Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7 Pro 64Bit sehr langsam

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.12.2016, 12:41   #1
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Hallo,
mir wurde in diesem Forum vor einigen Jahren mal sehr gut bei der Bereinigung von einem Trojaner geholfen.

Diesmal geht es um mein 5 Jahre altes HP Probook 6360b, das immer langsamer wird.
Und dies obwohl ich es z.B. mit IO Advanced System Care regelmäßig reinige, mit Driver Booster meine Treiber aktualisiere oder mit IO MalwareFighter analysiere oder zuletzt auch die Festplatte defragmentiert habe.
Zuletzt wurde der Rechner immer langsamer gestartet. Teilweise hatte ich das Gefühl, dass er gar nicht arbeitet sondern aussetzt (kein Lüftergeräusch, Stillstand).
Wenn ich bei der Aufforderung, wie ich mich einloggen möchte (Passwort, Fingerabdruck oder Foto) Passwort anklicke, dauert es nochmal mindestens eine Minute bis die Passworteingabe erscheint.
Danach braucht der Laptop ewig bis alles geladen ist. Dabei zeigte mir Advanced System Care, dass der RAM rd. 50% Auslastung hätte aber dass die CPU 0% Auslastung hätte.
Ich war am ende von Advanced System Care so enttäuscht, dass ich es deinstalliert habe und bin zu CCleaner zurückgekehrt.
Dieser hat bei der Registry diverse Fehler gefunden und behoben, aber der Rechner blieb langsam.

Ich habe hier bereits diverse sehr aktuelle Themen zu langsamen Laptops (u.a. Windows 7: Laptop friert oftmals ein und Laptop phasenweise extrem langsam) gesehen und poste daher gleich mal die Analyseprotokolle.

AdwCleaner hat hier 15 Bedrohungen gefunden.
Anti-Malware läuft gerade noch und ich poste das Log nach meiner Mittagspause.

FRST.txt
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Andreas Klocke (Administrator) auf NOTEBOOK (22-12-2016 11:48:29)
Gestartet von C:\Users\Andreas Klocke\Downloads
Geladene Profile: Andreas Klocke (Verfügbare Profile: Andreas Klocke)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-08-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DsMgr] => C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [93240 2011-04-20] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2011-02-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{89B4A81F-D2DC-4F62-AC14-4F20103515A1}: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{E2E22EAE-77F5-4A60-87D5-5ED74C889313}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Nvu\Profiles\1p5ijy2s.default [2016-12-12]
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default [2016-12-22]
FF user.js: detected! => C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\user.js [2016-10-03]
FF Homepage: Mozilla\Firefox\Profiles\16jk24xp.default -> hxxp://www.google.de/
FF Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\Extensions\iobitascsurfingprotection@iobit.com [2015-07-31] [ist nicht signiert]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-images.xml [2014-11-21]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-maps.xml [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-08-10] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default [2016-12-22]
CHR Extension: (Google Präsentationen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Google-Suche) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (HP Network Check Launcher) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2016-12-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [485712 2011-05-19] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320512 2011-05-09] (Hewlett-Packard) [Datei ist nicht signiert]
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S2 iFunSoftUpdaterSvc; C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe [2961216 2016-01-30] (iFunSoft)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [980320 2011-01-20] (Infineon Technologies AG)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert]
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [203104 2011-01-20] (Infineon Technologies AG)
S3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-10-29] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2016-06-23] (Synaptics Incorporated)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [4819968 2011-06-18] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [586280 2011-03-03] (Ericsson AB)
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 ASPI; C:\windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [148032 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-12] (Avira Operations GmbH & Co. KG)
S3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [42536 2016-06-23] (IVT Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 ecnssndis; C:\windows\System32\Drivers\wwuss64.sys [26664 2014-10-29] (Ericsson AB)
R3 ecnssndisfltr; C:\windows\System32\Drivers\wwussf64.sys [29736 2014-10-29] (Ericsson AB)
R3 h36wgps; C:\windows\System32\DRIVERS\h36wgps64.sys [101416 2011-02-28] (Ericsson AB)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 johci; C:\windows\System32\DRIVERS\johci.sys [26208 2014-10-29] (JMicron Technology Corp.)
R3 Mbm3CBus; C:\windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
R3 Mbm3DevMt; C:\windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
R3 Mbm3mdfl; C:\windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
R3 Mbm3Mdm; C:\windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-10-29] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2596456 2016-06-23] (Sonix Tech. Co., Ltd.)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R3 WirelessKeyboardFilter; C:\windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R3 WwanUsbServ; C:\windows\System32\DRIVERS\WwanUsbMp64.sys [279312 2014-10-29] (Ericsson AB)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-22 11:48 - 2016-12-22 11:49 - 00026014 _____ C:\Users\Andreas Klocke\Downloads\FRST.txt
2016-12-22 11:47 - 2016-12-22 11:48 - 00000000 ____D C:\FRST
2016-12-22 11:47 - 2016-12-22 11:47 - 02420736 _____ (Farbar) C:\Users\Andreas Klocke\Downloads\FRST64.exe
2016-12-22 11:44 - 2016-12-22 11:42 - 00110144 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-64.dll
2016-12-22 10:37 - 2016-12-22 10:38 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-22 10:37 - 2016-12-22 10:37 - 00002808 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\Program Files\CCleaner
2016-12-22 10:36 - 2016-12-22 10:37 - 08803648 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Documents\ccsetup525.exe
2016-12-22 10:25 - 2016-12-22 10:33 - 00003236 _____ C:\windows\System32\Tasks\HPCeeScheduleForAndreas Klocke
2016-12-22 10:03 - 2016-12-22 11:27 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job
2016-12-22 10:03 - 2016-12-22 10:03 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\HP_Development_Company,_L
2016-12-22 10:01 - 2016-12-22 10:01 - 00000000 ____D C:\ProgramData\McAfee
2016-12-22 09:59 - 2016-12-22 09:59 - 00000248 _____ C:\windows\hbcikrnl.ini
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\ProgramData\SZCCID
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicroData
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicro
2016-12-22 09:49 - 2016-12-22 09:49 - 00002231 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-12-22 09:49 - 2016-12-22 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-12-22 09:41 - 2016-12-22 09:41 - 00000000 ____D C:\ProgramData\HP Inc
2016-12-22 09:35 - 2016-12-22 09:35 - 04057776 _____ (Oleg N. Scherbakov) C:\Users\Andreas Klocke\Documents\HPSupportSolutionsFramework-12.5.32.203.exe
2016-12-19 10:24 - 2016-12-19 10:24 - 00047396 _____ C:\Users\Andreas Klocke\.recently-used.xbel
2016-12-16 15:59 - 2016-12-16 15:59 - 00000000 ____H C:\asc_rdflag
2016-12-15 09:41 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-12-15 09:41 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-12-15 09:41 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-12-15 09:41 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-12-15 09:41 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-15 09:41 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-12-15 09:41 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-12-15 09:41 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-12-15 09:41 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-12-15 09:41 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-12-15 09:41 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-12-15 09:41 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-12-15 09:41 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-12-15 09:41 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-12-15 09:41 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-15 09:41 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-12-15 09:41 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-15 09:41 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-12-15 09:41 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-12-15 09:41 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-12-15 09:41 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-12-15 09:41 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-12-15 09:41 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-12-15 09:41 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-12-15 09:41 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-12-15 09:41 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-12-15 09:41 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-12-15 09:41 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-12-15 09:41 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-12-15 09:41 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-12-15 09:41 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-12-15 09:41 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-15 09:41 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-15 09:41 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-12-15 09:41 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-12-15 09:41 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-12-15 09:41 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-15 09:41 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-12-15 09:41 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-12-12 14:57 - 2016-12-12 14:57 - 00773579 _____ C:\Users\Andreas Klocke\Desktop\kps Solingen.pdf
2016-12-12 14:15 - 2016-12-12 14:15 - 06880664 _____ (Tim Kosse) C:\Users\Andreas Klocke\Downloads\FileZilla_3.23.0.2_win64-setup.exe
2016-12-12 12:28 - 2015-12-22 17:47 - 00099052 _____ C:\Users\Andreas Klocke\Desktop\Textbausteine Mietwertgutachten Stand 20140117.xlsx
2016-12-09 09:39 - 2016-12-09 09:39 - 04619752 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Downloads\dfsetup221.exe
2016-12-08 13:44 - 2016-12-08 13:44 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-08 09:48 - 2016-12-08 09:48 - 00000334 _____ C:\windows\Backup.ini
2016-12-08 09:41 - 2016-12-08 09:41 - 17150504 _____ (IObit ) C:\Users\Andreas Klocke\Downloads\driver_booster_setup(4.1.0.389).exe
2016-12-07 16:04 - 2016-12-22 11:46 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow\Mozilla
2016-12-07 15:36 - 2016-12-08 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 09:37 - 2016-12-05 09:37 - 07884536 _____ (Broadcom Corporation) C:\windows\system32\Drivers\BCMWL664.SYS
2016-12-05 09:37 - 2016-12-05 09:37 - 04401152 _____ (Broadcom Corporation) C:\windows\system32\bcmihvsrv64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 03667968 _____ (Broadcom Corporation) C:\windows\system32\bcmihvui64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 00096600 _____ (Broadcom Corporation) C:\windows\system32\bcmwlcoi.dll
2016-12-05 09:31 - 2016-12-05 09:31 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcp110_clr0400.dll
2016-11-25 11:56 - 2016-11-25 11:56 - 00239005 _____ C:\Users\Andreas Klocke\Documents\HP ProBook 6360b.pdf
2016-11-25 10:01 - 2016-11-25 10:01 - 05547752 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 03944680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01483264 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-11-25 10:01 - 2016-11-25 10:01 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00633296 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-11-25 10:01 - 2016-11-25 10:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00419648 _____ C:\windows\SysWOW64\locale.nls
2016-11-25 10:01 - 2016-11-25 10:01 - 00419648 _____ C:\windows\system32\locale.nls
2016-11-25 10:01 - 2016-11-25 10:01 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-11-25 10:01 - 2016-11-25 10:01 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-11-25 09:34 - 2016-11-25 09:34 - 00010788 _____ C:\Users\Andreas Klocke\Desktop\Kopierlast.xlsx
2016-11-23 15:11 - 2016-12-14 12:27 - 00013971 _____ C:\Users\Andreas Klocke\Desktop\Fahrten.xlsx
2016-11-23 14:52 - 2016-11-23 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-22 11:46 - 2013-09-26 11:25 - 00000000 ____D C:\ProgramData\Oracle
2016-12-22 11:45 - 2011-03-04 12:46 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2016-12-22 11:45 - 2011-03-04 12:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-22 11:44 - 2015-10-09 07:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-22 11:44 - 2015-07-10 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-22 11:44 - 2013-05-17 08:46 - 00000000 ____D C:\Program Files\Java
2016-12-22 11:43 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-22 11:43 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-22 11:42 - 2015-07-31 09:45 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-12-22 11:40 - 2016-01-22 09:22 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-22 11:29 - 2014-10-29 11:23 - 00000000 ____D C:\ProgramData\ProductData
2016-12-22 11:27 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-22 10:57 - 2015-09-10 17:31 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-12-22 10:51 - 2015-07-14 13:37 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\CrashDumps
2016-12-22 10:51 - 2011-10-12 13:53 - 00000000 ____D C:\windows\Minidump
2016-12-22 10:51 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-12-22 10:47 - 2015-07-31 09:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-22 10:47 - 2011-06-18 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
2016-12-22 10:43 - 2016-08-04 07:32 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\iFunSoft
2016-12-22 10:35 - 2015-02-25 17:15 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\ElevatedDiagnostics
2016-12-22 10:06 - 2009-07-14 05:45 - 00471400 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-22 10:02 - 2011-03-04 12:20 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-22 10:02 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2016-12-22 10:01 - 2011-03-04 12:27 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll
2016-12-22 10:00 - 2011-03-04 12:26 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-22 09:59 - 2011-03-04 12:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2016-12-22 09:40 - 2014-06-01 15:16 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-22 09:40 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\hpqLog
2016-12-22 09:38 - 2011-07-28 09:53 - 00130248 _____ C:\Users\Andreas Klocke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-19 10:24 - 2011-07-28 13:35 - 00000000 ____D C:\Users\Andreas Klocke\.gimp-2.6
2016-12-19 10:24 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke
2016-12-17 14:56 - 2011-08-01 11:36 - 00003542 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:56 - 2011-08-01 11:36 - 00003414 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 14:38 - 2011-03-04 13:01 - 00705108 _____ C:\windows\system32\perfh007.dat
2016-12-17 14:38 - 2011-03-04 13:01 - 00151476 _____ C:\windows\system32\perfc007.dat
2016-12-17 14:38 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag
2016-12-16 15:59 - 2016-10-04 08:02 - 00622592 _____ C:\windows\system32\config\DEFAULT.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00069632 _____ C:\windows\system32\config\SAM.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00028672 _____ C:\windows\system32\config\SECURITY.iodefrag.bak
2016-12-15 18:25 - 2011-08-05 11:54 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\gtk-2.0
2016-12-15 09:59 - 2013-08-12 09:56 - 00000000 ____D C:\windows\system32\MRT
2016-12-15 09:54 - 2011-07-28 10:37 - 135632432 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-12-15 09:51 - 2011-03-04 12:25 - 01607460 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-12-14 13:23 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-14 13:21 - 2016-10-11 11:01 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-12-14 09:51 - 2015-03-13 10:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 13:57 - 2015-09-10 17:31 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 13:57 - 2015-09-10 17:31 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 13:57 - 2015-09-10 17:31 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 13:57 - 2011-11-15 09:43 - 00000000 ____D C:\windows\system32\Macromed
2016-12-13 13:57 - 2011-03-04 12:58 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-12-12 14:16 - 2014-03-31 10:06 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\FileZilla
2016-12-09 09:42 - 2013-05-12 19:19 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-12-09 09:42 - 2013-05-12 19:19 - 00000000 ____D C:\Program Files\Defraggler
2016-12-08 13:44 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-08 09:30 - 2015-07-31 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-05 09:57 - 2015-07-31 09:01 - 00000000 ____D C:\ProgramData\IObit
2016-12-05 09:52 - 2011-08-01 13:50 - 00000302 _____ C:\windows\system32\ricdb.ini
2016-12-05 09:28 - 2014-03-31 10:20 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\Nvu
2016-12-01 09:02 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-11-25 10:47 - 2011-07-28 16:44 - 00000000 ____D C:\windows\rescache
2016-11-23 17:03 - 2011-07-28 09:48 - 00003218 _____ C:\windows\System32\Tasks\HPCeeScheduleForNOTEBOOK$
2016-11-23 17:03 - 2011-07-28 09:48 - 00000342 _____ C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job
2016-11-23 14:52 - 2011-08-01 11:36 - 00000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-08-10 08:31 - 2011-08-10 08:35 - 0053342 _____ () C:\Users\Andreas Klocke\AppData\Roaming\QWInstall.log
2014-06-01 15:31 - 2014-06-01 15:32 - 0000347 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Andreas Klocke\AppData\Local\Temp\jre-8u111-windows-au.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-11-25 10:39

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 22.12.2016, 12:45   #2
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Addition.txt:
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Andreas Klocke (Administrator) auf NOTEBOOK (22-12-2016 11:48:29)
Gestartet von C:\Users\Andreas Klocke\Downloads
Geladene Profile: Andreas Klocke (Verfügbare Profile: Andreas Klocke)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-08-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DsMgr] => C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [93240 2011-04-20] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2011-02-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{89B4A81F-D2DC-4F62-AC14-4F20103515A1}: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{E2E22EAE-77F5-4A60-87D5-5ED74C889313}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Nvu\Profiles\1p5ijy2s.default [2016-12-12]
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default [2016-12-22]
FF user.js: detected! => C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\user.js [2016-10-03]
FF Homepage: Mozilla\Firefox\Profiles\16jk24xp.default -> hxxp://www.google.de/
FF Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\Extensions\iobitascsurfingprotection@iobit.com [2015-07-31] [ist nicht signiert]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-images.xml [2014-11-21]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-maps.xml [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-08-10] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default [2016-12-22]
CHR Extension: (Google Präsentationen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Google-Suche) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (HP Network Check Launcher) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2016-12-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [485712 2011-05-19] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320512 2011-05-09] (Hewlett-Packard) [Datei ist nicht signiert]
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S2 iFunSoftUpdaterSvc; C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe [2961216 2016-01-30] (iFunSoft)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [980320 2011-01-20] (Infineon Technologies AG)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert]
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [203104 2011-01-20] (Infineon Technologies AG)
S3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-10-29] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2016-06-23] (Synaptics Incorporated)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [4819968 2011-06-18] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [586280 2011-03-03] (Ericsson AB)
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 ASPI; C:\windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [148032 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-12] (Avira Operations GmbH & Co. KG)
S3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [42536 2016-06-23] (IVT Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 ecnssndis; C:\windows\System32\Drivers\wwuss64.sys [26664 2014-10-29] (Ericsson AB)
R3 ecnssndisfltr; C:\windows\System32\Drivers\wwussf64.sys [29736 2014-10-29] (Ericsson AB)
R3 h36wgps; C:\windows\System32\DRIVERS\h36wgps64.sys [101416 2011-02-28] (Ericsson AB)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 johci; C:\windows\System32\DRIVERS\johci.sys [26208 2014-10-29] (JMicron Technology Corp.)
R3 Mbm3CBus; C:\windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
R3 Mbm3DevMt; C:\windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
R3 Mbm3mdfl; C:\windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
R3 Mbm3Mdm; C:\windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-10-29] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2596456 2016-06-23] (Sonix Tech. Co., Ltd.)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R3 WirelessKeyboardFilter; C:\windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R3 WwanUsbServ; C:\windows\System32\DRIVERS\WwanUsbMp64.sys [279312 2014-10-29] (Ericsson AB)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-22 11:48 - 2016-12-22 11:49 - 00026014 _____ C:\Users\Andreas Klocke\Downloads\FRST.txt
2016-12-22 11:47 - 2016-12-22 11:48 - 00000000 ____D C:\FRST
2016-12-22 11:47 - 2016-12-22 11:47 - 02420736 _____ (Farbar) C:\Users\Andreas Klocke\Downloads\FRST64.exe
2016-12-22 11:44 - 2016-12-22 11:42 - 00110144 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-64.dll
2016-12-22 10:37 - 2016-12-22 10:38 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-22 10:37 - 2016-12-22 10:37 - 00002808 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\Program Files\CCleaner
2016-12-22 10:36 - 2016-12-22 10:37 - 08803648 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Documents\ccsetup525.exe
2016-12-22 10:25 - 2016-12-22 10:33 - 00003236 _____ C:\windows\System32\Tasks\HPCeeScheduleForAndreas Klocke
2016-12-22 10:03 - 2016-12-22 11:27 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job
2016-12-22 10:03 - 2016-12-22 10:03 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\HP_Development_Company,_L
2016-12-22 10:01 - 2016-12-22 10:01 - 00000000 ____D C:\ProgramData\McAfee
2016-12-22 09:59 - 2016-12-22 09:59 - 00000248 _____ C:\windows\hbcikrnl.ini
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\ProgramData\SZCCID
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicroData
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicro
2016-12-22 09:49 - 2016-12-22 09:49 - 00002231 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-12-22 09:49 - 2016-12-22 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-12-22 09:41 - 2016-12-22 09:41 - 00000000 ____D C:\ProgramData\HP Inc
2016-12-22 09:35 - 2016-12-22 09:35 - 04057776 _____ (Oleg N. Scherbakov) C:\Users\Andreas Klocke\Documents\HPSupportSolutionsFramework-12.5.32.203.exe
2016-12-19 10:24 - 2016-12-19 10:24 - 00047396 _____ C:\Users\Andreas Klocke\.recently-used.xbel
2016-12-16 15:59 - 2016-12-16 15:59 - 00000000 ____H C:\asc_rdflag
2016-12-15 09:41 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-12-15 09:41 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-12-15 09:41 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-12-15 09:41 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-12-15 09:41 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-15 09:41 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-12-15 09:41 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-12-15 09:41 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-12-15 09:41 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-12-15 09:41 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-12-15 09:41 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-12-15 09:41 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-12-15 09:41 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-12-15 09:41 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-12-15 09:41 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-15 09:41 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-12-15 09:41 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-15 09:41 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-12-15 09:41 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-12-15 09:41 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-12-15 09:41 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-12-15 09:41 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-12-15 09:41 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-12-15 09:41 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-12-15 09:41 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-12-15 09:41 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-12-15 09:41 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-12-15 09:41 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-12-15 09:41 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-12-15 09:41 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-12-15 09:41 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-12-15 09:41 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-15 09:41 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-15 09:41 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-12-15 09:41 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-12-15 09:41 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-12-15 09:41 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-15 09:41 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-12-15 09:41 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-12-12 14:57 - 2016-12-12 14:57 - 00773579 _____ C:\Users\Andreas Klocke\Desktop\kps Solingen.pdf
2016-12-12 14:15 - 2016-12-12 14:15 - 06880664 _____ (Tim Kosse) C:\Users\Andreas Klocke\Downloads\FileZilla_3.23.0.2_win64-setup.exe
2016-12-12 12:28 - 2015-12-22 17:47 - 00099052 _____ C:\Users\Andreas Klocke\Desktop\Textbausteine Mietwertgutachten Stand 20140117.xlsx
2016-12-09 09:39 - 2016-12-09 09:39 - 04619752 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Downloads\dfsetup221.exe
2016-12-08 13:44 - 2016-12-08 13:44 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-08 09:48 - 2016-12-08 09:48 - 00000334 _____ C:\windows\Backup.ini
2016-12-08 09:41 - 2016-12-08 09:41 - 17150504 _____ (IObit ) C:\Users\Andreas Klocke\Downloads\driver_booster_setup(4.1.0.389).exe
2016-12-07 16:04 - 2016-12-22 11:46 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow\Mozilla
2016-12-07 15:36 - 2016-12-08 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 09:37 - 2016-12-05 09:37 - 07884536 _____ (Broadcom Corporation) C:\windows\system32\Drivers\BCMWL664.SYS
2016-12-05 09:37 - 2016-12-05 09:37 - 04401152 _____ (Broadcom Corporation) C:\windows\system32\bcmihvsrv64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 03667968 _____ (Broadcom Corporation) C:\windows\system32\bcmihvui64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 00096600 _____ (Broadcom Corporation) C:\windows\system32\bcmwlcoi.dll
2016-12-05 09:31 - 2016-12-05 09:31 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\windows\system32\msvcp110_clr0400.dll
2016-11-25 11:56 - 2016-11-25 11:56 - 00239005 _____ C:\Users\Andreas Klocke\Documents\HP ProBook 6360b.pdf
2016-11-25 10:01 - 2016-11-25 10:01 - 05547752 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 03944680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01483264 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01176064 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-11-25 10:01 - 2016-11-25 10:01 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00633296 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-11-25 10:01 - 2016-11-25 10:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00419648 _____ C:\windows\SysWOW64\locale.nls
2016-11-25 10:01 - 2016-11-25 10:01 - 00419648 _____ C:\windows\system32\locale.nls
2016-11-25 10:01 - 2016-11-25 10:01 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-11-25 10:01 - 2016-11-25 10:01 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-11-25 10:01 - 2016-11-25 10:01 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-25 10:01 - 2016-11-25 10:01 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-11-25 09:34 - 2016-11-25 09:34 - 00010788 _____ C:\Users\Andreas Klocke\Desktop\Kopierlast.xlsx
2016-11-23 15:11 - 2016-12-14 12:27 - 00013971 _____ C:\Users\Andreas Klocke\Desktop\Fahrten.xlsx
2016-11-23 14:52 - 2016-11-23 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-22 11:46 - 2013-09-26 11:25 - 00000000 ____D C:\ProgramData\Oracle
2016-12-22 11:45 - 2011-03-04 12:46 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2016-12-22 11:45 - 2011-03-04 12:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-22 11:44 - 2015-10-09 07:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-22 11:44 - 2015-07-10 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-22 11:44 - 2013-05-17 08:46 - 00000000 ____D C:\Program Files\Java
2016-12-22 11:43 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-22 11:43 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-22 11:42 - 2015-07-31 09:45 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-12-22 11:40 - 2016-01-22 09:22 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-22 11:29 - 2014-10-29 11:23 - 00000000 ____D C:\ProgramData\ProductData
2016-12-22 11:27 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-22 10:57 - 2015-09-10 17:31 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-12-22 10:51 - 2015-07-14 13:37 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\CrashDumps
2016-12-22 10:51 - 2011-10-12 13:53 - 00000000 ____D C:\windows\Minidump
2016-12-22 10:51 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-12-22 10:47 - 2015-07-31 09:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-22 10:47 - 2011-06-18 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
2016-12-22 10:43 - 2016-08-04 07:32 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\iFunSoft
2016-12-22 10:35 - 2015-02-25 17:15 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\ElevatedDiagnostics
2016-12-22 10:06 - 2009-07-14 05:45 - 00471400 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-22 10:02 - 2011-03-04 12:20 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-22 10:02 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2016-12-22 10:01 - 2011-03-04 12:27 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll
2016-12-22 10:00 - 2011-03-04 12:26 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-22 09:59 - 2011-03-04 12:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2016-12-22 09:40 - 2014-06-01 15:16 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-22 09:40 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\hpqLog
2016-12-22 09:38 - 2011-07-28 09:53 - 00130248 _____ C:\Users\Andreas Klocke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-19 10:24 - 2011-07-28 13:35 - 00000000 ____D C:\Users\Andreas Klocke\.gimp-2.6
2016-12-19 10:24 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke
2016-12-17 14:56 - 2011-08-01 11:36 - 00003542 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:56 - 2011-08-01 11:36 - 00003414 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 14:38 - 2011-03-04 13:01 - 00705108 _____ C:\windows\system32\perfh007.dat
2016-12-17 14:38 - 2011-03-04 13:01 - 00151476 _____ C:\windows\system32\perfc007.dat
2016-12-17 14:38 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag
2016-12-16 15:59 - 2016-10-04 08:02 - 00622592 _____ C:\windows\system32\config\DEFAULT.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00069632 _____ C:\windows\system32\config\SAM.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00028672 _____ C:\windows\system32\config\SECURITY.iodefrag.bak
2016-12-15 18:25 - 2011-08-05 11:54 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\gtk-2.0
2016-12-15 09:59 - 2013-08-12 09:56 - 00000000 ____D C:\windows\system32\MRT
2016-12-15 09:54 - 2011-07-28 10:37 - 135632432 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-12-15 09:51 - 2011-03-04 12:25 - 01607460 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-12-14 13:23 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-14 13:21 - 2016-10-11 11:01 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-12-14 09:51 - 2015-03-13 10:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 13:57 - 2015-09-10 17:31 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 13:57 - 2015-09-10 17:31 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 13:57 - 2015-09-10 17:31 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 13:57 - 2011-11-15 09:43 - 00000000 ____D C:\windows\system32\Macromed
2016-12-13 13:57 - 2011-03-04 12:58 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-12-12 14:16 - 2014-03-31 10:06 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\FileZilla
2016-12-09 09:42 - 2013-05-12 19:19 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-12-09 09:42 - 2013-05-12 19:19 - 00000000 ____D C:\Program Files\Defraggler
2016-12-08 13:44 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-08 09:30 - 2015-07-31 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-05 09:57 - 2015-07-31 09:01 - 00000000 ____D C:\ProgramData\IObit
2016-12-05 09:52 - 2011-08-01 13:50 - 00000302 _____ C:\windows\system32\ricdb.ini
2016-12-05 09:28 - 2014-03-31 10:20 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\Nvu
2016-12-01 09:02 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-11-25 10:47 - 2011-07-28 16:44 - 00000000 ____D C:\windows\rescache
2016-11-23 17:03 - 2011-07-28 09:48 - 00003218 _____ C:\windows\System32\Tasks\HPCeeScheduleForNOTEBOOK$
2016-11-23 17:03 - 2011-07-28 09:48 - 00000342 _____ C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job
2016-11-23 14:52 - 2011-08-01 11:36 - 00000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-08-10 08:31 - 2011-08-10 08:35 - 0053342 _____ () C:\Users\Andreas Klocke\AppData\Roaming\QWInstall.log
2014-06-01 15:31 - 2014-06-01 15:32 - 0000347 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Andreas Klocke\AppData\Local\Temp\jre-8u111-windows-au.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-11-25 10:39

