2016-01-29 04:29 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-29 04:29 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-29 04:29 - 2015-10-14 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Banner Saga [GOG.com]
2016-01-29 04:29 - 2015-10-13 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spacecom [GOG.com]
2016-01-29 04:29 - 2015-10-13 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Banished [GOG.com]
2016-01-29 04:29 - 2015-09-17 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2016-01-29 04:29 - 2015-09-06 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-01-29 04:29 - 2015-07-01 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-29 04:29 - 2015-05-11 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT
2016-01-29 04:29 - 2015-04-27 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2016-01-29 04:29 - 2014-11-05 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reader for pc
2016-01-29 04:29 - 2014-10-19 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-01-29 04:29 - 2014-10-16 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-29 04:29 - 2014-09-12 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2016-01-29 04:29 - 2014-08-19 19:52 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2016-01-29 04:29 - 2014-07-05 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-01-29 04:29 - 2014-03-20 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2016-01-29 04:29 - 2014-03-20 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2016-01-29 04:29 - 2014-03-07 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APA-OnlineManager
2016-01-29 04:29 - 2013-12-14 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-01-29 04:29 - 2013-09-27 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-01-29 04:29 - 2013-09-15 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2016-01-29 04:29 - 2013-09-06 15:05 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-29 04:29 - 2013-03-13 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-29 04:29 - 2013-01-05 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAce
2016-01-29 04:29 - 2012-09-14 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-01-29 04:29 - 2012-05-29 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2
2016-01-29 04:29 - 2012-05-29 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2
2016-01-29 04:29 - 2012-05-29 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
2016-01-29 04:29 - 2012-04-18 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2016-01-29 04:29 - 2012-03-31 14:49 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-01-29 04:29 - 2012-02-04 19:45 - 00000000 ____D C:\WINDOWS\SysWOW64\System32
2016-01-29 04:29 - 2012-01-29 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2016-01-29 04:29 - 2012-01-09 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2016-01-29 04:29 - 2011-12-23 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CdCoverCreator
2016-01-29 04:29 - 2011-12-10 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-01-29 04:29 - 2011-11-21 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Transfer
2016-01-29 04:29 - 2011-11-21 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WALKMAN Guide
2016-01-29 04:29 - 2011-11-19 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-01-29 04:29 - 2011-11-17 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-29 04:29 - 2011-11-17 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-01-29 04:29 - 2011-06-20 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dimotion
2016-01-29 04:29 - 2011-06-20 08:47 - 00000000 ____D C:\WINDOWS\de
2016-01-29 04:29 - 2011-06-20 08:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-01-29 04:29 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-29 04:28 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2016-01-29 04:22 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-01-29 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-01-29 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-01-29 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-01-29 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-29 04:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-01-29 04:22 - 2015-04-27 17:46 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2016-01-29 04:22 - 2014-04-01 21:23 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-01-29 04:21 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-01-29 04:21 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 04:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\schemas
2016-01-29 04:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-01-29 04:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-29 04:20 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-01-29 04:20 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-01-29 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-01-29 04:20 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-29 04:20 - 2014-06-22 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Interplay
2016-01-29 04:20 - 2014-04-01 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-01-29 04:20 - 2013-10-12 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reality Pump
2016-01-29 04:20 - 2013-09-15 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daedalic Entertainment
2016-01-29 04:20 - 2013-05-17 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zuxxez
2016-01-29 04:20 - 2012-08-23 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-01-29 04:20 - 2012-07-21 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2016-01-29 04:20 - 2012-05-08 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2016-01-29 04:20 - 2012-03-31 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firaxis Games
2016-01-29 04:20 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-01-29 04:19 - 2014-10-19 17:08 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung
2016-01-29 04:19 - 2013-10-12 19:14 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reality Pump
2016-01-29 04:19 - 2013-05-17 14:45 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zuxxez
2016-01-29 04:19 - 2012-12-16 12:49 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2016-01-29 04:19 - 2012-03-31 12:32 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firaxis Games