==================== Ende von FRST.txt ============================
         
--- --- ---


TDSSKiller Report:
11:58:11.0270 0x1b2c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
11:58:20.0695 0x1b2c ============================================================
11:58:20.0695 0x1b2c Current date / time: 2016/12/22 11:58:20.0695
11:58:20.0695 0x1b2c SystemInfo:
11:58:20.0695 0x1b2c
11:58:20.0695 0x1b2c OS Version: 6.1.7601 ServicePack: 1.0
11:58:20.0695 0x1b2c Product type: Workstation
11:58:20.0695 0x1b2c ComputerName: NOTEBOOK
11:58:20.0695 0x1b2c UserName: Andreas Klocke
11:58:20.0695 0x1b2c Windows directory: C:\windows
11:58:20.0695 0x1b2c System windows directory: C:\windows
11:58:20.0695 0x1b2c Running under WOW64
11:58:20.0695 0x1b2c Processor architecture: Intel x64
11:58:20.0695 0x1b2c Number of processors: 4
11:58:20.0695 0x1b2c Page size: 0x1000
11:58:20.0695 0x1b2c Boot type: Normal boot
11:58:20.0695 0x1b2c CodeIntegrityOptions = 0x00000001
11:58:20.0695 0x1b2c ============================================================
11:58:20.0841 0x1b2c KLMD registered as C:\windows\system32\drivers\77767027.sys
11:58:20.0841 0x1b2c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
11:58:21.0904 0x1b2c System UUID: {23A8BC26-4825-A52A-7650-D2BF6254FC6B}
11:58:23.0211 0x1b2c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:58:23.0211 0x1b2c ============================================================
11:58:23.0211 0x1b2c \Device\Harddisk0\DR0:
11:58:23.0211 0x1b2c MBR partitions:
11:58:23.0211 0x1b2c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
11:58:23.0211 0x1b2c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x37B63000
11:58:23.0211 0x1b2c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37BF9800, BlocksNum 0x1D8B000
11:58:23.0211 0x1b2c \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39984800, BlocksNum 0x9FD800
11:58:23.0211 0x1b2c ============================================================
11:58:23.0226 0x1b2c C: <-> \Device\Harddisk0\DR0\Partition2
11:58:23.0274 0x1b2c E: <-> \Device\Harddisk0\DR0\Partition3
11:58:23.0290 0x1b2c F: <-> \Device\Harddisk0\DR0\Partition4
11:58:23.0290 0x1b2c ============================================================
11:58:23.0290 0x1b2c Initialize success
11:58:23.0290 0x1b2c ============================================================
11:58:26.0676 0x1770 ============================================================
11:58:26.0676 0x1770 Scan started
11:58:26.0676 0x1770 Mode: Manual;
11:58:26.0676 0x1770 ============================================================
11:58:26.0676 0x1770 KSN ping started
11:58:26.0801 0x1770 KSN ping finished: true
11:58:29.0281 0x1770 ================ Scan system memory ========================
11:58:29.0281 0x1770 System memory - ok
11:58:29.0281 0x1770 ================ Scan services =============================
11:58:29.0510 0x1770 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
11:58:29.0510 0x1770 1394ohci - ok
11:58:29.0596 0x1770 [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
11:58:29.0596 0x1770 Accelerometer - ok
11:58:29.0643 0x1770 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
11:58:29.0643 0x1770 ACPI - ok
11:58:29.0690 0x1770 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
11:58:29.0690 0x1770 AcpiPmi - ok
11:58:29.0822 0x1770 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:58:29.0824 0x1770 AdobeARMservice - ok
11:58:30.0010 0x1770 [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:58:30.0018 0x1770 AdobeFlashPlayerUpdateSvc - ok
11:58:30.0076 0x1770 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
11:58:30.0100 0x1770 adp94xx - ok
11:58:30.0134 0x1770 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
11:58:30.0134 0x1770 adpahci - ok
11:58:30.0171 0x1770 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
11:58:30.0175 0x1770 adpu320 - ok
11:58:30.0227 0x1770 AdvancedSystemCareService9 - ok
11:58:30.0258 0x1770 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:58:30.0273 0x1770 AeLookupSvc - ok
11:58:30.0371 0x1770 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
11:58:30.0371 0x1770 AESTFilters - ok
11:58:30.0449 0x1770 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\windows\system32\drivers\afd.sys
11:58:30.0465 0x1770 AFD - ok
11:58:30.0527 0x1770 [ 48008D4EA73C1058F36D323A644410D4, D0219AE0197BBD4C7BD75CD7564013B11497562F71C97918856B176942D86F65 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
11:58:30.0527 0x1770 AgereModemAudio - ok
11:58:30.0608 0x1770 [ DDF52C4C92D831A4CDB7788B37585E36, 604EB7E1F254A085364F652C41F560044439EA9B3D98EF0FEBC0B5AB8C6FFFC0 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
11:58:30.0640 0x1770 AgereSoftModem - ok
11:58:30.0696 0x1770 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
11:58:30.0696 0x1770 agp440 - ok
11:58:30.0743 0x1770 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
11:58:30.0743 0x1770 ALG - ok
11:58:30.0779 0x1770 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
11:58:30.0779 0x1770 aliide - ok
11:58:30.0842 0x1770 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
11:58:30.0842 0x1770 amdide - ok
11:58:30.0888 0x1770 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
11:58:30.0890 0x1770 AmdK8 - ok
11:58:30.0919 0x1770 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
11:58:30.0920 0x1770 AmdPPM - ok
11:58:30.0952 0x1770 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:58:30.0954 0x1770 amdsata - ok
11:58:30.0991 0x1770 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
11:58:31.0007 0x1770 amdsbs - ok
11:58:31.0023 0x1770 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
11:58:31.0023 0x1770 amdxata - ok
11:58:31.0169 0x1770 [ 98D7647EF729503A60EF870DA5C21D0D, 7E36E8E3D9D0BD940DC225E1DB7EFD90F76F7BE8DCAD9782255556C31D6FD476 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
11:58:31.0210 0x1770 AntiVirMailService - ok
11:58:31.0275 0x1770 [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
11:58:31.0310 0x1770 AntiVirSchedulerService - ok
11:58:31.0357 0x1770 [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
11:58:31.0375 0x1770 AntiVirService - ok
11:58:31.0444 0x1770 [ F2B26CD2305E917B1EA1BF49E0C59E31, 8CCE64C68B80D56C7604DB6ABD187F66C624462328F4886C607F0A46D8E9DE92 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
11:58:31.0493 0x1770 AntiVirWebService - ok
11:58:31.0575 0x1770 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\windows\system32\drivers\appid.sys
11:58:31.0575 0x1770 AppID - ok
11:58:31.0629 0x1770 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:58:31.0629 0x1770 AppIDSvc - ok
11:58:31.0675 0x1770 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\windows\System32\appinfo.dll
11:58:31.0691 0x1770 Appinfo - ok
11:58:31.0757 0x1770 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\windows\System32\appmgmts.dll
11:58:31.0763 0x1770 AppMgmt - ok
11:58:31.0796 0x1770 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
11:58:31.0796 0x1770 arc - ok
11:58:31.0811 0x1770 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
11:58:31.0811 0x1770 arcsas - ok
11:58:31.0858 0x1770 [ 357635F16D28558C50870F4EF8AA4712, 80B579F0DCF1AC5607C692988B56CC62DEE1EF5BF3583B89006493F9DCE89CE9 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
11:58:31.0858 0x1770 ARCVCAM - ok
11:58:31.0938 0x1770 ASPI - ok
11:58:32.0026 0x1770 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:58:32.0083 0x1770 aspnet_state - ok
11:58:32.0112 0x1770 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:58:32.0112 0x1770 AsyncMac - ok
11:58:32.0159 0x1770 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
11:58:32.0175 0x1770 atapi - ok
11:58:32.0213 0x1770 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:58:32.0244 0x1770 AudioEndpointBuilder - ok
11:58:32.0259 0x1770 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\windows\System32\Audiosrv.dll
11:58:32.0275 0x1770 AudioSrv - ok
11:58:32.0344 0x1770 [ 8369A6E2611D2BA79871B655A650DE59, 101C8C660F0720CAF501EE108209C792933F6907B1A15321ADDE7C247BDA8211 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
11:58:32.0344 0x1770 avgntflt - ok
11:58:32.0413 0x1770 [ 5FEFD9961A750C395D3A6AD1985B05B2, 31C3B9EDE4C49ED433BE19CD6A1B74F54947FC1DCA3886A83A281F6E8CA02FF0 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
11:58:32.0413 0x1770 avipbb - ok
11:58:32.0528 0x1770 [ 14FCA1D1720A68C2D586940ABBE2DB3C, 274DB01CFD3024357602748FE36882ACE6BB3764A9FB62B2B40F9232B84A9B3E ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
11:58:32.0528 0x1770 Avira.ServiceHost - ok
11:58:32.0559 0x1770 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
11:58:32.0559 0x1770 avkmgr - ok
11:58:32.0612 0x1770 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\windows\system32\DRIVERS\avnetflt.sys
11:58:32.0612 0x1770 avnetflt - ok
11:58:32.0674 0x1770 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
11:58:32.0674 0x1770 AxInstSV - ok
11:58:32.0744 0x1770 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
11:58:32.0759 0x1770 b06bdrv - ok
11:58:32.0813 0x1770 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
11:58:32.0813 0x1770 b57nd60a - ok
11:58:32.0908 0x1770 [ CCABEAC61E8D8ADD9DA16E319ED6BF07, AD6D3ADC19108E2B95968174334367E12F2805E5517BC59896934690DE8FB948 ] BCM42RLY C:\windows\system32\drivers\BCM42RLY.sys
11:58:32.0908 0x1770 BCM42RLY - ok
11:58:33.0209 0x1770 [ E7AD23ADD42971350B3BD41A049DF09C, A262B0AFB5AA2BA145F81CABD3C4B14828DC04802A4DF21DF23D0FBDA1FDF231 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
11:58:33.0412 0x1770 BCM43XX - ok
11:58:33.0474 0x1770 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
11:58:33.0474 0x1770 BDESVC - ok
11:58:33.0513 0x1770 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
11:58:33.0514 0x1770 Beep - ok
11:58:33.0617 0x1770 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
11:58:33.0640 0x1770 BFE - ok
11:58:33.0702 0x1770 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
11:58:33.0717 0x1770 BITS - ok
11:58:33.0769 0x1770 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
11:58:33.0771 0x1770 blbdrive - ok
11:58:33.0809 0x1770 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:58:33.0812 0x1770 bowser - ok
11:58:33.0826 0x1770 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
11:58:33.0827 0x1770 BrFiltLo - ok
11:58:33.0840 0x1770 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
11:58:33.0841 0x1770 BrFiltUp - ok
11:58:33.0889 0x1770 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
11:58:33.0895 0x1770 Browser - ok
11:58:33.0928 0x1770 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
11:58:33.0937 0x1770 Brserid - ok
11:58:33.0949 0x1770 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
11:58:33.0951 0x1770 BrSerWdm - ok
11:58:33.0958 0x1770 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
11:58:33.0959 0x1770 BrUsbMdm - ok
11:58:33.0972 0x1770 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
11:58:33.0973 0x1770 BrUsbSer - ok
11:58:34.0037 0x1770 [ C50EBD8BE9DD1BED7E5B1C5AC2272DD7, F226FD295658566C10543BCA4AB6EC0862680ADD79BE4D97F0BD8E134822382A ] Btcsrusb C:\windows\system32\Drivers\btcusb.sys
11:58:34.0038 0x1770 Btcsrusb - ok
11:58:34.0128 0x1770 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
11:58:34.0129 0x1770 BthEnum - ok
11:58:34.0160 0x1770 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
11:58:34.0160 0x1770 BTHMODEM - ok
11:58:34.0197 0x1770 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
11:58:34.0200 0x1770 BthPan - ok
11:58:34.0246 0x1770 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:58:34.0262 0x1770 BTHPORT - ok
11:58:34.0293 0x1770 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
11:58:34.0293 0x1770 bthserv - ok
11:58:34.0324 0x1770 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:58:34.0324 0x1770 BTHUSB - ok
11:58:34.0390 0x1770 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\windows\system32\drivers\btwampfl.sys
11:58:34.0397 0x1770 btwampfl - ok
11:58:34.0419 0x1770 [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
11:58:34.0422 0x1770 btwaudio - ok
11:58:34.0461 0x1770 [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
11:58:34.0477 0x1770 btwavdt - ok
11:58:34.0603 0x1770 [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:58:34.0625 0x1770 btwdins - ok
11:58:34.0641 0x1770 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
11:58:34.0657 0x1770 btwl2cap - ok
11:58:34.0672 0x1770 [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
11:58:34.0672 0x1770 btwrchid - ok
11:58:34.0703 0x1770 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:58:34.0719 0x1770 cdfs - ok
11:58:34.0750 0x1770 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\drivers\cdrom.sys
11:58:34.0766 0x1770 cdrom - ok
11:58:34.0828 0x1770 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
11:58:34.0828 0x1770 CertPropSvc - ok
11:58:34.0859 0x1770 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
11:58:34.0859 0x1770 circlass - ok
11:58:34.0928 0x1770 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\windows\system32\CLFS.sys
11:58:34.0936 0x1770 CLFS - ok
11:58:35.0009 0x1770 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:58:35.0009 0x1770 clr_optimization_v2.0.50727_32 - ok
11:58:35.0056 0x1770 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:58:35.0056 0x1770 clr_optimization_v2.0.50727_64 - ok
11:58:35.0158 0x1770 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:58:35.0355 0x1770 clr_optimization_v4.0.30319_32 - ok
11:58:35.0393 0x1770 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:58:35.0409 0x1770 clr_optimization_v4.0.30319_64 - ok
11:58:35.0440 0x1770 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
11:58:35.0440 0x1770 CmBatt - ok
11:58:35.0471 0x1770 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
11:58:35.0471 0x1770 cmdide - ok
11:58:35.0518 0x1770 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\windows\system32\Drivers\cng.sys
11:58:35.0518 0x1770 CNG - ok
11:58:35.0549 0x1770 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
11:58:35.0549 0x1770 Compbatt - ok
11:58:35.0597 0x1770 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
11:58:35.0597 0x1770 CompositeBus - ok
11:58:35.0613 0x1770 COMSysApp - ok
11:58:35.0700 0x1770 [ 135162E5A8AF0C4BCEA4E559F5F49C07, B9F7846DF73617EBA9AC05C89130DFE71E2007FB108CCE5C7C179DF65055D93C ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
11:58:35.0708 0x1770 cphs - ok
11:58:35.0738 0x1770 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
11:58:35.0739 0x1770 crcdisk - ok
11:58:35.0786 0x1770 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\windows\system32\cryptsvc.dll
11:58:35.0786 0x1770 CryptSvc - ok
11:58:35.0849 0x1770 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\windows\system32\drivers\csc.sys
11:58:35.0849 0x1770 CSC - ok
11:58:35.0880 0x1770 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\windows\System32\cscsvc.dll
11:58:35.0910 0x1770 CscService - ok
11:58:35.0947 0x1770 [ 2E3374F9F0B5A3247B779978980C24CB, 21DE1C89252703198E192C91DD41307851457FCC9E10EEB1B9AF03AAAB35AD78 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
11:58:35.0947 0x1770 DAMDrv - ok
11:58:36.0016 0x1770 [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
11:58:36.0019 0x1770 dc3d - ok
11:58:36.0076 0x1770 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\windows\system32\rpcss.dll
11:58:36.0096 0x1770 DcomLaunch - ok
11:58:36.0127 0x1770 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
11:58:36.0142 0x1770 defragsvc - ok
11:58:36.0174 0x1770 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\windows\system32\Drivers\dfsc.sys
11:58:36.0174 0x1770 DfsC - ok
11:58:36.0258 0x1770 [ 0B3F6C8F93C5C25977EA5A8B2E656357, 1B1C8DA8592D2B892382E062017E60BF02B1B6642822039F21446DF01FAFDEE1 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
11:58:36.0258 0x1770 dg_ssudbus - ok
11:58:36.0346 0x1770 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
11:58:36.0354 0x1770 Dhcp - ok
11:58:36.0457 0x1770 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\windows\system32\diagtrack.dll
11:58:36.0495 0x1770 DiagTrack - ok
11:58:36.0526 0x1770 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
11:58:36.0526 0x1770 discache - ok
11:58:36.0557 0x1770 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\windows\system32\drivers\disk.sys
11:58:36.0574 0x1770 Disk - ok
11:58:36.0659 0x1770 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
11:58:36.0659 0x1770 Dnscache - ok
11:58:36.0761 0x1770 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
11:58:36.0792 0x1770 dot3svc - ok
11:58:36.0893 0x1770 [ 6AFFDBFB153C9079BE33047A692676E2, 1678EA7E6B69DFF2E736D8C009D66B1BBA21F4140F7CA3D8FDBA683655094850 ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
11:58:36.0909 0x1770 DpHost - ok
11:58:36.0940 0x1770 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
11:58:36.0940 0x1770 DPS - ok
11:58:37.0041 0x1770 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:58:37.0041 0x1770 drmkaud - ok
11:58:37.0088 0x1770 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:58:37.0119 0x1770 DXGKrnl - ok
11:58:37.0202 0x1770 [ 23B6F8081F5C7AF1343810641EE0DD58, 571EF6BC76C062AF0FC696213638831EBC90B056B353AD440B01CA17E0D5B1B7 ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys
11:58:37.0217 0x1770 e1cexpress - ok
11:58:37.0248 0x1770 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
11:58:37.0264 0x1770 EapHost - ok
11:58:37.0373 0x1770 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
11:58:37.0460 0x1770 ebdrv - ok
11:58:37.0491 0x1770 [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis C:\windows\system32\Drivers\wwuss64.sys
11:58:37.0491 0x1770 ecnssndis - ok
11:58:37.0524 0x1770 [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr C:\windows\system32\Drivers\wwussf64.sys
11:58:37.0525 0x1770 ecnssndisfltr - ok
11:58:37.0565 0x1770 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS C:\windows\System32\lsass.exe
11:58:37.0567 0x1770 EFS - ok
11:58:37.0632 0x1770 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
11:58:37.0648 0x1770 ehRecvr - ok
11:58:37.0696 0x1770 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
11:58:37.0696 0x1770 ehSched - ok
11:58:37.0758 0x1770 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
11:58:37.0774 0x1770 elxstor - ok
11:58:37.0791 0x1770 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
11:58:37.0791 0x1770 ErrDev - ok
11:58:37.0854 0x1770 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
11:58:37.0854 0x1770 EventSystem - ok
11:58:37.0894 0x1770 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
11:58:37.0894 0x1770 exfat - ok
11:58:37.0925 0x1770 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
11:58:37.0925 0x1770 fastfat - ok
11:58:37.0971 0x1770 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
11:58:37.0987 0x1770 Fax - ok
11:58:38.0018 0x1770 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
11:58:38.0018 0x1770 fdc - ok
11:58:38.0049 0x1770 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
11:58:38.0049 0x1770 fdPHost - ok
11:58:38.0065 0x1770 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
11:58:38.0065 0x1770 FDResPub - ok
11:58:38.0103 0x1770 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:58:38.0106 0x1770 FileInfo - ok
11:58:38.0124 0x1770 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:58:38.0126 0x1770 Filetrace - ok
11:58:38.0197 0x1770 [ 87B3E5C567509DDF3B124B16A6A3FBB7, BCF7CD822FD2C0DD8FB3DDCF682B0D26D73EE35D5F5F81643346F025A72A323B ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
11:58:38.0209 0x1770 FLCDLOCK - ok
11:58:38.0234 0x1770 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
11:58:38.0235 0x1770 flpydisk - ok
11:58:38.0271 0x1770 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:58:38.0271 0x1770 FltMgr - ok
11:58:38.0349 0x1770 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\windows\system32\FntCache.dll
11:58:38.0391 0x1770 FontCache - ok
11:58:38.0444 0x1770 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:58:38.0444 0x1770 FontCache3.0.0.0 - ok
11:58:38.0493 0x1770 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:58:38.0495 0x1770 FsDepends - ok
11:58:38.0527 0x1770 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:58:38.0527 0x1770 Fs_Rec - ok
11:58:38.0612 0x1770 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:58:38.0612 0x1770 fvevol - ok
11:58:38.0675 0x1770 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
11:58:38.0675 0x1770 gagp30kx - ok
11:58:38.0728 0x1770 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\windows\System32\gpsvc.dll
11:58:38.0759 0x1770 gpsvc - ok
11:58:38.0861 0x1770 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:58:38.0865 0x1770 gupdate - ok
11:58:38.0905 0x1770 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:58:38.0908 0x1770 gupdatem - ok
11:58:38.0996 0x1770 [ C864875E87E6B790471516856FC1F5C2, 43CAC6ADD5FFEEE55CA03B04CC8DF6CA9A50ACFAC50739A8CA550F210EFF19C6 ] h36wgps C:\windows\system32\DRIVERS\h36wgps64.sys
11:58:38.0999 0x1770 h36wgps - ok
11:58:39.0024 0x1770 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
11:58:39.0025 0x1770 hcw85cir - ok
11:58:39.0068 0x1770 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:58:39.0077 0x1770 HdAudAddService - ok
11:58:39.0112 0x1770 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
11:58:39.0112 0x1770 HDAudBus - ok
11:58:39.0143 0x1770 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
11:58:39.0143 0x1770 HidBatt - ok
11:58:39.0159 0x1770 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
11:58:39.0159 0x1770 HidBth - ok
11:58:39.0194 0x1770 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
11:58:39.0194 0x1770 HidIr - ok
11:58:39.0210 0x1770 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
11:58:39.0210 0x1770 hidserv - ok
11:58:39.0257 0x1770 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
11:58:39.0257 0x1770 HidUsb - ok
11:58:39.0288 0x1770 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
11:58:39.0288 0x1770 hkmsvc - ok
11:58:39.0345 0x1770 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:58:39.0353 0x1770 HomeGroupListener - ok
11:58:39.0386 0x1770 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:58:39.0386 0x1770 HomeGroupProvider - ok
11:58:39.0449 0x1770 [ 02C2108111D9656A9729995D2219FB99, E0D5F714F79A6C6C2CA6CF11DA99DB51B44BDE635ADCF7FAD0E9650CC965ECB0 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
11:58:39.0449 0x1770 HP Power Assistant Service - ok
11:58:39.0571 0x1770 [ C5D2F308E1C12A5C328EF549696DBC05, 4BBDA3E0707854CC80FF8699A478D0D2AF18094B9F7EFB629B0CE4F890C44464 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
11:58:39.0605 0x1770 hpCMSrv - ok
11:58:39.0671 0x1770 [ A9FC4D7EA174BBF5A675B299FFAD80A2, C9272E0C20EABBAC6B68FC6CDEA7577426B1F3FCD9E619EBC87556A625EEF1A3 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
11:58:39.0674 0x1770 HPDayStarterService - ok
11:58:39.0771 0x1770 [ 9BFDA0BC109EB6D16F2CB862BB85E28C, 5D10865AFA5853D096C355949DA10851AD2B9AF7A8C671406E40D90979858702 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:58:39.0776 0x1770 HPDrvMntSvc.exe - ok
11:58:39.0829 0x1770 [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
11:58:39.0831 0x1770 hpdskflt - ok
11:58:39.0901 0x1770 [ F521A4D9F0D1618B9119EABC7E580370, 962DA975CCEB9370E93DB710E75169A9F0C90418C8F33B9C6357DBD73FE8C615 ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
11:58:39.0909 0x1770 HPFSService - ok
11:58:39.0961 0x1770 [ 9DCFDDECC54FC813E7C0C8EDF6E99E1C, 3BCCF8835224B6FF81794BF34277917BBDFE24CA6A575CAFCD55979C39B6BF3D ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
11:58:39.0961 0x1770 hpHotkeyMonitor - ok
11:58:40.0088 0x1770 [ 0E0E87820BB4431B176A00FB95B5503F, 91D35BEDEAEFA32F8B6A31318E70B954CFA1AFA74D02E3918FEF8135C82C57B3 ] hpqcaslwmiex C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
11:58:40.0104 0x1770 hpqcaslwmiex - ok
11:58:40.0160 0x1770 [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
11:58:40.0161 0x1770 HpqKbFiltr - ok
11:58:40.0232 0x1770 [ 514455F6586473791C5C6B25BA4E1BAB, 0C2CAE8F35241F1B936C502AAB7C9303C643D898BAB1D060FCA1E6B3A7D9FDB9 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:58:40.0263 0x1770 hpqwmiex - ok
11:58:40.0313 0x1770 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:58:40.0316 0x1770 HpSAMD - ok
11:58:40.0349 0x1770 [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv C:\windows\system32\Hpservice.exe
11:58:40.0351 0x1770 hpsrv - ok
11:58:40.0458 0x1770 [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
11:58:40.0461 0x1770 HPSupportSolutionsFrameworkService - ok
11:58:40.0513 0x1770 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
11:58:40.0529 0x1770 HTTP - ok
11:58:40.0608 0x1770 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\windows\SysWOW64\drivers\HWiNFO64A.SYS
11:58:40.0608 0x1770 HWiNFO32 - ok
11:58:40.0655 0x1770 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:58:40.0655 0x1770 hwpolicy - ok
11:58:40.0748 0x1770 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
11:58:40.0748 0x1770 i8042prt - ok
11:58:40.0795 0x1770 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
11:58:40.0813 0x1770 iaStor - ok
11:58:40.0875 0x1770 [ 117FF657E0D9BBD61B5C3E71E63D3919, F8AD1C861F018754A9BF348C9F1D6503854ED9D7DEEBF40E6B4E2FEA9FC6E56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:58:40.0891 0x1770 IAStorDataMgrSvc - ok
11:58:40.0937 0x1770 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:58:40.0953 0x1770 iaStorV - ok
11:58:41.0016 0x1770 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:58:41.0032 0x1770 idsvc - ok
11:58:41.0081 0x1770 IEEtwCollectorService - ok
11:58:41.0228 0x1770 [ 0882CBC3A8F9EB4D26E1B77AC98CE8BB, 1F3A6B7456DEA52303966AD634C9FC13832A585A10832A59AF5E8F27735A62C8 ] iFunSoftUpdaterSvc C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe
11:58:41.0306 0x1770 iFunSoftUpdaterSvc - ok
11:58:41.0376 0x1770 [ D59429259F82924E4D3B90C0F0FF7144, 00A086678EBB4A9DE6891C5284F4B4FC90E2164EEA308364BCBBC27B323ED025 ] IFXSpMgtSrv c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
11:58:41.0398 0x1770 IFXSpMgtSrv - ok
11:58:41.0438 0x1770 [ 0D1BFD3318674D0D6E9465936D7CC17F, 4BEFF43B55A44D6ED8884876D49271B15EE5273885FF0B074994FAF45F99CD12 ] IFXTCS c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
11:58:41.0469 0x1770 IFXTCS - ok
11:58:41.0678 0x1770 [ 0245CD3AE14CACF6E2503C42019431D7, 87D2E1ACD3CC0B1C3F713EB5E0C6C510B386EC142AC7554B2043396305626C96 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
11:58:41.0810 0x1770 igfx - ok
11:58:41.0852 0x1770 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
11:58:41.0854 0x1770 iirsp - ok
11:58:41.0916 0x1770 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
11:58:41.0946 0x1770 IKEEXT - ok
11:58:42.0016 0x1770 [ 8AEEE0F4D210B61F917CFEA9653973C4, F09389C2A3E1DED402C08BF1A30BD79A342B0E55AD4996CF2E5189A004E6E62F ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
11:58:42.0030 0x1770 IntcDAud - ok
11:58:42.0056 0x1770 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
11:58:42.0057 0x1770 intelide - ok
11:58:42.0095 0x1770 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
11:58:42.0097 0x1770 intelppm - ok
11:58:42.0131 0x1770 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
11:58:42.0135 0x1770 IPBusEnum - ok
11:58:42.0161 0x1770 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:58:42.0176 0x1770 IpFilterDriver - ok
11:58:42.0225 0x1770 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:58:42.0241 0x1770 iphlpsvc - ok
11:58:42.0288 0x1770 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
11:58:42.0288 0x1770 IPMIDRV - ok
11:58:42.0322 0x1770 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:58:42.0326 0x1770 IPNAT - ok
11:58:42.0349 0x1770 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
11:58:42.0350 0x1770 IRENUM - ok
11:58:42.0371 0x1770 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
11:58:42.0373 0x1770 isapnp - ok
11:58:42.0411 0x1770 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
11:58:42.0411 0x1770 iScsiPrt - ok
11:58:42.0458 0x1770 [ 3B794CA0DE73790420DEBA3C759F1502, EEB5C5ECE4EBBD58A6EA93498615446C102EE4F73D7AD1987F751D2FE8325BB5 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
__________________


Alt 22.12.2016, 12:46   #3
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



2. Teil
11:58:42.0458 0x1770 jhi_service - ok
11:58:42.0523 0x1770 [ 7DABE2B788FF1EB32E38838EC189361E, F891810BFEEA5A94558EA3D22AEE42E3C4D761BB7F7A8C53100F6FF7C65C74AD ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
11:58:42.0523 0x1770 JMCR - ok
11:58:42.0554 0x1770 [ 1542F0B31DD7193EF8C0606C018E19AF, FD68909AD7A8C0D8C640C9505982CB66F454AE61BC4EACDA3D0190CFCC42A10A ] johci C:\windows\system32\DRIVERS\johci.sys
11:58:42.0554 0x1770 johci - ok
11:58:42.0576 0x1770 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
11:58:42.0576 0x1770 kbdclass - ok
11:58:42.0623 0x1770 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
11:58:42.0623 0x1770 kbdhid - ok
11:58:42.0654 0x1770 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso C:\windows\system32\lsass.exe
11:58:42.0654 0x1770 KeyIso - ok
11:58:42.0708 0x1770 [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:58:42.0711 0x1770 KSecDD - ok
11:58:42.0719 0x1770 [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:58:42.0719 0x1770 KSecPkg - ok
11:58:42.0766 0x1770 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
11:58:42.0766 0x1770 ksthunk - ok
11:58:42.0810 0x1770 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
11:58:42.0816 0x1770 KtmRm - ok
11:58:42.0878 0x1770 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
11:58:42.0878 0x1770 LanmanServer - ok
11:58:42.0941 0x1770 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:58:42.0956 0x1770 LanmanWorkstation - ok
11:58:43.0024 0x1770 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:58:43.0024 0x1770 LightScribeService - ok
11:58:43.0273 0x1770 [ C2BDC7EA68CAE9E9A088F77BAC88FB92, EBD7B98C00DD320DAAD39C15A8D9D49CB9F3691BF41F1553039F4060BAB29A24 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
11:58:43.0351 0x1770 LiveUpdateSvc - ok
11:58:43.0427 0x1770 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:58:43.0429 0x1770 lltdio - ok
11:58:43.0477 0x1770 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
11:58:43.0485 0x1770 lltdsvc - ok
11:58:43.0499 0x1770 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
11:58:43.0501 0x1770 lmhosts - ok
11:58:43.0569 0x1770 [ DE75F2EA497DA4B3A764D4EAC43135E9, D3F610AB375E8789DF8203BDE2E4D437BD5F0F91A22BA39DC518912A6A9AB7FD ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:58:43.0578 0x1770 LMS - ok
11:58:43.0624 0x1770 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
11:58:43.0627 0x1770 LSI_FC - ok
11:58:43.0647 0x1770 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
11:58:43.0652 0x1770 LSI_SAS - ok
11:58:43.0669 0x1770 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
11:58:43.0671 0x1770 LSI_SAS2 - ok
11:58:43.0690 0x1770 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
11:58:43.0695 0x1770 LSI_SCSI - ok
11:58:43.0720 0x1770 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
11:58:43.0723 0x1770 luafv - ok
11:58:43.0756 0x1770 [ 0845DA0BFF1AF5C57DE4DD97ACAF2FCD, 938314A64F0C9CF212EC932764DBACFACEA1FEBFD0B4865A40060EC50C65294C ] Mbm3CBus C:\windows\system32\DRIVERS\Mbm3CBus.sys
11:58:43.0766 0x1770 Mbm3CBus - ok
11:58:43.0818 0x1770 [ DB6FA599AA79324E287C4EAF6020DA37, F748F031056A563D062F72483284682771E709BE27C5F61F88210AA17AD38F22 ] Mbm3DevMt C:\windows\system32\DRIVERS\Mbm3DevMt.sys
11:58:43.0829 0x1770 Mbm3DevMt - ok
11:58:43.0868 0x1770 [ 2F71EDB697752D409B9983F0E1D88F70, 684CB2BB12D6326268D3C12FAC959D39BEFD0CC60FC6DF3A97F3B7222DC96057 ] Mbm3mdfl C:\windows\system32\DRIVERS\Mbm3mdfl.sys
11:58:43.0868 0x1770 Mbm3mdfl - ok
11:58:43.0884 0x1770 [ 21B412A36DE3CCFE4E13383B88CFC90C, 3DF6EA0FCE71C7B81E3B7EA9E6B5F4EFBC8A79E0BE29DE90C74DC898045012B5 ] Mbm3Mdm C:\windows\system32\DRIVERS\Mbm3Mdm.sys
11:58:43.0899 0x1770 Mbm3Mdm - ok
11:58:44.0075 0x1770 [ FDE6052CD5846863463828E61176C4DC, 6494F2450B2F32D71D2330C5FA41B3C554B969C7F621C38B7478A40E440D523F ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
11:58:44.0106 0x1770 McAfee Endpoint Encryption Agent - ok
11:58:44.0167 0x1770 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
11:58:44.0171 0x1770 Mcx2Svc - ok
11:58:44.0201 0x1770 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
11:58:44.0202 0x1770 megasas - ok
11:58:44.0221 0x1770 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
11:58:44.0227 0x1770 MegaSR - ok
11:58:44.0266 0x1770 [ 9042E630FE102F1A2436EE05857CD139, 96C855824E46E2863EBC4A70FC195A14BD9FDD35107358B83D6C3CD01C522F3C ] MEIx64 C:\windows\system32\DRIVERS\TeeDriverx64.sys
11:58:44.0270 0x1770 MEIx64 - ok
11:58:44.0412 0x1770 [ 4ED2FB4C002D7147C40C37EC9617BEAF, 1CEC51DAD293F769E15254E870179A60C6874DA4268416AE99A2A0980760B8D6 ] MfeEpeOpal C:\windows\system32\drivers\MfeEpeOpal.sys
11:58:44.0416 0x1770 MfeEpeOpal - ok
11:58:44.0462 0x1770 [ CECEA4A76F776AE0B709093822C99AD5, 03A86246E968C3DE7C718B1F674C1A5EC43DDFC673A85E9C4E36FAA2D259FE92 ] MfeEpePc C:\windows\system32\drivers\MfeEpePc.sys
11:58:44.0466 0x1770 MfeEpePc - ok
11:58:44.0511 0x1770 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
11:58:44.0514 0x1770 MMCSS - ok
11:58:44.0549 0x1770 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
11:58:44.0551 0x1770 Modem - ok
11:58:44.0577 0x1770 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
11:58:44.0579 0x1770 monitor - ok
11:58:44.0609 0x1770 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
11:58:44.0613 0x1770 mouclass - ok
11:58:44.0651 0x1770 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
11:58:44.0652 0x1770 mouhid - ok
11:58:44.0711 0x1770 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:58:44.0711 0x1770 mountmgr - ok
11:58:44.0791 0x1770 [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:58:44.0791 0x1770 MozillaMaintenance - ok
11:58:44.0838 0x1770 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
11:58:44.0838 0x1770 mpio - ok
11:58:44.0870 0x1770 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:58:44.0873 0x1770 mpsdrv - ok
11:58:44.0918 0x1770 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
11:58:44.0949 0x1770 MpsSvc - ok
11:58:44.0982 0x1770 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:58:44.0998 0x1770 MRxDAV - ok
11:58:45.0029 0x1770 [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:58:45.0045 0x1770 mrxsmb - ok
11:58:45.0092 0x1770 [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:58:45.0092 0x1770 mrxsmb10 - ok
11:58:45.0123 0x1770 [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:58:45.0123 0x1770 mrxsmb20 - ok
11:58:45.0181 0x1770 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
11:58:45.0183 0x1770 msahci - ok
11:58:45.0215 0x1770 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
11:58:45.0219 0x1770 msdsm - ok
11:58:45.0238 0x1770 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
11:58:45.0243 0x1770 MSDTC - ok
11:58:45.0282 0x1770 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
11:58:45.0284 0x1770 Msfs - ok
11:58:45.0298 0x1770 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:58:45.0299 0x1770 mshidkmdf - ok
11:58:45.0317 0x1770 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:58:45.0319 0x1770 msisadrv - ok
11:58:45.0355 0x1770 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:58:45.0360 0x1770 MSiSCSI - ok
11:58:45.0365 0x1770 msiserver - ok
11:58:45.0397 0x1770 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:58:45.0398 0x1770 MSKSSRV - ok
11:58:45.0414 0x1770 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:58:45.0416 0x1770 MSPCLOCK - ok
11:58:45.0428 0x1770 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:58:45.0429 0x1770 MSPQM - ok
11:58:45.0479 0x1770 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:58:45.0488 0x1770 MsRPC - ok
11:58:45.0528 0x1770 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
11:58:45.0528 0x1770 mssmbios - ok
11:58:45.0543 0x1770 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:58:45.0543 0x1770 MSTEE - ok
11:58:45.0559 0x1770 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
11:58:45.0559 0x1770 MTConfig - ok
11:58:45.0579 0x1770 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
11:58:45.0579 0x1770 Mup - ok
11:58:45.0642 0x1770 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
11:58:45.0642 0x1770 napagent - ok
11:58:45.0689 0x1770 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:58:45.0689 0x1770 NativeWifiP - ok
11:58:45.0763 0x1770 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\windows\system32\drivers\ndis.sys
11:58:45.0779 0x1770 NDIS - ok
11:58:45.0810 0x1770 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:58:45.0810 0x1770 NdisCap - ok
11:58:45.0841 0x1770 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:58:45.0841 0x1770 NdisTapi - ok
11:58:45.0872 0x1770 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:58:45.0872 0x1770 Ndisuio - ok
11:58:45.0919 0x1770 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:58:45.0935 0x1770 NdisWan - ok
11:58:45.0966 0x1770 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:58:45.0966 0x1770 NDProxy - ok
11:58:46.0030 0x1770 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:58:46.0030 0x1770 NetBIOS - ok
11:58:46.0077 0x1770 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:58:46.0077 0x1770 NetBT - ok
11:58:46.0093 0x1770 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon C:\windows\system32\lsass.exe
11:58:46.0108 0x1770 Netlogon - ok
11:58:46.0155 0x1770 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
11:58:46.0155 0x1770 Netman - ok
11:58:46.0218 0x1770 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:58:46.0250 0x1770 NetMsmqActivator - ok
11:58:46.0265 0x1770 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:58:46.0265 0x1770 NetPipeActivator - ok
11:58:46.0296 0x1770 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
11:58:46.0296 0x1770 netprofm - ok
11:58:46.0312 0x1770 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:58:46.0312 0x1770 NetTcpActivator - ok
11:58:46.0312 0x1770 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:58:46.0328 0x1770 NetTcpPortSharing - ok
11:58:46.0343 0x1770 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
11:58:46.0343 0x1770 nfrd960 - ok
11:58:46.0390 0x1770 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
11:58:46.0392 0x1770 NlaSvc - ok
11:58:46.0439 0x1770 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
11:58:46.0439 0x1770 Npfs - ok
11:58:46.0471 0x1770 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
11:58:46.0471 0x1770 nsi - ok
11:58:46.0487 0x1770 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:58:46.0487 0x1770 nsiproxy - ok
11:58:46.0577 0x1770 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:58:46.0678 0x1770 Ntfs - ok
11:58:46.0709 0x1770 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
11:58:46.0709 0x1770 Null - ok
11:58:46.0771 0x1770 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:58:46.0771 0x1770 nvraid - ok
11:58:46.0802 0x1770 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:58:46.0818 0x1770 nvstor - ok
11:58:46.0849 0x1770 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:58:46.0849 0x1770 nv_agp - ok
11:58:46.0865 0x1770 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
11:58:46.0865 0x1770 ohci1394 - ok
11:58:46.0929 0x1770 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:58:46.0929 0x1770 ose - ok
11:58:47.0150 0x1770 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:58:47.0283 0x1770 osppsvc - ok
11:58:47.0330 0x1770 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:58:47.0346 0x1770 p2pimsvc - ok
11:58:47.0361 0x1770 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
11:58:47.0387 0x1770 p2psvc - ok
11:58:47.0402 0x1770 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
11:58:47.0402 0x1770 Parport - ok
11:58:47.0434 0x1770 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
11:58:47.0434 0x1770 partmgr - ok
11:58:47.0473 0x1770 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\windows\System32\pcasvc.dll
11:58:47.0479 0x1770 PcaSvc - ok
11:58:47.0499 0x1770 pccsmcfd - ok
11:58:47.0546 0x1770 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
11:58:47.0546 0x1770 pci - ok
11:58:47.0597 0x1770 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
11:58:47.0597 0x1770 pciide - ok
11:58:47.0629 0x1770 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
11:58:47.0629 0x1770 pcmcia - ok
11:58:47.0660 0x1770 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
11:58:47.0660 0x1770 pcw - ok
11:58:47.0707 0x1770 [ 8F924F00F2F81422FD7C340FDA0E00D8, BCB4AD154FB54C878D53E046C4238EEF52B38E0C14157D120FDCF8F9E98679B4 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
11:58:47.0722 0x1770 PdiService - ok
11:58:47.0753 0x1770 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:58:47.0769 0x1770 PEAUTH - ok
11:58:47.0848 0x1770 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
11:58:47.0879 0x1770 PeerDistSvc - ok
11:58:47.0943 0x1770 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
11:58:47.0943 0x1770 PerfHost - ok
11:58:47.0991 0x1770 [ F20612DF7E12DE3A087D0F44CC545FB1, 2B5693B2C77B990362F69598B8FE3601065A34EEED8F829F35796B0148D797DB ] PersonalSecureDrive C:\windows\System32\drivers\psd.sys
11:58:47.0991 0x1770 PersonalSecureDrive - ok
11:58:48.0038 0x1770 [ F473D5D43FA7D5C657A3137C5171CB77, 26DA17A11FE042DE7818D44A2A53D01C0A4801FFD005815C71D5697808A686DD ] PersonalSecureDriveService c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
11:58:48.0054 0x1770 PersonalSecureDriveService - ok
11:58:48.0135 0x1770 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
11:58:48.0175 0x1770 pla - ok
11:58:48.0233 0x1770 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:58:48.0233 0x1770 PlugPlay - ok
11:58:48.0279 0x1770 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:58:48.0279 0x1770 PNRPAutoReg - ok
11:58:48.0295 0x1770 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:58:48.0311 0x1770 PNRPsvc - ok
11:58:48.0342 0x1770 [ 4C2985DAAF5859A670AE2AF478AF58C6, 3B62D04255FC9C9D46B76B740D9DEFB6F382ADB1C5D27948FABDE71E9F7CA768 ] Point64 C:\windows\system32\DRIVERS\point64.sys
11:58:48.0357 0x1770 Point64 - ok
11:58:48.0391 0x1770 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:58:48.0406 0x1770 PolicyAgent - ok
11:58:48.0453 0x1770 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
11:58:48.0453 0x1770 Power - ok
11:58:48.0484 0x1770 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:58:48.0484 0x1770 PptpMiniport - ok
11:58:48.0515 0x1770 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
11:58:48.0531 0x1770 Processor - ok
11:58:48.0566 0x1770 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
11:58:48.0571 0x1770 ProfSvc - ok
11:58:48.0634 0x1770 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\windows\system32\lsass.exe
11:58:48.0634 0x1770 ProtectedStorage - ok
11:58:48.0680 0x1770 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:58:48.0696 0x1770 Psched - ok
11:58:48.0728 0x1770 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
11:58:48.0744 0x1770 PxHlpa64 - ok
11:58:48.0808 0x1770 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
11:58:48.0839 0x1770 ql2300 - ok
11:58:48.0855 0x1770 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
11:58:48.0855 0x1770 ql40xx - ok
11:58:48.0888 0x1770 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
11:58:48.0888 0x1770 QWAVE - ok
11:58:48.0919 0x1770 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:58:48.0919 0x1770 QWAVEdrv - ok
11:58:48.0935 0x1770 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:58:48.0935 0x1770 RasAcd - ok
11:58:48.0971 0x1770 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:58:48.0971 0x1770 RasAgileVpn - ok
11:58:48.0987 0x1770 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
11:58:48.0987 0x1770 RasAuto - ok
11:58:49.0018 0x1770 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:58:49.0049 0x1770 Rasl2tp - ok
11:58:49.0096 0x1770 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
11:58:49.0112 0x1770 RasMan - ok
11:58:49.0145 0x1770 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:58:49.0148 0x1770 RasPppoe - ok
11:58:49.0200 0x1770 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:58:49.0201 0x1770 RasSstp - ok
11:58:49.0248 0x1770 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:58:49.0264 0x1770 rdbss - ok
11:58:49.0295 0x1770 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
11:58:49.0310 0x1770 rdpbus - ok
11:58:49.0342 0x1770 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
11:58:49.0342 0x1770 RDPCDD - ok
11:58:49.0373 0x1770 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\windows\system32\drivers\rdpdr.sys
11:58:49.0373 0x1770 RDPDR - ok
11:58:49.0388 0x1770 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
11:58:49.0389 0x1770 RDPENCDD - ok
11:58:49.0389 0x1770 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
11:58:49.0389 0x1770 RDPREFMP - ok
11:58:49.0500 0x1770 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:58:49.0500 0x1770 RdpVideoMiniport - ok
11:58:49.0531 0x1770 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:58:49.0531 0x1770 RDPWD - ok
11:58:49.0594 0x1770 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:58:49.0594 0x1770 rdyboost - ok
11:58:49.0641 0x1770 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
11:58:49.0641 0x1770 RemoteAccess - ok
11:58:49.0672 0x1770 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:58:49.0672 0x1770 RemoteRegistry - ok
11:58:49.0704 0x1770 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
11:58:49.0704 0x1770 RFCOMM - ok
11:58:49.0816 0x1770 [ 7566F7C551606D44479A5E22F3405B89, 5730373AA9137D5C35A7F97CEAA04EC22586D2DE09EB7D88A8DA69DF88209B2A ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:58:49.0847 0x1770 RoxMediaDB12OEM - ok
11:58:49.0878 0x1770 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:58:49.0894 0x1770 RpcEptMapper - ok
11:58:49.0925 0x1770 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
11:58:49.0925 0x1770 RpcLocator - ok
11:58:49.0971 0x1770 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\windows\system32\rpcss.dll
11:58:49.0978 0x1770 RpcSs - ok
11:58:50.0025 0x1770 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:58:50.0025 0x1770 rspndr - ok
11:58:50.0056 0x1770 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\windows\system32\drivers\vms3cap.sys
11:58:50.0056 0x1770 s3cap - ok
11:58:50.0087 0x1770 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs C:\windows\system32\lsass.exe
11:58:50.0087 0x1770 SamSs - ok
11:58:50.0120 0x1770 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:58:50.0120 0x1770 sbp2port - ok
11:58:50.0167 0x1770 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
11:58:50.0167 0x1770 SCardSvr - ok
11:58:50.0203 0x1770 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:58:50.0205 0x1770 scfilter - ok
11:58:50.0248 0x1770 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\windows\system32\schedsvc.dll
11:58:50.0279 0x1770 Schedule - ok
11:58:50.0311 0x1770 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
11:58:50.0311 0x1770 SCPolicySvc - ok
11:58:50.0374 0x1770 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\drivers\sdbus.sys
11:58:50.0374 0x1770 sdbus - ok
11:58:50.0425 0x1770 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
11:58:50.0425 0x1770 SDRSVC - ok
11:58:50.0471 0x1770 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
11:58:50.0471 0x1770 secdrv - ok
11:58:50.0529 0x1770 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\windows\system32\seclogon.dll
11:58:50.0532 0x1770 seclogon - ok
11:58:50.0567 0x1770 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
11:58:50.0570 0x1770 SENS - ok
11:58:50.0595 0x1770 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
11:58:50.0597 0x1770 SensrSvc - ok
11:58:50.0651 0x1770 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
11:58:50.0651 0x1770 Serenum - ok
11:58:50.0666 0x1770 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
11:58:50.0666 0x1770 Serial - ok
11:58:50.0698 0x1770 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
11:58:50.0698 0x1770 sermouse - ok
11:58:50.0760 0x1770 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
11:58:50.0760 0x1770 SessionEnv - ok
11:58:50.0808 0x1770 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
11:58:50.0808 0x1770 sffdisk - ok
11:58:50.0808 0x1770 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
11:58:50.0808 0x1770 sffp_mmc - ok
11:58:50.0823 0x1770 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
11:58:50.0823 0x1770 sffp_sd - ok
11:58:50.0840 0x1770 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
11:58:50.0840 0x1770 sfloppy - ok
11:58:50.0871 0x1770 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
11:58:50.0887 0x1770 SharedAccess - ok
11:58:50.0918 0x1770 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:58:50.0918 0x1770 ShellHWDetection - ok
11:58:50.0934 0x1770 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
11:58:50.0934 0x1770 SiSRaid2 - ok
11:58:50.0949 0x1770 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
11:58:50.0949 0x1770 SiSRaid4 - ok
11:58:50.0980 0x1770 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
11:58:50.0996 0x1770 Smb - ok
11:58:51.0027 0x1770 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:58:51.0027 0x1770 SNMPTRAP - ok
11:58:51.0168 0x1770 [ D3017AAE17B721BD7B987C3705E55097, 2D7D6D7EAEEE83D8E14A025D8B7956BAF0FB3E4C8C5CD2D59839973D3580FC87 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
11:58:51.0231 0x1770 SNP2UVC - ok
11:58:51.0247 0x1770 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
11:58:51.0262 0x1770 spldr - ok
11:58:51.0309 0x1770 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
11:58:51.0325 0x1770 Spooler - ok
11:58:51.0466 0x1770 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
11:58:51.0554 0x1770 sppsvc - ok
11:58:51.0602 0x1770 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
11:58:51.0602 0x1770 sppuinotify - ok
11:58:51.0633 0x1770 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\windows\system32\DRIVERS\srv.sys
11:58:51.0649 0x1770 srv - ok
11:58:51.0689 0x1770 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:58:51.0698 0x1770 srv2 - ok
11:58:51.0729 0x1770 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:58:51.0729 0x1770 srvnet - ok
11:58:51.0765 0x1770 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:58:51.0771 0x1770 SSDPSRV - ok
11:58:51.0792 0x1770 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
11:58:51.0792 0x1770 SstpSvc - ok
11:58:51.0839 0x1770 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
11:58:51.0839 0x1770 ssudmdm - ok
11:58:51.0965 0x1770 [ 897C1273B7D74E19DDA7EBF495BF0133, CF344C0ABB11FF1D4FFE09426A42F9C320985F83FC0472E64F92EAACBFAAEFE9 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
11:58:51.0972 0x1770 STacSV - ok
11:58:52.0000 0x1770 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
11:58:52.0000 0x1770 stexstor - ok
11:58:52.0047 0x1770 [ A883937A943DCE237B19E4A5558FCBE6, 5DC1D621CC246290CD575E394BDBDE962F1783D08ECA5411FF766406C5C4762F ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
11:58:52.0062 0x1770 STHDA - ok
11:58:52.0109 0x1770 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
11:58:52.0125 0x1770 stisvc - ok
11:58:52.0171 0x1770 [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:58:52.0171 0x1770 stllssvr - ok
11:58:52.0206 0x1770 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\windows\system32\drivers\vmstorfl.sys
11:58:52.0206 0x1770 storflt - ok
11:58:52.0252 0x1770 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\windows\system32\storsvc.dll
11:58:52.0252 0x1770 StorSvc - ok
11:58:52.0300 0x1770 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\windows\system32\drivers\storvsc.sys
11:58:52.0300 0x1770 storvsc - ok
11:58:52.0347 0x1770 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
11:58:52.0347 0x1770 swenum - ok
11:58:52.0396 0x1770 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
11:58:52.0411 0x1770 swprv - ok
11:58:52.0474 0x1770 [ ED4850932604FB562046ABA68DF2E681, EBAF1D6BEA7331E854F91080AAC485E5B2378F4C779406AE4F9FD78397A0B95F ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:58:52.0489 0x1770 SynTP - ok
11:58:52.0574 0x1770 [ EEB7BA1AEB32770866C4D64AB0678DA8, A366F1296D6A6348DF105C77C270035344F0B37A6D174B592DB79C8550A6777F ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
11:58:52.0744 0x1770 SynTPEnhService - ok
11:58:52.0840 0x1770 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\windows\system32\sysmain.dll
11:58:52.0887 0x1770 SysMain - ok
11:58:52.0918 0x1770 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
11:58:52.0918 0x1770 TabletInputService - ok
11:58:52.0950 0x1770 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
11:58:52.0950 0x1770 TapiSrv - ok
11:58:53.0030 0x1770 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:58:53.0076 0x1770 Tcpip - ok
11:58:53.0139 0x1770 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:58:53.0186 0x1770 TCPIP6 - ok
11:58:53.0217 0x1770 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:58:53.0217 0x1770 tcpipreg - ok
11:58:53.0264 0x1770 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
11:58:53.0264 0x1770 TDPIPE - ok
11:58:53.0296 0x1770 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
11:58:53.0296 0x1770 TDTCP - ok
11:58:53.0327 0x1770 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:58:53.0327 0x1770 tdx - ok
11:58:53.0374 0x1770 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
11:58:53.0374 0x1770 TermDD - ok
11:58:53.0422 0x1770 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
11:58:53.0437 0x1770 TermService - ok
11:58:53.0468 0x1770 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
11:58:53.0468 0x1770 Themes - ok
11:58:53.0519 0x1770 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
11:58:53.0522 0x1770 THREADORDER - ok
11:58:53.0572 0x1770 [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM C:\windows\system32\drivers\tpm.sys
11:58:53.0572 0x1770 TPM - ok
11:58:53.0588 0x1770 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
11:58:53.0603 0x1770 TrkWks - ok
11:58:53.0650 0x1770 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:58:53.0666 0x1770 TrustedInstaller - ok
11:58:53.0681 0x1770 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
11:58:53.0681 0x1770 tssecsrv - ok
11:58:53.0746 0x1770 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:58:53.0746 0x1770 TsUsbFlt - ok
11:58:53.0792 0x1770 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:58:53.0792 0x1770 tunnel - ok
11:58:53.0829 0x1770 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
11:58:53.0829 0x1770 uagp35 - ok
11:58:53.0939 0x1770 [ D5994AB5C2B2D72D6320A7004D52617C, 6F5BCDE29233EA43EA29223CAC91119123CE01F87B3228E5F6FBCB6C14A675DE ] uArcCapture C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
11:58:53.0939 0x1770 uArcCapture - ok