2016-01-29 04:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-29 04:13 - 2013-01-10 22:16 - 00000000 ____D C:\AMD
2016-01-29 04:09 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-01-29 04:07 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-01-29 04:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-01-29 04:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 04:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-01-29 04:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-29 04:04 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-29 04:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-01-29 04:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-01-29 03:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-01-29 03:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-01-29 03:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-01-29 03:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-01-29 03:57 - 2015-10-30 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-01-29 03:57 - 2015-10-30 08:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-01-29 03:57 - 2015-10-30 08:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-01-29 03:57 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-01-29 03:57 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-01-29 03:57 - 2015-10-30 08:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-01-29 03:57 - 2015-10-30 08:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-01-29 03:57 - 2015-10-30 08:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-01-29 03:57 - 2015-10-30 08:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-01-29 03:57 - 2015-10-30 08:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-01-29 03:57 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-01-29 03:57 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-01-29 03:57 - 2015-10-30 08:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-01-29 03:57 - 2015-10-30 08:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-01-29 03:57 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-01-29 03:57 - 2015-10-30 08:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-01-29 03:57 - 2015-10-30 08:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-01-29 03:57 - 2015-10-30 08:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-01-29 03:57 - 2015-10-30 08:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-01-29 03:57 - 2015-10-30 08:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-01-29 03:57 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-01-29 03:57 - 2015-10-30 08:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-01-29 03:36 - 2014-08-08 16:20 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-01-29 03:30 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-01-29 00:18 - 2015-05-27 17:58 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-29 00:18 - 2014-03-19 18:30 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-28 18:12 - 2012-07-26 19:39 - 00000000 ____D C:\Users\Der Ehrenwerte\AppData\LocalLow\Temp
2016-01-27 13:56 - 2015-12-11 21:58 - 00000000 ____D C:\ProgramData\Origin
2016-01-27 12:50 - 2015-12-11 23:07 - 00000000 ____D C:\Users\Der Ehrenwerte\Documents\BioWare
2016-01-27 12:01 - 2015-12-11 21:59 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-01-24 09:12 - 2012-04-26 17:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-24 09:09 - 2015-04-26 16:44 - 00000000 ____D C:\AdwCleaner
2016-01-21 22:34 - 2015-09-17 19:49 - 00000000 ____D C:\Program Files\Java
2016-01-21 22:34 - 2015-01-23 19:34 - 00000000 ____D C:\ProgramData\Oracle
2016-01-21 22:33 - 2015-09-17 19:50 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-01-21 22:33 - 2015-09-17 19:50 - 00000000 ____D C:\Users\Der Ehrenwerte\.oracle_jre_usage
2016-01-17 17:16 - 2015-11-29 19:12 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-17 17:16 - 2011-11-17 19:59 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-17 10:15 - 2013-03-13 22:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-17 10:15 - 2013-03-13 22:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-14 23:34 - 2011-11-17 22:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-14 21:27 - 2015-10-13 07:32 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\Helsinki 2015-10-8-12
2016-01-14 20:22 - 2014-10-01 18:27 - 00000000 ____D C:\Users\Der Ehrenwerte\Documents\Bewerbung
2016-01-14 18:06 - 2015-11-02 17:54 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-13 22:34 - 2013-08-15 18:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 22:25 - 2011-11-18 15:22 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-13 22:11 - 2012-09-05 18:42 - 00000000 ____D C:\Users\Der Ehrenwerte\Desktop\kati
2016-01-12 19:49 - 2011-11-17 22:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-04 19:34 - 2009-07-14 03:34 - 00000438 _____ C:\WINDOWS\win.ini
2016-01-03 11:45 - 2011-11-17 19:57 - 00098712 _____ C:\Users\Der Ehrenwerte\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-01 21:38 - 2015-12-11 21:58 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-30 11:02 - 2011-11-17 20:12 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\DirectoryService
2012-05-29 15:30 - 2012-05-29 15:30 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\Displays
2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\Users\Der Ehrenwerte\AppData\Roaming\Distortion
2012-07-22 08:37 - 2012-09-15 12:56 - 0001099 _____ () C:\Users\Der Ehrenwerte\AppData\Roaming\ShiftN.ini
2015-02-20 07:52 - 2015-02-20 07:52 - 0004608 _____ () C:\Users\Der Ehrenwerte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-29 04:13 - 2016-01-29 04:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-05-29 15:30 - 2012-05-29 15:30 - 0000268 ___RH () C:\ProgramData\Drum Kits
2012-05-29 15:29 - 2012-05-29 15:29 - 0000268 ___RH () C:\ProgramData\Drums
2011-11-19 10:35 - 2011-11-19 10:46 - 0001250 _____ () C:\ProgramData\hpzinstall.log
2012-05-29 15:30 - 2012-05-29 15:30 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2012-05-29 15:29 - 2012-07-22 15:32 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2012-05-29 15:29 - 2012-05-29 15:36 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-29 04:08