11:58:53.0990 0x1770 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:58:54.0005 0x1770 udfs - ok
11:58:54.0036 0x1770 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
11:58:54.0036 0x1770 UI0Detect - ok
11:58:54.0068 0x1770 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:58:54.0068 0x1770 uliagpkx - ok
11:58:54.0114 0x1770 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
11:58:54.0114 0x1770 umbus - ok
11:58:54.0146 0x1770 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
11:58:54.0146 0x1770 UmPass - ok
11:58:54.0193 0x1770 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\windows\System32\umrdp.dll
11:58:54.0193 0x1770 UmRdpService - ok
11:58:54.0334 0x1770 [ 2955A9ADBC618B6A09E3D3BECC3CCB3D, E4258A01E9DCF66F0E91A691DD0CDBF3E0EBB92D2B041CF63FC66B7991B9D6AD ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:58:54.0405 0x1770 UNS - ok
11:58:54.0452 0x1770 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
11:58:54.0468 0x1770 upnphost - ok
11:58:54.0516 0x1770 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
11:58:54.0517 0x1770 USBAAPL64 - ok
11:58:54.0550 0x1770 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\windows\system32\drivers\usbccgp.sys
11:58:54.0553 0x1770 usbccgp - ok
11:58:54.0588 0x1770 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
11:58:54.0588 0x1770 usbcir - ok
11:58:54.0635 0x1770 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
11:58:54.0650 0x1770 usbehci - ok
11:58:54.0732 0x1770 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\windows\system32\drivers\usbhub.sys
11:58:54.0740 0x1770 usbhub - ok
11:58:54.0778 0x1770 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\windows\system32\drivers\usbohci.sys
11:58:54.0778 0x1770 usbohci - ok
11:58:54.0811 0x1770 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
11:58:54.0811 0x1770 usbprint - ok
11:58:54.0842 0x1770 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
11:58:54.0858 0x1770 usbscan - ok
11:58:54.0921 0x1770 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\windows\system32\drivers\usbser.sys
11:58:54.0921 0x1770 usbser - ok
11:58:54.0968 0x1770 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
11:58:54.0968 0x1770 USBSTOR - ok
11:58:54.0986 0x1770 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
11:58:54.0986 0x1770 usbuhci - ok
11:58:55.0032 0x1770 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:58:55.0032 0x1770 usbvideo - ok
11:58:55.0064 0x1770 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
11:58:55.0064 0x1770 UxSms - ok
11:58:55.0110 0x1770 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc C:\windows\system32\lsass.exe
11:58:55.0126 0x1770 VaultSvc - ok
11:58:55.0253 0x1770 [ 48E21E9AAB80A25E3920DAA75A00CAA1, 8C577647A992AF8D0F86894166CE062824F9D4A260CAFDFCDE3D806F1F094888 ] vcsFPService C:\windows\system32\vcsFPService.exe
11:58:55.0331 0x1770 vcsFPService - ok
11:58:55.0378 0x1770 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:58:55.0393 0x1770 vdrvroot - ok
11:58:55.0443 0x1770 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
11:58:55.0459 0x1770 vds - ok
11:58:55.0491 0x1770 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
11:58:55.0491 0x1770 vga - ok
11:58:55.0506 0x1770 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
11:58:55.0506 0x1770 VgaSave - ok
11:58:55.0538 0x1770 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
11:58:55.0538 0x1770 vhdmp - ok
11:58:55.0588 0x1770 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
11:58:55.0588 0x1770 viaide - ok
11:58:55.0619 0x1770 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\windows\system32\drivers\vmbus.sys
11:58:55.0619 0x1770 vmbus - ok
11:58:55.0635 0x1770 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
11:58:55.0635 0x1770 VMBusHID - ok
11:58:55.0650 0x1770 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
11:58:55.0650 0x1770 volmgr - ok
11:58:55.0714 0x1770 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:58:55.0723 0x1770 volmgrx - ok
11:58:55.0729 0x1770 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
11:58:55.0744 0x1770 volsnap - ok
11:58:55.0792 0x1770 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys
11:58:55.0797 0x1770 vpcbus - ok
11:58:55.0832 0x1770 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys
11:58:55.0832 0x1770 vpcnfltr - ok
11:58:55.0879 0x1770 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys
11:58:55.0879 0x1770 vpcusb - ok
11:58:55.0926 0x1770 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys
11:58:55.0941 0x1770 vpcvmm - ok
11:58:55.0973 0x1770 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
11:58:55.0973 0x1770 vsmraid - ok
11:58:56.0051 0x1770 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
11:58:56.0098 0x1770 VSS - ok
11:58:56.0131 0x1770 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
11:58:56.0131 0x1770 vwifibus - ok
11:58:56.0162 0x1770 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:58:56.0162 0x1770 vwififlt - ok
11:58:56.0194 0x1770 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:58:56.0194 0x1770 vwifimp - ok
11:58:56.0241 0x1770 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
11:58:56.0241 0x1770 W32Time - ok
11:58:56.0272 0x1770 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
11:58:56.0272 0x1770 WacomPen - ok
11:58:56.0304 0x1770 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
11:58:56.0304 0x1770 WANARP - ok
11:58:56.0320 0x1770 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:58:56.0320 0x1770 Wanarpv6 - ok
11:58:56.0400 0x1770 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
11:58:56.0415 0x1770 WatAdminSvc - ok
11:58:56.0493 0x1770 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
11:58:56.0540 0x1770 wbengine - ok
11:58:56.0572 0x1770 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:58:56.0572 0x1770 WbioSrvc - ok
11:58:56.0619 0x1770 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
11:58:56.0634 0x1770 wcncsvc - ok
11:58:56.0650 0x1770 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:58:56.0650 0x1770 WcsPlugInService - ok
11:58:56.0681 0x1770 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
11:58:56.0681 0x1770 Wd - ok
11:58:56.0731 0x1770 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:58:56.0746 0x1770 Wdf01000 - ok
11:58:56.0796 0x1770 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
11:58:56.0812 0x1770 WdiServiceHost - ok
11:58:56.0812 0x1770 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
11:58:56.0812 0x1770 WdiSystemHost - ok
11:58:56.0843 0x1770 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\windows\System32\webclnt.dll
11:58:56.0843 0x1770 WebClient - ok
11:58:56.0890 0x1770 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
11:58:56.0890 0x1770 Wecsvc - ok
11:58:56.0921 0x1770 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
11:58:56.0921 0x1770 wercplsupport - ok
11:58:56.0952 0x1770 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
11:58:56.0952 0x1770 WerSvc - ok
11:58:56.0983 0x1770 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
11:58:56.0983 0x1770 WfpLwf - ok
11:58:57.0000 0x1770 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:58:57.0000 0x1770 WIMMount - ok
11:58:57.0031 0x1770 WinDefend - ok
11:58:57.0047 0x1770 WinHttpAutoProxySvc - ok
11:58:57.0094 0x1770 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:58:57.0094 0x1770 Winmgmt - ok
11:58:57.0190 0x1770 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\windows\system32\WsmSvc.dll
11:58:57.0237 0x1770 WinRM - ok
11:58:57.0303 0x1770 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\windows\system32\drivers\WinUsb.sys
11:58:57.0303 0x1770 WinUSB - ok
11:58:57.0372 0x1770 [ 6E5FE85FC15590EF509A6D217C65F9BE, C532E062F8B599FDC6FB42CAE17A9EF4E1591FE94A000CBC525CD7287047C088 ] WirelessKeyboardFilter C:\windows\system32\DRIVERS\WirelessKeyboardFilter.sys
11:58:57.0372 0x1770 WirelessKeyboardFilter - ok
11:58:57.0434 0x1770 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
11:58:57.0450 0x1770 Wlansvc - ok
11:58:57.0595 0x1770 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:58:57.0642 0x1770 wlidsvc - ok
11:58:57.0704 0x1770 [ 9E281477BF61B1CF77CE725851B144CE, C1A077F9416A9F9DAA1E6B848148091E65E518AF7E14024544026F7E74C8FDCE ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
11:58:57.0704 0x1770 wltrysvc - ok
11:58:57.0751 0x1770 WMCoreService - ok
11:58:57.0800 0x1770 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
11:58:57.0800 0x1770 WmiAcpi - ok
11:58:57.0847 0x1770 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:58:57.0847 0x1770 wmiApSrv - ok
11:58:57.0878 0x1770 WMPNetworkSvc - ok
11:58:57.0896 0x1770 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
11:58:57.0896 0x1770 WPCSvc - ok
11:58:57.0942 0x1770 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:58:57.0958 0x1770 WPDBusEnum - ok
11:58:57.0990 0x1770 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:58:57.0990 0x1770 ws2ifsl - ok
11:58:58.0006 0x1770 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
11:58:58.0021 0x1770 wscsvc - ok
11:58:58.0021 0x1770 WSearch - ok
11:58:58.0130 0x1770 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\windows\system32\wuaueng.dll
11:58:58.0195 0x1770 wuauserv - ok
11:58:58.0242 0x1770 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:58:58.0242 0x1770 WudfPf - ok
11:58:58.0257 0x1770 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
11:58:58.0257 0x1770 WUDFRd - ok
11:58:58.0273 0x1770 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:58:58.0273 0x1770 wudfsvc - ok
11:58:58.0320 0x1770 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
11:58:58.0335 0x1770 WwanSvc - ok
11:58:58.0392 0x1770 [ 498A41CE2B68D338C8D92F48B664DBBB, 30E6E7B9AA6F7FE5ACEBB4DD697D183B106742CA72AD7656A5A58A6B814922F0 ] WwanUsbServ C:\windows\system32\DRIVERS\WwanUsbMp64.sys
11:58:58.0398 0x1770 WwanUsbServ - ok
11:58:58.0436 0x1770 ================ Scan global ===============================
11:58:58.0467 0x1770 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
11:58:58.0498 0x1770 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\windows\system32\winsrv.dll
11:58:58.0514 0x1770 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\windows\system32\winsrv.dll
11:58:58.0545 0x1770 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
11:58:58.0603 0x1770 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
11:58:58.0619 0x1770 [ Global ] - ok
11:58:58.0619 0x1770 ================ Scan MBR ==================================
11:58:58.0634 0x1770 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:58:58.0855 0x1770 \Device\Harddisk0\DR0 - ok
11:58:58.0855 0x1770 ================ Scan VBR ==================================
11:58:58.0855 0x1770 [ B2AABAA086D1E67D2A3071FA1B71C7DB ] \Device\Harddisk0\DR0\Partition1
11:58:58.0855 0x1770 \Device\Harddisk0\DR0\Partition1 - ok
11:58:58.0855 0x1770 [ B73B97952040A4B256CC4C914D4A4277 ] \Device\Harddisk0\DR0\Partition2
11:58:58.0855 0x1770 \Device\Harddisk0\DR0\Partition2 - ok
11:58:58.0855 0x1770 [ B6A5F83E2996225976FF3193F6C87ED8 ] \Device\Harddisk0\DR0\Partition3
11:58:58.0855 0x1770 \Device\Harddisk0\DR0\Partition3 - ok
11:58:58.0871 0x1770 [ 2DCA2CD9DA7A2AC41D4B41FD8145D8D8 ] \Device\Harddisk0\DR0\Partition4
11:58:58.0872 0x1770 \Device\Harddisk0\DR0\Partition4 - ok
11:58:58.0872 0x1770 ================ Scan generic autorun ======================
11:58:58.0933 0x1770 [ B13D24EBC32B570F40CBEF8C6AAA08D5, 9F4DEF06A571E93447BFAF89AC315E5C832CCC32431B4EC451D1E09D161EA452 ] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
11:58:58.0933 0x1770 HPPowerAssistant - ok
11:58:59.0028 0x1770 [ 5F9C7AD30FD868228026D17AC44C5DC8, AE4739620E67A1830D0EEA9F3BB45D4DAE7EBB44FB06BD9AC874867AEFA3F419 ] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
11:58:59.0028 0x1770 MfeEpePcMonitor - ok
11:58:59.0476 0x1770 [ 92CD05E7C47A2C0A56864764B0021887, 0408B6A39A4D539A5103182466BDC5C477D666898D900F427504B15B03F791A6 ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
11:58:59.0872 0x1770 File Sanitizer - ok
11:58:59.0950 0x1770 [ 20E2FB1FF86FDEA6894F98AC31568396, B9F84A13BBEDF1D7033269B34E7F9B7B7BDC629AE60C2D6BE48853898E987F33 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
11:58:59.0966 0x1770 IAStorIcon - ok
11:59:00.0036 0x1770 [ D59429259F82924E4D3B90C0F0FF7144, 00A086678EBB4A9DE6891C5284F4B4FC90E2164EEA308364BCBBC27B323ED025 ] c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
11:59:00.0052 0x1770 IFXSPMGT - ok
11:59:00.0134 0x1770 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:59:00.0199 0x1770 Sidebar - ok
11:59:00.0246 0x1770 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:59:00.0246 0x1770 mctadmin - ok
11:59:00.0277 0x1770 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:59:00.0293 0x1770 Sidebar - ok
11:59:00.0309 0x1770 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:59:00.0309 0x1770 mctadmin - ok
11:59:00.0879 0x1770 [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
11:59:01.0368 0x1770 CCleaner Monitoring - ok
11:59:01.0543 0x1770 [ 2F7375F15747C26DE37A4097633E30C5, BA9BCEE1F4B9F00EBC9D3458F1E161A0EEAFDA6AFE05CCB5E7A4B02F812C571B ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
11:59:01.0620 0x1770 LightScribe Control Panel - ok
11:59:01.0635 0x1770 Waiting for KSN requests completion. In queue: 162
11:59:02.0677 0x1770 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.24.143 ), 0x41000 ( enabled : updated )
11:59:02.0692 0x1770 Win FW state via NFP2: enabled ( trusted )
11:59:02.0835 0x1770 ============================================================
11:59:02.0835 0x1770 Scan finished
11:59:02.0835 0x1770 ============================================================
11:59:02.0835 0x0750 Detected object count: 0
11:59:02.0835 0x0750 Actual detected object count: 0
12:05:37.0789 0x1820 ============================================================
12:05:37.0789 0x1820 Scan started
12:05:37.0789 0x1820 Mode: Manual; SigCheck; TDLFS;
12:05:37.0789 0x1820 ============================================================
12:05:37.0789 0x1820 KSN ping started
12:05:37.0867 0x1820 KSN ping finished: true
12:05:38.0117 0x1820 ================ Scan system memory ========================
12:05:38.0117 0x1820 System memory - ok
12:05:38.0117 0x1820 ================ Scan services =============================
12:05:38.0241 0x1820 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
12:05:38.0429 0x1820 1394ohci - ok
12:05:38.0460 0x1820 [ 899B7E724BF19F17978B6A37B864A277, F7D166DC5F7642D4B834B1E0D956929BA94F3E4D402989FC1A681A08FA1F86B6 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
12:05:38.0507 0x1820 Accelerometer - ok
12:05:38.0553 0x1820 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
12:05:38.0569 0x1820 ACPI - ok
12:05:38.0647 0x1820 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
12:05:38.0663 0x1820 AcpiPmi - ok
12:05:38.0725 0x1820 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:05:38.0741 0x1820 AdobeARMservice - ok
12:05:38.0881 0x1820 [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:05:38.0943 0x1820 AdobeFlashPlayerUpdateSvc - ok
12:05:38.0975 0x1820 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
12:05:38.0990 0x1820 adp94xx - ok
12:05:39.0006 0x1820 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
12:05:39.0021 0x1820 adpahci - ok
12:05:39.0037 0x1820 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
12:05:39.0053 0x1820 adpu320 - ok
12:05:39.0084 0x1820 AdvancedSystemCareService9 - ok
12:05:39.0115 0x1820 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
12:05:39.0131 0x1820 AeLookupSvc - ok
12:05:39.0224 0x1820 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
12:05:39.0224 0x1820 AESTFilters - ok
12:05:39.0271 0x1820 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\windows\system32\drivers\afd.sys
12:05:39.0302 0x1820 AFD - ok
12:05:39.0349 0x1820 [ 48008D4EA73C1058F36D323A644410D4, D0219AE0197BBD4C7BD75CD7564013B11497562F71C97918856B176942D86F65 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
12:05:39.0349 0x1820 AgereModemAudio - ok
12:05:39.0396 0x1820 [ DDF52C4C92D831A4CDB7788B37585E36, 604EB7E1F254A085364F652C41F560044439EA9B3D98EF0FEBC0B5AB8C6FFFC0 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
12:05:39.0443 0x1820 AgereSoftModem - ok
12:05:39.0474 0x1820 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
12:05:39.0489 0x1820 agp440 - ok
12:05:39.0521 0x1820 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
12:05:39.0536 0x1820 ALG - ok
12:05:39.0583 0x1820 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
12:05:39.0583 0x1820 aliide - ok
12:05:39.0583 0x1820 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
12:05:39.0599 0x1820 amdide - ok
12:05:39.0630 0x1820 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
12:05:39.0645 0x1820 AmdK8 - ok
12:05:39.0661 0x1820 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
12:05:39.0677 0x1820 AmdPPM - ok
12:05:39.0692 0x1820 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
12:05:39.0708 0x1820 amdsata - ok
12:05:39.0723 0x1820 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
12:05:39.0739 0x1820 amdsbs - ok
12:05:39.0770 0x1820 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
12:05:39.0770 0x1820 amdxata - ok
12:05:39.0879 0x1820 [ 98D7647EF729503A60EF870DA5C21D0D, 7E36E8E3D9D0BD940DC225E1DB7EFD90F76F7BE8DCAD9782255556C31D6FD476 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
12:05:39.0911 0x1820 AntiVirMailService - ok
12:05:39.0973 0x1820 [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:05:40.0004 0x1820 AntiVirSchedulerService - ok
12:05:40.0035 0x1820 [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:05:40.0051 0x1820 AntiVirService - ok
12:05:40.0113 0x1820 [ F2B26CD2305E917B1EA1BF49E0C59E31, 8CCE64C68B80D56C7604DB6ABD187F66C624462328F4886C607F0A46D8E9DE92 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:05:40.0160 0x1820 AntiVirWebService - ok
12:05:40.0207 0x1820 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\windows\system32\drivers\appid.sys
12:05:40.0207 0x1820 AppID - ok
12:05:40.0223 0x1820 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\windows\System32\appidsvc.dll
12:05:40.0238 0x1820 AppIDSvc - ok
12:05:40.0269 0x1820 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\windows\System32\appinfo.dll
12:05:40.0285 0x1820 Appinfo - ok
12:05:40.0332 0x1820 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\windows\System32\appmgmts.dll
12:05:40.0347 0x1820 AppMgmt - ok
12:05:40.0379 0x1820 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
12:05:40.0394 0x1820 arc - ok
12:05:40.0394 0x1820 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
12:05:40.0410 0x1820 arcsas - ok
12:05:40.0425 0x1820 [ 357635F16D28558C50870F4EF8AA4712, 80B579F0DCF1AC5607C692988B56CC62DEE1EF5BF3583B89006493F9DCE89CE9 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
12:05:40.0441 0x1820 ARCVCAM - ok
12:05:40.0441 0x1820 ASPI - ok
12:05:40.0550 0x1820 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:05:40.0550 0x1820 aspnet_state - ok
12:05:40.0597 0x1820 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
12:05:40.0613 0x1820 AsyncMac - ok
12:05:40.0691 0x1820 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
12:05:40.0691 0x1820 atapi - ok
12:05:40.0737 0x1820 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
12:05:40.0753 0x1820 AudioEndpointBuilder - ok
12:05:40.0784 0x1820 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\windows\System32\Audiosrv.dll
12:05:40.0800 0x1820 AudioSrv - ok
12:05:40.0862 0x1820 [ 8369A6E2611D2BA79871B655A650DE59, 101C8C660F0720CAF501EE108209C792933F6907B1A15321ADDE7C247BDA8211 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
12:05:40.0862 0x1820 avgntflt - ok
12:05:40.0925 0x1820 [ 5FEFD9961A750C395D3A6AD1985B05B2, 31C3B9EDE4C49ED433BE19CD6A1B74F54947FC1DCA3886A83A281F6E8CA02FF0 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
12:05:40.0940 0x1820 avipbb - ok
12:05:41.0003 0x1820 [ 14FCA1D1720A68C2D586940ABBE2DB3C, 274DB01CFD3024357602748FE36882ACE6BB3764A9FB62B2B40F9232B84A9B3E ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:05:41.0018 0x1820 Avira.ServiceHost - ok
12:05:41.0049 0x1820 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
12:05:41.0049 0x1820 avkmgr - ok
12:05:41.0096 0x1820 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\windows\system32\DRIVERS\avnetflt.sys
12:05:41.0112 0x1820 avnetflt - ok
12:05:41.0143 0x1820 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
12:05:41.0159 0x1820 AxInstSV - ok
12:05:41.0205 0x1820 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
12:05:41.0221 0x1820 b06bdrv - ok
12:05:41.0268 0x1820 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
12:05:41.0283 0x1820 b57nd60a - ok
12:05:41.0330 0x1820 [ CCABEAC61E8D8ADD9DA16E319ED6BF07, AD6D3ADC19108E2B95968174334367E12F2805E5517BC59896934690DE8FB948 ] BCM42RLY C:\windows\system32\drivers\BCM42RLY.sys
12:05:41.0330 0x1820 BCM42RLY - ok
12:05:41.0580 0x1820 [ E7AD23ADD42971350B3BD41A049DF09C, A262B0AFB5AA2BA145F81CABD3C4B14828DC04802A4DF21DF23D0FBDA1FDF231 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
12:05:41.0798 0x1820 BCM43XX - ok
12:05:41.0861 0x1820 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
12:05:41.0876 0x1820 BDESVC - ok
12:05:41.0892 0x1820 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
12:05:41.0923 0x1820 Beep - ok
12:05:41.0985 0x1820 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
12:05:42.0001 0x1820 BFE - ok
12:05:42.0079 0x1820 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
12:05:42.0126 0x1820 BITS - ok
12:05:42.0173 0x1820 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
12:05:42.0188 0x1820 blbdrive - ok
12:05:42.0219 0x1820 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\windows\system32\DRIVERS\bowser.sys
12:05:42.0235 0x1820 bowser - ok
12:05:42.0251 0x1820 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
12:05:42.0251 0x1820 BrFiltLo - ok
12:05:42.0266 0x1820 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
12:05:42.0282 0x1820 BrFiltUp - ok
12:05:42.0329 0x1820 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
12:05:42.0344 0x1820 Browser - ok
12:05:42.0375 0x1820 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
12:05:42.0391 0x1820 Brserid - ok
12:05:42.0407 0x1820 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
12:05:42.0422 0x1820 BrSerWdm - ok
12:05:42.0438 0x1820 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
12:05:42.0453 0x1820 BrUsbMdm - ok
12:05:42.0453 0x1820 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
12:05:42.0469 0x1820 BrUsbSer - ok
12:05:42.0500 0x1820 [ C50EBD8BE9DD1BED7E5B1C5AC2272DD7, F226FD295658566C10543BCA4AB6EC0862680ADD79BE4D97F0BD8E134822382A ] Btcsrusb C:\windows\system32\Drivers\btcusb.sys
12:05:42.0500 0x1820 Btcsrusb - ok
12:05:42.0547 0x1820 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
12:05:42.0563 0x1820 BthEnum - ok
12:05:42.0578 0x1820 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
12:05:42.0594 0x1820 BTHMODEM - ok
12:05:42.0609 0x1820 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
12:05:42.0625 0x1820 BthPan - ok
12:05:42.0672 0x1820 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
12:05:42.0687 0x1820 BTHPORT - ok
12:05:42.0734 0x1820 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
12:05:42.0781 0x1820 bthserv - ok
12:05:42.0812 0x1820 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
12:05:42.0828 0x1820 BTHUSB - ok
12:05:42.0875 0x1820 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\windows\system32\drivers\btwampfl.sys
12:05:42.0875 0x1820 btwampfl - ok
12:05:42.0890 0x1820 [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
12:05:42.0906 0x1820 btwaudio - ok
12:05:42.0921 0x1820 [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
12:05:42.0921 0x1820 btwavdt - ok
12:05:42.0999 0x1820 [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:05:43.0031 0x1820 btwdins - ok
12:05:43.0046 0x1820 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
12:05:43.0046 0x1820 btwl2cap - ok
12:05:43.0062 0x1820 [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
12:05:43.0062 0x1820 btwrchid - ok
12:05:43.0093 0x1820 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
12:05:43.0124 0x1820 cdfs - ok
12:05:43.0155 0x1820 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\drivers\cdrom.sys
12:05:43.0171 0x1820 cdrom - ok
12:05:43.0218 0x1820 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
12:05:43.0265 0x1820 CertPropSvc - ok
12:05:43.0296 0x1820 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
12:05:43.0311 0x1820 circlass - ok
12:05:43.0358 0x1820 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\windows\system32\CLFS.sys
12:05:43.0374 0x1820 CLFS - ok
12:05:43.0452 0x1820 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:05:43.0467 0x1820 clr_optimization_v2.0.50727_32 - ok
12:05:43.0499 0x1820 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:05:43.0514 0x1820 clr_optimization_v2.0.50727_64 - ok
12:05:43.0592 0x1820 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:05:43.0608 0x1820 clr_optimization_v4.0.30319_32 - ok
12:05:43.0623 0x1820 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:05:43.0639 0x1820 clr_optimization_v4.0.30319_64 - ok
12:05:43.0670 0x1820 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
12:05:43.0670 0x1820 CmBatt - ok
12:05:43.0701 0x1820 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
12:05:43.0701 0x1820 cmdide - ok
12:05:43.0748 0x1820 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\windows\system32\Drivers\cng.sys
12:05:43.0764 0x1820 CNG - ok
12:05:43.0811 0x1820 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
12:05:43.0811 0x1820 Compbatt - ok
12:05:43.0842 0x1820 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
12:05:43.0857 0x1820 CompositeBus - ok
12:05:43.0857 0x1820 COMSysApp - ok
12:05:43.0935 0x1820 [ 135162E5A8AF0C4BCEA4E559F5F49C07, B9F7846DF73617EBA9AC05C89130DFE71E2007FB108CCE5C7C179DF65055D93C ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
12:05:43.0951 0x1820 cphs - ok
12:05:43.0967 0x1820 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
12:05:43.0967 0x1820 crcdisk - ok
12:05:44.0013 0x1820 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\windows\system32\cryptsvc.dll
12:05:44.0029 0x1820 CryptSvc - ok
12:05:44.0060 0x1820 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\windows\system32\drivers\csc.sys
12:05:44.0091 0x1820 CSC - ok
12:05:44.0138 0x1820 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\windows\System32\cscsvc.dll
12:05:44.0154 0x1820 CscService - ok
12:05:44.0185 0x1820 [ 2E3374F9F0B5A3247B779978980C24CB, 21DE1C89252703198E192C91DD41307851457FCC9E10EEB1B9AF03AAAB35AD78 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
12:05:44.0201 0x1820 DAMDrv - ok
12:05:44.0247 0x1820 [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
12:05:44.0263 0x1820 dc3d - ok
__________________

Alt 23.12.2016, 10:48   #4
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



3. Teil
12:05:44.0294 0x1820 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\windows\system32\rpcss.dll
12:05:44.0310 0x1820 DcomLaunch - ok
12:05:44.0357 0x1820 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
12:05:44.0388 0x1820 defragsvc - ok
12:05:44.0419 0x1820 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\windows\system32\Drivers\dfsc.sys
12:05:44.0435 0x1820 DfsC - ok
12:05:44.0466 0x1820 [ 0B3F6C8F93C5C25977EA5A8B2E656357, 1B1C8DA8592D2B892382E062017E60BF02B1B6642822039F21446DF01FAFDEE1 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
12:05:44.0481 0x1820 dg_ssudbus - ok
12:05:44.0513 0x1820 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
12:05:44.0528 0x1820 Dhcp - ok
12:05:44.0591 0x1820 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\windows\system32\diagtrack.dll
12:05:44.0637 0x1820 DiagTrack - ok
12:05:44.0669 0x1820 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
12:05:44.0715 0x1820 discache - ok
12:05:44.0747 0x1820 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\windows\system32\drivers\disk.sys
12:05:44.0762 0x1820 Disk - ok
12:05:44.0793 0x1820 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
12:05:44.0809 0x1820 Dnscache - ok
12:05:44.0856 0x1820 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
12:05:44.0887 0x1820 dot3svc - ok
12:05:44.0981 0x1820 [ 6AFFDBFB153C9079BE33047A692676E2, 1678EA7E6B69DFF2E736D8C009D66B1BBA21F4140F7CA3D8FDBA683655094850 ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
12:05:44.0996 0x1820 DpHost - ok
12:05:45.0043 0x1820 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
12:05:45.0074 0x1820 DPS - ok
12:05:45.0105 0x1820 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
12:05:45.0105 0x1820 drmkaud - ok
12:05:45.0152 0x1820 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
12:05:45.0199 0x1820 DXGKrnl - ok
12:05:45.0246 0x1820 [ 23B6F8081F5C7AF1343810641EE0DD58, 571EF6BC76C062AF0FC696213638831EBC90B056B353AD440B01CA17E0D5B1B7 ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys
12:05:45.0277 0x1820 e1cexpress - ok
12:05:45.0308 0x1820 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
12:05:45.0355 0x1820 EapHost - ok
12:05:45.0464 0x1820 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
12:05:45.0558 0x1820 ebdrv - ok
12:05:45.0605 0x1820 [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis C:\windows\system32\Drivers\wwuss64.sys
12:05:45.0605 0x1820 ecnssndis - ok
12:05:45.0620 0x1820 [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr C:\windows\system32\Drivers\wwussf64.sys
12:05:45.0620 0x1820 ecnssndisfltr - ok
12:05:45.0667 0x1820 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS C:\windows\System32\lsass.exe
12:05:45.0683 0x1820 EFS - ok
12:05:45.0761 0x1820 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
12:05:45.0792 0x1820 ehRecvr - ok
12:05:45.0823 0x1820 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
12:05:45.0839 0x1820 ehSched - ok
12:05:45.0885 0x1820 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
12:05:45.0901 0x1820 elxstor - ok
12:05:45.0932 0x1820 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
12:05:45.0948 0x1820 ErrDev - ok
12:05:45.0995 0x1820 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
12:05:46.0026 0x1820 EventSystem - ok
12:05:46.0057 0x1820 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
12:05:46.0104 0x1820 exfat - ok
12:05:46.0119 0x1820 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
12:05:46.0151 0x1820 fastfat - ok
12:05:46.0197 0x1820 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
12:05:46.0229 0x1820 Fax - ok
12:05:46.0291 0x1820 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
12:05:46.0307 0x1820 fdc - ok
12:05:46.0322 0x1820 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
12:05:46.0353 0x1820 fdPHost - ok
12:05:46.0385 0x1820 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
12:05:46.0400 0x1820 FDResPub - ok
12:05:46.0431 0x1820 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
12:05:46.0447 0x1820 FileInfo - ok
12:05:46.0463 0x1820 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
12:05:46.0509 0x1820 Filetrace - ok
12:05:46.0541 0x1820 [ 87B3E5C567509DDF3B124B16A6A3FBB7, BCF7CD822FD2C0DD8FB3DDCF682B0D26D73EE35D5F5F81643346F025A72A323B ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
12:05:46.0556 0x1820 FLCDLOCK - ok
12:05:46.0587 0x1820 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
12:05:46.0603 0x1820 flpydisk - ok
12:05:46.0634 0x1820 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
12:05:46.0650 0x1820 FltMgr - ok
12:05:46.0743 0x1820 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\windows\system32\FntCache.dll
12:05:46.0790 0x1820 FontCache - ok
12:05:46.0853 0x1820 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:05:46.0853 0x1820 FontCache3.0.0.0 - ok
12:05:46.0884 0x1820 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
12:05:46.0899 0x1820 FsDepends - ok
12:05:46.0915 0x1820 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
12:05:46.0931 0x1820 Fs_Rec - ok
12:05:46.0962 0x1820 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
12:05:46.0977 0x1820 fvevol - ok
12:05:47.0009 0x1820 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
12:05:47.0009 0x1820 gagp30kx - ok
12:05:47.0071 0x1820 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\windows\System32\gpsvc.dll
12:05:47.0102 0x1820 gpsvc - ok
12:05:47.0165 0x1820 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:47.0180 0x1820 gupdate - ok
12:05:47.0180 0x1820 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:47.0196 0x1820 gupdatem - ok
12:05:47.0243 0x1820 [ C864875E87E6B790471516856FC1F5C2, 43CAC6ADD5FFEEE55CA03B04CC8DF6CA9A50ACFAC50739A8CA550F210EFF19C6 ] h36wgps C:\windows\system32\DRIVERS\h36wgps64.sys
12:05:47.0243 0x1820 h36wgps - ok
12:05:47.0274 0x1820 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
12:05:47.0289 0x1820 hcw85cir - ok
12:05:47.0321 0x1820 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
12:05:47.0336 0x1820 HdAudAddService - ok
12:05:47.0367 0x1820 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
12:05:47.0383 0x1820 HDAudBus - ok
12:05:47.0399 0x1820 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
12:05:47.0414 0x1820 HidBatt - ok
12:05:47.0430 0x1820 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
12:05:47.0445 0x1820 HidBth - ok
12:05:47.0461 0x1820 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
12:05:47.0477 0x1820 HidIr - ok
12:05:47.0508 0x1820 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
12:05:47.0539 0x1820 hidserv - ok
12:05:47.0586 0x1820 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
12:05:47.0586 0x1820 HidUsb - ok
12:05:47.0617 0x1820 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
12:05:47.0648 0x1820 hkmsvc - ok
12:05:47.0695 0x1820 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
12:05:47.0711 0x1820 HomeGroupListener - ok
12:05:47.0757 0x1820 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
12:05:47.0773 0x1820 HomeGroupProvider - ok
12:05:47.0820 0x1820 [ 02C2108111D9656A9729995D2219FB99, E0D5F714F79A6C6C2CA6CF11DA99DB51B44BDE635ADCF7FAD0E9650CC965ECB0 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
12:05:47.0835 0x1820 HP Power Assistant Service - ok
12:05:47.0913 0x1820 [ C5D2F308E1C12A5C328EF549696DBC05, 4BBDA3E0707854CC80FF8699A478D0D2AF18094B9F7EFB629B0CE4F890C44464 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
12:05:47.0960 0x1820 hpCMSrv - ok
12:05:48.0038 0x1820 [ A9FC4D7EA174BBF5A675B299FFAD80A2, C9272E0C20EABBAC6B68FC6CDEA7577426B1F3FCD9E619EBC87556A625EEF1A3 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
12:05:48.0054 0x1820 HPDayStarterService - ok
12:05:48.0101 0x1820 [ 9BFDA0BC109EB6D16F2CB862BB85E28C, 5D10865AFA5853D096C355949DA10851AD2B9AF7A8C671406E40D90979858702 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:05:48.0116 0x1820 HPDrvMntSvc.exe - ok
12:05:48.0163 0x1820 [ D104FF402FC3DDB686E6DEF00334DB26, 6CCE56587C02ECE474C6BF959C4A6F752A1FF0B718FBE8EE4FD9755313A207C1 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
12:05:48.0163 0x1820 hpdskflt - ok
12:05:48.0225 0x1820 [ F521A4D9F0D1618B9119EABC7E580370, 962DA975CCEB9370E93DB710E75169A9F0C90418C8F33B9C6357DBD73FE8C615 ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
12:05:48.0225 0x1820 HPFSService - detected UnsignedFile.Multi.Generic ( 1 )
12:05:48.0225 0x1820 Detect skipped due to KSN trusted
12:05:48.0225 0x1820 HPFSService - ok
12:05:48.0272 0x1820 [ 9DCFDDECC54FC813E7C0C8EDF6E99E1C, 3BCCF8835224B6FF81794BF34277917BBDFE24CA6A575CAFCD55979C39B6BF3D ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
12:05:48.0288 0x1820 hpHotkeyMonitor - ok
12:05:48.0366 0x1820 [ 0E0E87820BB4431B176A00FB95B5503F, 91D35BEDEAEFA32F8B6A31318E70B954CFA1AFA74D02E3918FEF8135C82C57B3 ] hpqcaslwmiex C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
12:05:48.0413 0x1820 hpqcaslwmiex - ok
12:05:48.0444 0x1820 [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
12:05:48.0459 0x1820 HpqKbFiltr - ok
12:05:48.0537 0x1820 [ 514455F6586473791C5C6B25BA4E1BAB, 0C2CAE8F35241F1B936C502AAB7C9303C643D898BAB1D060FCA1E6B3A7D9FDB9 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:05:48.0584 0x1820 hpqwmiex - ok
12:05:48.0615 0x1820 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
12:05:48.0631 0x1820 HpSAMD - ok
12:05:48.0662 0x1820 [ 55FFCBB036D7BE4BCA6FA1421203A27F, 5BB865FC631390F59AF5F2452D4D2DA47E34A49E194C8010E942F5A2013F3895 ] hpsrv C:\windows\system32\Hpservice.exe
12:05:48.0662 0x1820 hpsrv - ok
12:05:48.0756 0x1820 [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
12:05:48.0756 0x1820 HPSupportSolutionsFrameworkService - ok
12:05:48.0818 0x1820 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
12:05:48.0849 0x1820 HTTP - ok
12:05:48.0912 0x1820 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\windows\SysWOW64\drivers\HWiNFO64A.SYS
12:05:48.0927 0x1820 HWiNFO32 - ok
12:05:48.0974 0x1820 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
12:05:48.0974 0x1820 hwpolicy - ok
12:05:49.0021 0x1820 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
12:05:49.0037 0x1820 i8042prt - ok
12:05:49.0068 0x1820 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
12:05:49.0083 0x1820 iaStor - ok
12:05:49.0161 0x1820 [ 117FF657E0D9BBD61B5C3E71E63D3919, F8AD1C861F018754A9BF348C9F1D6503854ED9D7DEEBF40E6B4E2FEA9FC6E56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:05:49.0161 0x1820 IAStorDataMgrSvc - ok
12:05:49.0208 0x1820 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
12:05:49.0224 0x1820 iaStorV - ok
12:05:49.0302 0x1820 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:05:49.0349 0x1820 idsvc - ok
12:05:49.0364 0x1820 IEEtwCollectorService - ok
12:05:49.0551 0x1820 [ 0882CBC3A8F9EB4D26E1B77AC98CE8BB, 1F3A6B7456DEA52303966AD634C9FC13832A585A10832A59AF5E8F27735A62C8 ] iFunSoftUpdaterSvc C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe
12:05:49.0645 0x1820 iFunSoftUpdaterSvc - ok
12:05:49.0739 0x1820 [ D59429259F82924E4D3B90C0F0FF7144, 00A086678EBB4A9DE6891C5284F4B4FC90E2164EEA308364BCBBC27B323ED025 ] IFXSpMgtSrv c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
12:05:49.0785 0x1820 IFXSpMgtSrv - ok
12:05:49.0832 0x1820 [ 0D1BFD3318674D0D6E9465936D7CC17F, 4BEFF43B55A44D6ED8884876D49271B15EE5273885FF0B074994FAF45F99CD12 ] IFXTCS c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
12:05:49.0879 0x1820 IFXTCS - ok
12:05:50.0113 0x1820 [ 0245CD3AE14CACF6E2503C42019431D7, 87D2E1ACD3CC0B1C3F713EB5E0C6C510B386EC142AC7554B2043396305626C96 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
12:05:50.0269 0x1820 igfx - ok
12:05:50.0316 0x1820 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
12:05:50.0331 0x1820 iirsp - ok
12:05:50.0409 0x1820 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
12:05:50.0456 0x1820 IKEEXT - ok
12:05:50.0487 0x1820 [ 8AEEE0F4D210B61F917CFEA9653973C4, F09389C2A3E1DED402C08BF1A30BD79A342B0E55AD4996CF2E5189A004E6E62F ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
12:05:50.0519 0x1820 IntcDAud - ok
12:05:50.0534 0x1820 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
12:05:50.0550 0x1820 intelide - ok
12:05:50.0597 0x1820 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
12:05:50.0612 0x1820 intelppm - ok
12:05:50.0643 0x1820 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
12:05:50.0675 0x1820 IPBusEnum - ok
12:05:50.0706 0x1820 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
12:05:50.0753 0x1820 IpFilterDriver - ok
12:05:50.0815 0x1820 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
12:05:50.0846 0x1820 iphlpsvc - ok
12:05:50.0877 0x1820 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
12:05:50.0893 0x1820 IPMIDRV - ok
12:05:50.0924 0x1820 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
12:05:50.0971 0x1820 IPNAT - ok
12:05:50.0987 0x1820 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
12:05:51.0002 0x1820 IRENUM - ok
12:05:51.0018 0x1820 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
12:05:51.0033 0x1820 isapnp - ok
12:05:51.0080 0x1820 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
12:05:51.0080 0x1820 iScsiPrt - ok
12:05:51.0143 0x1820 [ 3B794CA0DE73790420DEBA3C759F1502, EEB5C5ECE4EBBD58A6EA93498615446C102EE4F73D7AD1987F751D2FE8325BB5 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
12:05:51.0158 0x1820 jhi_service - ok
12:05:51.0221 0x1820 [ 7DABE2B788FF1EB32E38838EC189361E, F891810BFEEA5A94558EA3D22AEE42E3C4D761BB7F7A8C53100F6FF7C65C74AD ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
12:05:51.0236 0x1820 JMCR - ok
12:05:51.0267 0x1820 [ 1542F0B31DD7193EF8C0606C018E19AF, FD68909AD7A8C0D8C640C9505982CB66F454AE61BC4EACDA3D0190CFCC42A10A ] johci C:\windows\system32\DRIVERS\johci.sys
12:05:51.0267 0x1820 johci - ok
12:05:51.0299 0x1820 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
12:05:51.0314 0x1820 kbdclass - ok
12:05:51.0361 0x1820 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
12:05:51.0377 0x1820 kbdhid - ok
12:05:51.0439 0x1820 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso C:\windows\system32\lsass.exe
12:05:51.0439 0x1820 KeyIso - ok
12:05:51.0486 0x1820 [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
12:05:51.0501 0x1820 KSecDD - ok
12:05:51.0501 0x1820 [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
12:05:51.0517 0x1820 KSecPkg - ok
12:05:51.0564 0x1820 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
12:05:51.0595 0x1820 ksthunk - ok
12:05:51.0626 0x1820 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
12:05:51.0673 0x1820 KtmRm - ok
12:05:51.0720 0x1820 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
12:05:51.0751 0x1820 LanmanServer - ok
12:05:51.0798 0x1820 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
12:05:51.0845 0x1820 LanmanWorkstation - ok
12:05:51.0923 0x1820 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:05:51.0923 0x1820 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
12:05:51.0923 0x1820 Detect skipped due to KSN trusted
12:05:51.0923 0x1820 LightScribeService - ok
12:05:52.0157 0x1820 [ C2BDC7EA68CAE9E9A088F77BAC88FB92, EBD7B98C00DD320DAAD39C15A8D9D49CB9F3691BF41F1553039F4060BAB29A24 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
12:05:52.0297 0x1820 LiveUpdateSvc - ok
12:05:52.0328 0x1820 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
12:05:52.0359 0x1820 lltdio - ok
12:05:52.0391 0x1820 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
12:05:52.0437 0x1820 lltdsvc - ok
12:05:52.0515 0x1820 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
12:05:52.0547 0x1820 lmhosts - ok
12:05:52.0593 0x1820 [ DE75F2EA497DA4B3A764D4EAC43135E9, D3F610AB375E8789DF8203BDE2E4D437BD5F0F91A22BA39DC518912A6A9AB7FD ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:05:52.0609 0x1820 LMS - ok
12:05:52.0656 0x1820 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
12:05:52.0671 0x1820 LSI_FC - ok
12:05:52.0687 0x1820 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
12:05:52.0703 0x1820 LSI_SAS - ok
12:05:52.0718 0x1820 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
12:05:52.0718 0x1820 LSI_SAS2 - ok
12:05:52.0749 0x1820 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
12:05:52.0749 0x1820 LSI_SCSI - ok
12:05:52.0781 0x1820 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
12:05:52.0812 0x1820 luafv - ok
12:05:52.0859 0x1820 [ 0845DA0BFF1AF5C57DE4DD97ACAF2FCD, 938314A64F0C9CF212EC932764DBACFACEA1FEBFD0B4865A40060EC50C65294C ] Mbm3CBus C:\windows\system32\DRIVERS\Mbm3CBus.sys
12:05:52.0874 0x1820 Mbm3CBus - ok
12:05:52.0905 0x1820 [ DB6FA599AA79324E287C4EAF6020DA37, F748F031056A563D062F72483284682771E709BE27C5F61F88210AA17AD38F22 ] Mbm3DevMt C:\windows\system32\DRIVERS\Mbm3DevMt.sys
12:05:52.0921 0x1820 Mbm3DevMt - ok
12:05:52.0937 0x1820 [ 2F71EDB697752D409B9983F0E1D88F70, 684CB2BB12D6326268D3C12FAC959D39BEFD0CC60FC6DF3A97F3B7222DC96057 ] Mbm3mdfl C:\windows\system32\DRIVERS\Mbm3mdfl.sys
12:05:52.0937 0x1820 Mbm3mdfl - ok
12:05:52.0968 0x1820 [ 21B412A36DE3CCFE4E13383B88CFC90C, 3DF6EA0FCE71C7B81E3B7EA9E6B5F4EFBC8A79E0BE29DE90C74DC898045012B5 ] Mbm3Mdm C:\windows\system32\DRIVERS\Mbm3Mdm.sys
12:05:52.0983 0x1820 Mbm3Mdm - ok
12:05:53.0155 0x1820 [ FDE6052CD5846863463828E61176C4DC, 6494F2450B2F32D71D2330C5FA41B3C554B969C7F621C38B7478A40E440D523F ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
12:05:53.0221 0x1820 McAfee Endpoint Encryption Agent - detected UnsignedFile.Multi.Generic ( 1 )
12:05:53.0221 0x1820 Detect skipped due to KSN trusted
12:05:53.0221 0x1820 McAfee Endpoint Encryption Agent - ok
12:05:53.0268 0x1820 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
12:05:53.0284 0x1820 Mcx2Svc - ok
12:05:53.0315 0x1820 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
12:05:53.0315 0x1820 megasas - ok
12:05:53.0346 0x1820 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
12:05:53.0346 0x1820 MegaSR - ok
12:05:53.0377 0x1820 [ 9042E630FE102F1A2436EE05857CD139, 96C855824E46E2863EBC4A70FC195A14BD9FDD35107358B83D6C3CD01C522F3C ] MEIx64 C:\windows\system32\DRIVERS\TeeDriverx64.sys
12:05:53.0393 0x1820 MEIx64 - ok
12:05:53.0409 0x1820 [ 4ED2FB4C002D7147C40C37EC9617BEAF, 1CEC51DAD293F769E15254E870179A60C6874DA4268416AE99A2A0980760B8D6 ] MfeEpeOpal C:\windows\system32\drivers\MfeEpeOpal.sys
12:05:53.0409 0x1820 MfeEpeOpal - ok
12:05:53.0440 0x1820 [ CECEA4A76F776AE0B709093822C99AD5, 03A86246E968C3DE7C718B1F674C1A5EC43DDFC673A85E9C4E36FAA2D259FE92 ] MfeEpePc C:\windows\system32\drivers\MfeEpePc.sys