==================== Ende von FRST.txt ============================
         

Antwort

Themen zu GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)
aktualisieren, antivirus, aufruf, aufrufen, connection, einiger, fehlermeldung, free, gelegentlich, gmx, hilft, https, neustart, panda, problem, schei, seite, tritt, unregelmäßig, verfügbar, virusscan, webseite, website, weiterhelfen, wirklich



Ähnliche Themen: GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)


  1. WIN 7 Warnmeldung Dateipfad Windows\system32\config\systemprofile\Desktop nicht verfügbar
    Log-Analyse und Auswertung - 17.09.2015 (11)
  2. Adobe Reader Xl für Win. Vista nicht verfügbar!
    Diskussionsforum - 15.02.2013 (3)
  3. Und noch ein GVU Trojaner! Abgesichter Modus nicht verfügbar
    Plagegeister aller Art und deren Bekämpfung - 26.01.2013 (1)
  4. Fehlercodes im Browser: 101, 137 ... usw. Seite nicht verfügbar
    Log-Analyse und Auswertung - 18.04.2012 (1)
  5. Windows Sicherheiscenter Dienst nicht verfügbar
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (33)
  6. Gerätemanager und Netzwerk Sind nicht mehr verfügbar
    Plagegeister aller Art und deren Bekämpfung - 05.08.2011 (1)
  7. Windows Sicherheiscenter Dienst nicht verfügbar - Avira Alarm
    Plagegeister aller Art und deren Bekämpfung - 12.06.2011 (14)
  8. SATA Festplatte nicht verfügbar Malware/Virus
    Plagegeister aller Art und deren Bekämpfung - 26.05.2011 (3)
  9. internet nicht mehr verfügbar, nach 2-5h pc an
    Log-Analyse und Auswertung - 08.05.2010 (2)
  10. Pfad nicht verfügbar-.....!
    Alles rund um Windows - 18.04.2010 (1)
  11. Rechner freezt/Taskmanager nicht verfügbar
    Log-Analyse und Auswertung - 03.02.2010 (1)
  12. odbcctl3dGlade.dll nicht verfügbar - TR/Crypt.ZPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 11.12.2009 (1)
  13. Windows Defender meldet: nicht verfügbar
    Log-Analyse und Auswertung - 11.07.2009 (86)
  14. h**p://www.xyz.de ist momentan nicht verfügbar
    Log-Analyse und Auswertung - 14.11.2008 (0)
  15. Domäne nicht verfügbar nach beseitigung
    Plagegeister aller Art und deren Bekämpfung - 20.07.2008 (12)
  16. Sicherheitscenter nicht verfügbar, Fehler 127
    Antiviren-, Firewall- und andere Schutzprogramme - 09.03.2007 (3)
  17. Sicherheitscenter /Dienst unter Windows XP nicht verfügbar!
    Antiviren-, Firewall- und andere Schutzprogramme - 24.10.2006 (30)

Zum Thema GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) - Hallo! Ich habe seit einiger Zeit beim Aufruf von GMX (über https://www.gmx.at) immer wieder das Problem, dass ich die Seite nicht erreiche. Stattdessen bekomme ich die Fehlermeldung: Zitat: Diese Webseite - GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED)...
Archiv
Du betrachtest: GMX: Website nicht verfügbar (ERR_CONNECTION_REFUSED) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.