12:05:53.0455 0x1820 MfeEpePc - ok
12:05:53.0502 0x1820 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
12:05:53.0533 0x1820 MMCSS - ok
12:05:53.0565 0x1820 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
12:05:53.0596 0x1820 Modem - ok
12:05:53.0596 0x1820 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
12:05:53.0611 0x1820 monitor - ok
12:05:53.0643 0x1820 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
12:05:53.0643 0x1820 mouclass - ok
12:05:53.0674 0x1820 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
12:05:53.0674 0x1820 mouhid - ok
12:05:53.0705 0x1820 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
12:05:53.0721 0x1820 mountmgr - ok
12:05:53.0767 0x1820 [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:05:53.0783 0x1820 MozillaMaintenance - ok
12:05:53.0814 0x1820 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
12:05:53.0830 0x1820 mpio - ok
12:05:53.0861 0x1820 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
12:05:53.0908 0x1820 mpsdrv - ok
12:05:53.0955 0x1820 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
12:05:54.0001 0x1820 MpsSvc - ok
12:05:54.0033 0x1820 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
12:05:54.0048 0x1820 MRxDAV - ok
12:05:54.0095 0x1820 [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
12:05:54.0111 0x1820 mrxsmb - ok
12:05:54.0128 0x1820 [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
12:05:54.0144 0x1820 mrxsmb10 - ok
12:05:54.0159 0x1820 [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
12:05:54.0175 0x1820 mrxsmb20 - ok
12:05:54.0222 0x1820 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
12:05:54.0222 0x1820 msahci - ok
12:05:54.0253 0x1820 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
12:05:54.0253 0x1820 msdsm - ok
12:05:54.0284 0x1820 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
12:05:54.0300 0x1820 MSDTC - ok
12:05:54.0331 0x1820 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
12:05:54.0393 0x1820 Msfs - ok
12:05:54.0409 0x1820 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
12:05:54.0440 0x1820 mshidkmdf - ok
12:05:54.0456 0x1820 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
12:05:54.0471 0x1820 msisadrv - ok
12:05:54.0503 0x1820 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
12:05:54.0549 0x1820 MSiSCSI - ok
12:05:54.0549 0x1820 msiserver - ok
12:05:54.0549 0x1820 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
12:05:54.0596 0x1820 MSKSSRV - ok
12:05:54.0627 0x1820 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
12:05:54.0659 0x1820 MSPCLOCK - ok
12:05:54.0674 0x1820 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
12:05:54.0705 0x1820 MSPQM - ok
12:05:54.0752 0x1820 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
12:05:54.0768 0x1820 MsRPC - ok
12:05:54.0815 0x1820 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
12:05:54.0830 0x1820 mssmbios - ok
12:05:54.0846 0x1820 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
12:05:54.0877 0x1820 MSTEE - ok
12:05:54.0908 0x1820 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
12:05:54.0908 0x1820 MTConfig - ok
12:05:54.0939 0x1820 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
12:05:54.0939 0x1820 Mup - ok
12:05:55.0002 0x1820 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
12:05:55.0049 0x1820 napagent - ok
12:05:55.0095 0x1820 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
12:05:55.0111 0x1820 NativeWifiP - ok
12:05:55.0173 0x1820 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\windows\system32\drivers\ndis.sys
12:05:55.0205 0x1820 NDIS - ok
12:05:55.0251 0x1820 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
12:05:55.0283 0x1820 NdisCap - ok
12:05:55.0298 0x1820 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
12:05:55.0345 0x1820 NdisTapi - ok
12:05:55.0392 0x1820 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
12:05:55.0423 0x1820 Ndisuio - ok
12:05:55.0454 0x1820 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
12:05:55.0485 0x1820 NdisWan - ok
12:05:55.0532 0x1820 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
12:05:55.0563 0x1820 NDProxy - ok
12:05:55.0579 0x1820 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
12:05:55.0626 0x1820 NetBIOS - ok
12:05:55.0657 0x1820 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\windows\system32\DRIVERS\netbt.sys
12:05:55.0673 0x1820 NetBT - ok
12:05:55.0704 0x1820 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon C:\windows\system32\lsass.exe
12:05:55.0719 0x1820 Netlogon - ok
12:05:55.0766 0x1820 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
12:05:55.0813 0x1820 Netman - ok
12:05:55.0875 0x1820 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:55.0875 0x1820 NetMsmqActivator - ok
12:05:55.0891 0x1820 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:55.0907 0x1820 NetPipeActivator - ok
12:05:55.0938 0x1820 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
12:05:55.0985 0x1820 netprofm - ok
12:05:55.0985 0x1820 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:56.0000 0x1820 NetTcpActivator - ok
12:05:56.0016 0x1820 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:56.0031 0x1820 NetTcpPortSharing - ok
12:05:56.0094 0x1820 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
12:05:56.0109 0x1820 nfrd960 - ok
12:05:56.0156 0x1820 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
12:05:56.0172 0x1820 NlaSvc - ok
12:05:56.0203 0x1820 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
12:05:56.0250 0x1820 Npfs - ok
12:05:56.0265 0x1820 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
12:05:56.0297 0x1820 nsi - ok
12:05:56.0312 0x1820 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
12:05:56.0343 0x1820 nsiproxy - ok
12:05:56.0406 0x1820 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
12:05:56.0468 0x1820 Ntfs - ok
12:05:56.0506 0x1820 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
12:05:56.0538 0x1820 Null - ok
12:05:56.0567 0x1820 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
12:05:56.0581 0x1820 nvraid - ok
12:05:56.0608 0x1820 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
12:05:56.0609 0x1820 nvstor - ok
12:05:56.0656 0x1820 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
12:05:56.0671 0x1820 nv_agp - ok
12:05:56.0687 0x1820 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
12:05:56.0718 0x1820 ohci1394 - ok
12:05:56.0765 0x1820 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:05:56.0765 0x1820 ose - ok
12:05:57.0014 0x1820 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:05:57.0139 0x1820 osppsvc - ok
12:05:57.0202 0x1820 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
12:05:57.0227 0x1820 p2pimsvc - ok
12:05:57.0275 0x1820 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
12:05:57.0301 0x1820 p2psvc - ok
12:05:57.0320 0x1820 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
12:05:57.0344 0x1820 Parport - ok
12:05:57.0378 0x1820 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
12:05:57.0394 0x1820 partmgr - ok
12:05:57.0424 0x1820 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\windows\System32\pcasvc.dll
12:05:57.0442 0x1820 PcaSvc - ok
12:05:57.0448 0x1820 pccsmcfd - ok
12:05:57.0488 0x1820 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
12:05:57.0506 0x1820 pci - ok
12:05:57.0551 0x1820 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
12:05:57.0563 0x1820 pciide - ok
12:05:57.0587 0x1820 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
12:05:57.0603 0x1820 pcmcia - ok
12:05:57.0625 0x1820 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
12:05:57.0625 0x1820 pcw - ok
12:05:57.0687 0x1820 [ 8F924F00F2F81422FD7C340FDA0E00D8, BCB4AD154FB54C878D53E046C4238EEF52B38E0C14157D120FDCF8F9E98679B4 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
12:05:57.0687 0x1820 PdiService - ok
12:05:57.0719 0x1820 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\windows\system32\drivers\peauth.sys
12:05:57.0750 0x1820 PEAUTH - ok
12:05:57.0828 0x1820 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
12:05:57.0875 0x1820 PeerDistSvc - ok
12:05:57.0953 0x1820 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
12:05:57.0953 0x1820 PerfHost - ok
12:05:57.0984 0x1820 [ F20612DF7E12DE3A087D0F44CC545FB1, 2B5693B2C77B990362F69598B8FE3601065A34EEED8F829F35796B0148D797DB ] PersonalSecureDrive C:\windows\System32\drivers\psd.sys
12:05:57.0999 0x1820 PersonalSecureDrive - ok
12:05:58.0046 0x1820 [ F473D5D43FA7D5C657A3137C5171CB77, 26DA17A11FE042DE7818D44A2A53D01C0A4801FFD005815C71D5697808A686DD ] PersonalSecureDriveService c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
12:05:58.0062 0x1820 PersonalSecureDriveService - ok
12:05:58.0140 0x1820 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
12:05:58.0218 0x1820 pla - ok
12:05:58.0265 0x1820 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
12:05:58.0296 0x1820 PlugPlay - ok
12:05:58.0327 0x1820 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
12:05:58.0343 0x1820 PNRPAutoReg - ok
12:05:58.0358 0x1820 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
12:05:58.0389 0x1820 PNRPsvc - ok
12:05:58.0421 0x1820 [ 4C2985DAAF5859A670AE2AF478AF58C6, 3B62D04255FC9C9D46B76B740D9DEFB6F382ADB1C5D27948FABDE71E9F7CA768 ] Point64 C:\windows\system32\DRIVERS\point64.sys
12:05:58.0436 0x1820 Point64 - ok
12:05:58.0467 0x1820 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
12:05:58.0499 0x1820 PolicyAgent - ok
12:05:58.0530 0x1820 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
12:05:58.0561 0x1820 Power - ok
12:05:58.0608 0x1820 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
12:05:58.0639 0x1820 PptpMiniport - ok
12:05:58.0670 0x1820 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
12:05:58.0686 0x1820 Processor - ok
12:05:58.0717 0x1820 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
12:05:58.0733 0x1820 ProfSvc - ok
12:05:58.0764 0x1820 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\windows\system32\lsass.exe
12:05:58.0779 0x1820 ProtectedStorage - ok
12:05:58.0826 0x1820 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
12:05:58.0857 0x1820 Psched - ok
12:05:58.0889 0x1820 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
12:05:58.0904 0x1820 PxHlpa64 - ok
12:05:58.0951 0x1820 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
12:05:59.0013 0x1820 ql2300 - ok
12:05:59.0045 0x1820 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
12:05:59.0060 0x1820 ql40xx - ok
12:05:59.0091 0x1820 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
12:05:59.0107 0x1820 QWAVE - ok
12:05:59.0138 0x1820 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
12:05:59.0154 0x1820 QWAVEdrv - ok
12:05:59.0169 0x1820 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
12:05:59.0201 0x1820 RasAcd - ok
12:05:59.0232 0x1820 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
12:05:59.0279 0x1820 RasAgileVpn - ok
12:05:59.0294 0x1820 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
12:05:59.0325 0x1820 RasAuto - ok
12:05:59.0357 0x1820 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
12:05:59.0388 0x1820 Rasl2tp - ok
12:05:59.0435 0x1820 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
12:05:59.0466 0x1820 RasMan - ok
12:05:59.0481 0x1820 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
12:05:59.0528 0x1820 RasPppoe - ok
12:05:59.0544 0x1820 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
12:05:59.0591 0x1820 RasSstp - ok
12:05:59.0622 0x1820 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
12:05:59.0669 0x1820 rdbss - ok
12:05:59.0700 0x1820 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
12:05:59.0715 0x1820 rdpbus - ok
12:05:59.0731 0x1820 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
12:05:59.0762 0x1820 RDPCDD - ok
12:05:59.0801 0x1820 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\windows\system32\drivers\rdpdr.sys
12:05:59.0819 0x1820 RDPDR - ok
12:05:59.0830 0x1820 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
12:05:59.0863 0x1820 RDPENCDD - ok
12:05:59.0876 0x1820 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
12:05:59.0927 0x1820 RDPREFMP - ok
12:06:00.0005 0x1820 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
12:06:00.0017 0x1820 RdpVideoMiniport - ok
12:06:00.0058 0x1820 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
12:06:00.0058 0x1820 RDPWD - ok
12:06:00.0107 0x1820 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
12:06:00.0122 0x1820 rdyboost - ok
12:06:00.0154 0x1820 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
12:06:00.0185 0x1820 RemoteAccess - ok
12:06:00.0216 0x1820 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
12:06:00.0247 0x1820 RemoteRegistry - ok
12:06:00.0278 0x1820 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
12:06:00.0294 0x1820 RFCOMM - ok
12:06:00.0403 0x1820 [ 7566F7C551606D44479A5E22F3405B89, 5730373AA9137D5C35A7F97CEAA04EC22586D2DE09EB7D88A8DA69DF88209B2A ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
12:06:00.0434 0x1820 RoxMediaDB12OEM - ok
12:06:00.0450 0x1820 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
12:06:00.0481 0x1820 RpcEptMapper - ok
12:06:00.0512 0x1820 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
12:06:00.0528 0x1820 RpcLocator - ok
12:06:00.0575 0x1820 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\windows\system32\rpcss.dll
12:06:00.0606 0x1820 RpcSs - ok
12:06:00.0653 0x1820 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
12:06:00.0684 0x1820 rspndr - ok
12:06:00.0715 0x1820 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\windows\system32\drivers\vms3cap.sys
12:06:00.0731 0x1820 s3cap - ok
12:06:00.0762 0x1820 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs C:\windows\system32\lsass.exe
12:06:00.0762 0x1820 SamSs - ok
12:06:00.0793 0x1820 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
12:06:00.0809 0x1820 sbp2port - ok
12:06:00.0871 0x1820 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
12:06:00.0918 0x1820 SCardSvr - ok
12:06:00.0945 0x1820 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
12:06:00.0991 0x1820 scfilter - ok
12:06:01.0056 0x1820 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\windows\system32\schedsvc.dll
12:06:01.0116 0x1820 Schedule - ok
12:06:01.0163 0x1820 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
12:06:01.0203 0x1820 SCPolicySvc - ok
12:06:01.0251 0x1820 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\drivers\sdbus.sys
12:06:01.0259 0x1820 sdbus - ok
12:06:01.0308 0x1820 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
12:06:01.0308 0x1820 SDRSVC - ok
12:06:01.0355 0x1820 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
12:06:01.0371 0x1820 secdrv - ok
12:06:01.0402 0x1820 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\windows\system32\seclogon.dll
12:06:01.0402 0x1820 seclogon - ok
12:06:01.0449 0x1820 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
12:06:01.0480 0x1820 SENS - ok
12:06:01.0527 0x1820 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
12:06:01.0542 0x1820 SensrSvc - ok
12:06:01.0558 0x1820 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
12:06:01.0573 0x1820 Serenum - ok
12:06:01.0589 0x1820 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
12:06:01.0589 0x1820 Serial - ok
12:06:01.0636 0x1820 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
12:06:01.0636 0x1820 sermouse - ok
12:06:01.0683 0x1820 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
12:06:01.0714 0x1820 SessionEnv - ok
12:06:01.0761 0x1820 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
12:06:01.0776 0x1820 sffdisk - ok
12:06:01.0776 0x1820 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
12:06:01.0792 0x1820 sffp_mmc - ok
12:06:01.0792 0x1820 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
12:06:01.0807 0x1820 sffp_sd - ok
12:06:01.0823 0x1820 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
12:06:01.0839 0x1820 sfloppy - ok
12:06:01.0885 0x1820 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
12:06:01.0932 0x1820 SharedAccess - ok
12:06:01.0963 0x1820 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
12:06:02.0026 0x1820 ShellHWDetection - ok
12:06:02.0026 0x1820 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
12:06:02.0041 0x1820 SiSRaid2 - ok
12:06:02.0057 0x1820 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
12:06:02.0073 0x1820 SiSRaid4 - ok
12:06:02.0104 0x1820 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
12:06:02.0135 0x1820 Smb - ok
12:06:02.0166 0x1820 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
12:06:02.0182 0x1820 SNMPTRAP - ok
12:06:02.0291 0x1820 [ D3017AAE17B721BD7B987C3705E55097, 2D7D6D7EAEEE83D8E14A025D8B7956BAF0FB3E4C8C5CD2D59839973D3580FC87 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
12:06:02.0369 0x1820 SNP2UVC - ok
12:06:02.0385 0x1820 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
12:06:02.0400 0x1820 spldr - ok
12:06:02.0447 0x1820 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
12:06:02.0478 0x1820 Spooler - ok
12:06:02.0619 0x1820 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
12:06:02.0759 0x1820 sppsvc - ok
12:06:02.0806 0x1820 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
12:06:02.0837 0x1820 sppuinotify - ok
12:06:02.0868 0x1820 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\windows\system32\DRIVERS\srv.sys
12:06:02.0884 0x1820 srv - ok
12:06:02.0931 0x1820 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
12:06:02.0946 0x1820 srv2 - ok
12:06:02.0993 0x1820 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
12:06:03.0009 0x1820 srvnet - ok
12:06:03.0024 0x1820 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
12:06:03.0055 0x1820 SSDPSRV - ok
12:06:03.0071 0x1820 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
12:06:03.0118 0x1820 SstpSvc - ok
12:06:03.0149 0x1820 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
12:06:03.0165 0x1820 ssudmdm - ok
12:06:03.0258 0x1820 [ 897C1273B7D74E19DDA7EBF495BF0133, CF344C0ABB11FF1D4FFE09426A42F9C320985F83FC0472E64F92EAACBFAAEFE9 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:06:03.0274 0x1820 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
12:06:03.0274 0x1820 Detect skipped due to KSN trusted
12:06:03.0274 0x1820 STacSV - ok
12:06:03.0289 0x1820 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
12:06:03.0305 0x1820 stexstor - ok
12:06:03.0352 0x1820 [ A883937A943DCE237B19E4A5558FCBE6, 5DC1D621CC246290CD575E394BDBDE962F1783D08ECA5411FF766406C5C4762F ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
12:06:03.0383 0x1820 STHDA - ok
12:06:03.0445 0x1820 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
12:06:03.0492 0x1820 stisvc - ok
12:06:03.0539 0x1820 [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:06:03.0539 0x1820 stllssvr - ok
12:06:03.0586 0x1820 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\windows\system32\drivers\vmstorfl.sys
12:06:03.0586 0x1820 storflt - ok
12:06:03.0633 0x1820 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\windows\system32\storsvc.dll
12:06:03.0648 0x1820 StorSvc - ok
12:06:03.0664 0x1820 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\windows\system32\drivers\storvsc.sys
12:06:03.0664 0x1820 storvsc - ok
12:06:03.0711 0x1820 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
12:06:03.0711 0x1820 swenum - ok
12:06:03.0773 0x1820 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
12:06:03.0820 0x1820 swprv - ok
12:06:03.0867 0x1820 [ ED4850932604FB562046ABA68DF2E681, EBAF1D6BEA7331E854F91080AAC485E5B2378F4C779406AE4F9FD78397A0B95F ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
12:06:03.0898 0x1820 SynTP - ok
12:06:03.0976 0x1820 [ EEB7BA1AEB32770866C4D64AB0678DA8, A366F1296D6A6348DF105C77C270035344F0B37A6D174B592DB79C8550A6777F ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
12:06:03.0991 0x1820 SynTPEnhService - ok
12:06:04.0085 0x1820 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\windows\system32\sysmain.dll
12:06:04.0132 0x1820 SysMain - ok
12:06:04.0179 0x1820 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
12:06:04.0194 0x1820 TabletInputService - ok
12:06:04.0225 0x1820 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
12:06:04.0257 0x1820 TapiSrv - ok
12:06:04.0335 0x1820 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\windows\system32\drivers\tcpip.sys
12:06:04.0397 0x1820 Tcpip - ok
12:06:04.0459 0x1820 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
12:06:04.0506 0x1820 TCPIP6 - ok
12:06:04.0569 0x1820 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
12:06:04.0584 0x1820 tcpipreg - ok
12:06:04.0615 0x1820 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
12:06:04.0615 0x1820 TDPIPE - ok
12:06:04.0647 0x1820 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
12:06:04.0662 0x1820 TDTCP - ok
12:06:04.0693 0x1820 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\windows\system32\DRIVERS\tdx.sys
12:06:04.0693 0x1820 tdx - ok
12:06:04.0740 0x1820 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
12:06:04.0756 0x1820 TermDD - ok
12:06:04.0803 0x1820 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
12:06:04.0818 0x1820 TermService - ok
12:06:04.0849 0x1820 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
12:06:04.0865 0x1820 Themes - ok
12:06:04.0912 0x1820 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
12:06:04.0927 0x1820 THREADORDER - ok
12:06:04.0959 0x1820 [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM C:\windows\system32\drivers\tpm.sys
12:06:04.0974 0x1820 TPM - ok
12:06:04.0990 0x1820 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
12:06:05.0021 0x1820 TrkWks - ok
12:06:05.0083 0x1820 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
12:06:05.0130 0x1820 TrustedInstaller - ok
12:06:05.0146 0x1820 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
12:06:05.0161 0x1820 tssecsrv - ok
12:06:05.0208 0x1820 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
12:06:05.0224 0x1820 TsUsbFlt - ok
12:06:05.0255 0x1820 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
12:06:05.0286 0x1820 tunnel - ok
12:06:05.0317 0x1820 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
12:06:05.0333 0x1820 uagp35 - ok
12:06:05.0447 0x1820 [ D5994AB5C2B2D72D6320A7004D52617C, 6F5BCDE29233EA43EA29223CAC91119123CE01F87B3228E5F6FBCB6C14A675DE ] uArcCapture C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
12:06:05.0468 0x1820 uArcCapture - ok
12:06:05.0517 0x1820 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
12:06:05.0571 0x1820 udfs - ok
12:06:05.0618 0x1820 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
12:06:05.0633 0x1820 UI0Detect - ok
12:06:05.0653 0x1820 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
12:06:05.0659 0x1820 uliagpkx - ok
12:06:05.0690 0x1820 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
12:06:05.0717 0x1820 umbus - ok
12:06:05.0741 0x1820 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
12:06:05.0757 0x1820 UmPass - ok
12:06:05.0788 0x1820 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\windows\System32\umrdp.dll
12:06:05.0804 0x1820 UmRdpService - ok
12:06:05.0960 0x1820 [ 2955A9ADBC618B6A09E3D3BECC3CCB3D, E4258A01E9DCF66F0E91A691DD0CDBF3E0EBB92D2B041CF63FC66B7991B9D6AD ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:06:06.0038 0x1820 UNS - ok
12:06:06.0116 0x1820 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
12:06:06.0147 0x1820 upnphost - ok
12:06:06.0178 0x1820 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
12:06:06.0194 0x1820 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
12:06:06.0194 0x1820 Detect skipped due to KSN trusted
12:06:06.0194 0x1820 USBAAPL64 - ok
12:06:06.0225 0x1820 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\windows\system32\drivers\usbccgp.sys
12:06:06.0225 0x1820 usbccgp - ok
12:06:06.0272 0x1820 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
12:06:06.0287 0x1820 usbcir - ok
12:06:06.0303 0x1820 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
12:06:06.0318 0x1820 usbehci - ok
12:06:06.0365 0x1820 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\windows\system32\drivers\usbhub.sys
12:06:06.0381 0x1820 usbhub - ok
12:06:06.0412 0x1820 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\windows\system32\drivers\usbohci.sys
12:06:06.0428 0x1820 usbohci - ok
12:06:06.0459 0x1820 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
12:06:06.0474 0x1820 usbprint - ok
12:06:06.0506 0x1820 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
12:06:06.0506 0x1820 usbscan - ok
12:06:06.0552 0x1820 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\windows\system32\drivers\usbser.sys
12:06:06.0552 0x1820 usbser - ok
12:06:06.0599 0x1820 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
12:06:06.0599 0x1820 USBSTOR - ok
12:06:06.0630 0x1820 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
12:06:06.0630 0x1820 usbuhci - ok
12:06:06.0646 0x1820 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
12:06:06.0662 0x1820 usbvideo - ok
12:06:06.0693 0x1820 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
12:06:06.0724 0x1820 UxSms - ok
12:06:06.0771 0x1820 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc C:\windows\system32\lsass.exe
12:06:06.0786 0x1820 VaultSvc - ok
12:06:06.0911 0x1820 [ 48E21E9AAB80A25E3920DAA75A00CAA1, 8C577647A992AF8D0F86894166CE062824F9D4A260CAFDFCDE3D806F1F094888 ] vcsFPService C:\windows\system32\vcsFPService.exe
12:06:07.0005 0x1820 vcsFPService - ok
12:06:07.0114 0x1820 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
12:06:07.0114 0x1820 vdrvroot - ok
12:06:07.0176 0x1820 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
12:06:07.0223 0x1820 vds - ok
12:06:07.0254 0x1820 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
12:06:07.0270 0x1820 vga - ok
12:06:07.0286 0x1820 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
12:06:07.0317 0x1820 VgaSave - ok
12:06:07.0332 0x1820 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
12:06:07.0348 0x1820 vhdmp - ok
12:06:07.0395 0x1820 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
12:06:07.0395 0x1820 viaide - ok
12:06:07.0426 0x1820 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\windows\system32\drivers\vmbus.sys
12:06:07.0426 0x1820 vmbus - ok
12:06:07.0442 0x1820 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
12:06:07.0457 0x1820 VMBusHID - ok
12:06:07.0473 0x1820 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
12:06:07.0473 0x1820 volmgr - ok
12:06:07.0520 0x1820 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
12:06:07.0535 0x1820 volmgrx - ok
12:06:07.0582 0x1820 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
12:06:07.0598 0x1820 volsnap - ok
12:06:07.0613 0x1820 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys
12:06:07.0629 0x1820 vpcbus - ok
12:06:07.0676 0x1820 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys
12:06:07.0691 0x1820 vpcnfltr - ok
12:06:07.0707 0x1820 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys
12:06:07.0722 0x1820 vpcusb - ok
12:06:07.0769 0x1820 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys
12:06:07.0800 0x1820 vpcvmm - ok
12:06:07.0816 0x1820 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
12:06:07.0832 0x1820 vsmraid - ok
12:06:07.0894 0x1820 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
12:06:07.0988 0x1820 VSS - ok
12:06:08.0019 0x1820 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
12:06:08.0034 0x1820 vwifibus - ok
12:06:08.0066 0x1820 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
12:06:08.0081 0x1820 vwififlt - ok
12:06:08.0097 0x1820 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
12:06:08.0097 0x1820 vwifimp - ok
12:06:08.0144 0x1820 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
12:06:08.0175 0x1820 W32Time - ok
12:06:08.0206 0x1820 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
12:06:08.0222 0x1820 WacomPen - ok
12:06:08.0237 0x1820 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
12:06:08.0268 0x1820 WANARP - ok
12:06:08.0284 0x1820 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
12:06:08.0315 0x1820 Wanarpv6 - ok
12:06:08.0378 0x1820 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
12:06:08.0424 0x1820 WatAdminSvc - ok
12:06:08.0502 0x1820 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
12:06:08.0549 0x1820 wbengine - ok
12:06:08.0596 0x1820 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
12:06:08.0612 0x1820 WbioSrvc - ok
12:06:08.0658 0x1820 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
12:06:08.0690 0x1820 wcncsvc - ok
12:06:08.0736 0x1820 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
12:06:08.0752 0x1820 WcsPlugInService - ok
12:06:08.0768 0x1820 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
12:06:08.0783 0x1820 Wd - ok
12:06:08.0830 0x1820 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
12:06:08.0861 0x1820 Wdf01000 - ok
12:06:08.0892 0x1820 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
12:06:08.0908 0x1820 WdiServiceHost - ok
12:06:08.0908 0x1820 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
12:06:08.0924 0x1820 WdiSystemHost - ok
12:06:08.0955 0x1820 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\windows\System32\webclnt.dll
12:06:08.0970 0x1820 WebClient - ok
12:06:09.0017 0x1820 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
12:06:09.0048 0x1820 Wecsvc - ok
12:06:09.0064 0x1820 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
12:06:09.0111 0x1820 wercplsupport - ok
12:06:09.0126 0x1820 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
12:06:09.0173 0x1820 WerSvc - ok
12:06:09.0204 0x1820 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
12:06:09.0236 0x1820 WfpLwf - ok
12:06:09.0251 0x1820 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
12:06:09.0251 0x1820 WIMMount - ok
12:06:09.0282 0x1820 WinDefend - ok
12:06:09.0282 0x1820 WinHttpAutoProxySvc - ok
12:06:09.0345 0x1820 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
12:06:09.0407 0x1820 Winmgmt - ok
12:06:09.0485 0x1820 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\windows\system32\WsmSvc.dll
12:06:09.0548 0x1820 WinRM - ok
12:06:09.0610 0x1820 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\windows\system32\drivers\WinUsb.sys
12:06:09.0610 0x1820 WinUSB - ok
12:06:09.0672 0x1820 [ 6E5FE85FC15590EF509A6D217C65F9BE, C532E062F8B599FDC6FB42CAE17A9EF4E1591FE94A000CBC525CD7287047C088 ] WirelessKeyboardFilter C:\windows\system32\DRIVERS\WirelessKeyboardFilter.sys
12:06:09.0672 0x1820 WirelessKeyboardFilter - ok
12:06:09.0735 0x1820 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
12:06:09.0766 0x1820 Wlansvc - ok
12:06:09.0922 0x1820 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:06:09.0984 0x1820 wlidsvc - ok
12:06:10.0031 0x1820 [ 9E281477BF61B1CF77CE725851B144CE, C1A077F9416A9F9DAA1E6B848148091E65E518AF7E14024544026F7E74C8FDCE ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
12:06:10.0062 0x1820 wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
12:06:10.0140 0x1820 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
12:06:10.0312 0x1820 WMCoreService - ok
12:06:10.0343 0x1820 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
12:06:10.0359 0x1820 WmiAcpi - ok
12:06:10.0406 0x1820 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
12:06:10.0406 0x1820 wmiApSrv - ok
12:06:10.0437 0x1820 WMPNetworkSvc - ok
12:06:10.0452 0x1820 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
12:06:10.0468 0x1820 WPCSvc - ok
12:06:10.0515 0x1820 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
12:06:10.0515 0x1820 WPDBusEnum - ok
12:06:10.0562 0x1820 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
12:06:10.0593 0x1820 ws2ifsl - ok
12:06:10.0608 0x1820 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
12:06:10.0624 0x1820 wscsvc - ok
12:06:10.0624 0x1820 WSearch - ok
12:06:10.0733 0x1820 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\windows\system32\wuaueng.dll
12:06:10.0811 0x1820 wuauserv - ok
12:06:10.0905 0x1820 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
12:06:10.0920 0x1820 WudfPf - ok
12:06:10.0936 0x1820 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
12:06:10.0952 0x1820 WUDFRd - ok
12:06:10.0952 0x1820 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
12:06:10.0967 0x1820 wudfsvc - ok
12:06:11.0030 0x1820 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
12:06:11.0045 0x1820 WwanSvc - ok
12:06:11.0092 0x1820 [ 498A41CE2B68D338C8D92F48B664DBBB, 30E6E7B9AA6F7FE5ACEBB4DD697D183B106742CA72AD7656A5A58A6B814922F0 ] WwanUsbServ C:\windows\system32\DRIVERS\WwanUsbMp64.sys
12:06:11.0108 0x1820 WwanUsbServ - ok
12:06:11.0139 0x1820 ================ Scan global ===============================
12:06:11.0170 0x1820 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
12:06:11.0201 0x1820 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\windows\system32\winsrv.dll
12:06:11.0217 0x1820 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\windows\system32\winsrv.dll
12:06:11.0264 0x1820 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
12:06:11.0295 0x1820 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
12:06:11.0295 0x1820 [ Global ] - ok
12:06:11.0295 0x1820 ================ Scan MBR ==================================
12:06:11.0310 0x1820 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:06:11.0576 0x1820 \Device\Harddisk0\DR0 - ok
12:06:11.0576 0x1820 ================ Scan VBR ==================================
12:06:11.0576 0x1820 [ B2AABAA086D1E67D2A3071FA1B71C7DB ] \Device\Harddisk0\DR0\Partition1
12:06:11.0576 0x1820 \Device\Harddisk0\DR0\Partition1 - ok
12:06:11.0576 0x1820 [ B73B97952040A4B256CC4C914D4A4277 ] \Device\Harddisk0\DR0\Partition2
12:06:11.0576 0x1820 \Device\Harddisk0\DR0\Partition2 - ok
12:06:11.0576 0x1820 [ B6A5F83E2996225976FF3193F6C87ED8 ] \Device\Harddisk0\DR0\Partition3
12:06:11.0576 0x1820 \Device\Harddisk0\DR0\Partition3 - ok
12:06:11.0591 0x1820 [ 2DCA2CD9DA7A2AC41D4B41FD8145D8D8 ] \Device\Harddisk0\DR0\Partition4
12:06:11.0591 0x1820 \Device\Harddisk0\DR0\Partition4 - ok
12:06:11.0591 0x1820 ================ Scan generic autorun ======================
12:06:11.0654 0x1820 [ B13D24EBC32B570F40CBEF8C6AAA08D5, 9F4DEF06A571E93447BFAF89AC315E5C832CCC32431B4EC451D1E09D161EA452 ] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
12:06:11.0669 0x1820 HPPowerAssistant - ok
12:06:11.0763 0x1820 [ 5F9C7AD30FD868228026D17AC44C5DC8, AE4739620E67A1830D0EEA9F3BB45D4DAE7EBB44FB06BD9AC874867AEFA3F419 ] C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
12:06:11.0778 0x1820 MfeEpePcMonitor - detected UnsignedFile.Multi.Generic ( 1 )
12:06:11.0778 0x1820 Detect skipped due to KSN trusted
12:06:11.0778 0x1820 MfeEpePcMonitor - ok
12:06:12.0279 0x1820 [ 92CD05E7C47A2C0A56864764B0021887, 0408B6A39A4D539A5103182466BDC5C477D666898D900F427504B15B03F791A6 ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
12:06:12.0669 0x1820 File Sanitizer - detected UnsignedFile.Multi.Generic ( 1 )
12:06:12.0669 0x1820 Detect skipped due to KSN trusted
12:06:12.0669 0x1820 File Sanitizer - ok
12:06:12.0747 0x1820 [ 20E2FB1FF86FDEA6894F98AC31568396, B9F84A13BBEDF1D7033269B34E7F9B7B7BDC629AE60C2D6BE48853898E987F33 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
12:06:12.0762 0x1820 IAStorIcon - ok
12:06:12.0825 0x1820 [ D59429259F82924E4D3B90C0F0FF7144, 00A086678EBB4A9DE6891C5284F4B4FC90E2164EEA308364BCBBC27B323ED025 ] c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
12:06:12.0856 0x1820 IFXSPMGT - ok
12:06:12.0934 0x1820 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:06:12.0996 0x1820 Sidebar - ok
12:06:13.0012 0x1820 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:06:13.0043 0x1820 mctadmin - ok
12:06:13.0074 0x1820 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:06:13.0121 0x1820 Sidebar - ok
12:06:13.0121 0x1820 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:06:13.0152 0x1820 mctadmin - ok
12:06:13.0761 0x1820 [ 2269768074F6A93E454BA384ED9652E2, 3BB698018941471327A3031CC0F4011D69EBA03B00E9E6F2D99922639DCCDA59 ] C:\Program Files\CCleaner\CCleaner64.exe
12:06:14.0073 0x1820 CCleaner Monitoring - ok
12:06:14.0229 0x1820 [ 2F7375F15747C26DE37A4097633E30C5, BA9BCEE1F4B9F00EBC9D3458F1E161A0EEAFDA6AFE05CCB5E7A4B02F812C571B ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
12:06:14.0322 0x1820 LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
12:06:14.0322 0x1820 Detect skipped due to KSN trusted
12:06:14.0322 0x1820 LightScribe Control Panel - ok
12:06:14.0338 0x1820 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.24.143 ), 0x41000 ( enabled : updated )
12:06:14.0338 0x1820 Win FW state via NFP2: enabled ( trusted )
12:06:14.0463 0x1820 ============================================================
12:06:14.0463 0x1820 Scan finished
12:06:14.0463 0x1820 ============================================================
12:06:14.0463 0x1618 Detected object count: 1
12:06:14.0463 0x1618 Actual detected object count: 1
12:07:01.0002 0x1618 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:07:01.0002 0x1618 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

AdwCleaner[SO].txt:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v6.041 - Bericht erstellt am 22/12/2016 um 12:31:56
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-21.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Andreas Klocke - NOTEBOOK
# Gestartet von : C:\Users\Andreas Klocke\Downloads\AdwCleaner_6.041.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Dienst Gefunden: iFunSoftUpdaterSvc


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\Andreas Klocke\AppData\Roaming\iFunSoft
Ordner Gefunden: C:\ProgramData\iFunSoft
Ordner Gefunden: C:\ProgramData\Application Data\iFunSoft
Ordner Gefunden: C:\Program Files (x86)\iFunSoft


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gefunden: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Softonic
Schlüssel Gefunden: HKCU\Software\Softonic
Schlüssel Gefunden: [x64] HKCU\Software\Softonic
Schlüssel Gefunden: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [2358 Bytes] - [22/12/2016 12:31:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2431 Bytes] ##########
         
--- --- ---

Hier kommt das Log von Malwarebytes.
Während mir das Programm 6 Bedrohungen in Form von potenziell unerwünschten Programmen nennt, sagt die log aber, dass keine Bedrohungen bestehen?


Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 22.12.2016
Suchlaufzeit: 13:49
Protokolldatei:
Administrator: Ja

Version: 0.0.0.0000
Malware-Datenbank: v2016.12.22.05
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Andreas Klocke

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 311540
Abgelaufene Zeit: 20 Min., 31 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Ich habe eben nochmal die Regeln für dieses Forum gelesen und möchte daher noch darauf hinweisen, dass ich dieses Laptop in meinem Büro dafür einsetze, meine Daten regelmäßig von meiner Synology Festplatte im Büro als Backup zu speichern und zu Hause auf einer externen Festplatte zu sichern.
Ich bin Freiberufler ohne Mitarbeiter, daher habe ich keine IT.
Gerne gebe ich für Eure Hilfe auch eine Spende.

Da ich hier schon zu viele Antworten gepostet habe, denke ich, dass Ihr davon ausgeht, dass mir bereits geholfen wird. Sollte sich heute keiner mehr melden, werde ich am Dienstag mal im Thread der "vergessenen Themen" erinnern.

Jetzt wünsche ich erstmal Frohe Weihnachten.

Alt 01.01.2017, 14:01   #5
M-K-D-B
/// TB-Ausbilder
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Die Logdatei von FRST ist unvollständig, bitte nochmal:

  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 02.01.2017, 10:54   #6
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Hallo Matthias,
ich wünsche Dir ein frohes neues Jahr und vielen Dank für Deine Hilfsbereitschaft.

Hier die FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (Administrator) auf NOTEBOOK (02-01-2017 10:38:57)
Gestartet von C:\Users\Andreas Klocke\Downloads
Geladene Profile: Andreas Klocke (Verfügbare Profile: Andreas Klocke)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-08-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DsMgr] => C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [93240 2011-04-20] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2011-02-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\MountPoints2: {0d7abbcf-99c1-11e0-9ecc-806e6f6e6963} - G:\bin\shelexec.exe index.html
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{89B4A81F-D2DC-4F62-AC14-4F20103515A1}: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{E2E22EAE-77F5-4A60-87D5-5ED74C889313}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Nvu\Profiles\1p5ijy2s.default [2016-12-12]
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default [2017-01-02]
FF user.js: detected! => C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\user.js [2016-10-03]
FF Homepage: Mozilla\Firefox\Profiles\16jk24xp.default -> hxxp://www.google.de/
FF Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\Extensions\iobitascsurfingprotection@iobit.com [2015-07-31] [ist nicht signiert]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-images.xml [2014-11-21]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-maps.xml [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-08-10] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default [2017-01-02]
CHR Extension: (Google Präsentationen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Google-Suche) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (HP Network Check Launcher) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2016-12-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [485712 2011-05-19] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320512 2011-05-09] (Hewlett-Packard) [Datei ist nicht signiert]
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S2 iFunSoftUpdaterSvc; C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe [2961216 2016-01-30] (iFunSoft)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [980320 2011-01-20] (Infineon Technologies AG)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert]
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [203104 2011-01-20] (Infineon Technologies AG)
S3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-10-29] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2016-06-23] (Synaptics Incorporated)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [4819968 2011-06-18] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [586280 2011-03-03] (Ericsson AB)
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 ASPI; C:\windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [148032 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-12] (Avira Operations GmbH & Co. KG)
S3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [42536 2016-06-23] (IVT Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 ecnssndis; C:\windows\System32\Drivers\wwuss64.sys [26664 2014-10-29] (Ericsson AB)
R3 ecnssndisfltr; C:\windows\System32\Drivers\wwussf64.sys [29736 2014-10-29] (Ericsson AB)
R3 h36wgps; C:\windows\System32\DRIVERS\h36wgps64.sys [101416 2011-02-28] (Ericsson AB)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 johci; C:\windows\System32\DRIVERS\johci.sys [26208 2014-10-29] (JMicron Technology Corp.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-01-02] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
R3 Mbm3DevMt; C:\windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
R3 Mbm3mdfl; C:\windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
R3 Mbm3Mdm; C:\windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-10-29] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2596456 2016-06-23] (Sonix Tech. Co., Ltd.)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R3 WirelessKeyboardFilter; C:\windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R3 WwanUsbServ; C:\windows\System32\DRIVERS\WwanUsbMp64.sys [279312 2014-10-29] (Ericsson AB)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-02 10:38 - 2017-01-02 10:38 - 00000000 ____D C:\Users\Andreas Klocke\Downloads\FRST-OlderVersion
2016-12-23 11:00 - 2016-12-23 11:00 - 00048077 _____ C:\Users\Andreas Klocke\.recently-used.xbel
2016-12-22 13:50 - 2016-12-22 13:51 - 00001211 _____ C:\Users\Andreas Klocke\Desktop\mbamlog.txt
2016-12-22 12:35 - 2017-01-02 10:28 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-22 12:34 - 2016-12-22 12:34 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-22 12:34 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-12-22 12:34 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-12-22 12:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-12-22 12:30 - 2016-12-22 12:31 - 22851472 _____ (Malwarebytes ) C:\Users\Andreas Klocke\Downloads\mbam-setup-2.2.1.1043.exe
2016-12-22 12:30 - 2016-12-22 12:31 - 00000000 ____D C:\AdwCleaner
2016-12-22 12:29 - 2016-12-22 12:29 - 03977168 _____ C:\Users\Andreas Klocke\Downloads\AdwCleaner_6.041.exe
2016-12-22 11:58 - 2016-12-22 12:43 - 00464724 _____ C:\TDSSKiller.3.1.0.12_22.12.2016_11.58.11_log.txt
2016-12-22 11:57 - 2016-12-22 11:57 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Andreas Klocke\Downloads\tdsskiller.exe
2016-12-22 11:50 - 2016-12-22 11:51 - 00039966 _____ C:\Users\Andreas Klocke\Downloads\Addition.txt
2016-12-22 11:48 - 2017-01-02 10:43 - 00027326 _____ C:\Users\Andreas Klocke\Downloads\FRST.txt
2016-12-22 11:47 - 2017-01-02 10:38 - 02418176 _____ (Farbar) C:\Users\Andreas Klocke\Downloads\FRST64.exe
2016-12-22 11:47 - 2017-01-02 10:38 - 00000000 ____D C:\FRST
2016-12-22 11:44 - 2016-12-22 11:42 - 00110144 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-64.dll
2016-12-22 11:26 - 2017-01-02 10:21 - 00000448 _____ C:\windows\setupact.log
2016-12-22 11:26 - 2016-12-22 14:08 - 00001910 _____ C:\windows\PFRO.log
2016-12-22 11:26 - 2016-12-22 11:26 - 00000000 _____ C:\windows\setuperr.log
2016-12-22 10:37 - 2016-12-22 10:38 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-22 10:37 - 2016-12-22 10:37 - 00002808 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\Program Files\CCleaner
2016-12-22 10:36 - 2016-12-22 10:37 - 08803648 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Documents\ccsetup525.exe
2016-12-22 10:25 - 2016-12-30 14:05 - 00003240 _____ C:\windows\System32\Tasks\HPCeeScheduleForAndreas Klocke
2016-12-22 10:11 - 2016-12-30 09:15 - 00524288 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 10:11 - 2016-12-30 09:15 - 00065536 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TM.blf
2016-12-22 10:11 - 2016-12-22 11:25 - 00524288 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 10:03 - 2017-01-02 10:21 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job
2016-12-22 10:03 - 2016-12-22 10:03 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\HP_Development_Company,_L
2016-12-22 10:01 - 2016-12-22 10:01 - 00000000 ____D C:\ProgramData\McAfee
2016-12-22 09:59 - 2016-12-22 09:59 - 00000248 _____ C:\windows\hbcikrnl.ini
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\ProgramData\SZCCID
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicroData
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicro
2016-12-22 09:49 - 2016-12-22 09:49 - 00002231 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-12-22 09:49 - 2016-12-22 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-12-22 09:41 - 2016-12-22 09:41 - 00000000 ____D C:\ProgramData\HP Inc
2016-12-22 09:35 - 2016-12-22 09:35 - 04057776 _____ (Oleg N. Scherbakov) C:\Users\Andreas Klocke\Documents\HPSupportSolutionsFramework-12.5.32.203.exe
2016-12-16 15:59 - 2016-12-16 15:59 - 00000000 ____H C:\asc_rdflag
2016-12-16 15:58 - 2016-12-30 19:18 - 05864204 ____H C:\Users\Andreas Klocke\AppData\Local\IconCache.db
2016-12-15 09:41 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-12-15 09:41 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-12-15 09:41 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-12-15 09:41 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-12-15 09:41 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-15 09:41 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-12-15 09:41 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-12-15 09:41 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-12-15 09:41 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-12-15 09:41 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-12-15 09:41 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-12-15 09:41 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-12-15 09:41 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-12-15 09:41 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-12-15 09:41 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-15 09:41 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-12-15 09:41 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-15 09:41 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-12-15 09:41 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-12-15 09:41 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-12-15 09:41 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-12-15 09:41 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-12-15 09:41 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-12-15 09:41 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-12-15 09:41 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-12-15 09:41 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-12-15 09:41 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-12-15 09:41 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-12-15 09:41 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-12-15 09:41 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-12-15 09:41 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-12-15 09:41 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-15 09:41 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-15 09:41 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-12-15 09:41 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-12-15 09:41 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-12-15 09:41 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-15 09:41 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-12-15 09:41 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-12-12 14:57 - 2016-12-12 14:57 - 00773579 _____ C:\Users\Andreas Klocke\Desktop\kps Solingen.pdf
2016-12-12 14:15 - 2016-12-12 14:15 - 06880664 _____ (Tim Kosse) C:\Users\Andreas Klocke\Downloads\FileZilla_3.23.0.2_win64-setup.exe
2016-12-12 12:28 - 2015-12-22 17:47 - 00099052 _____ C:\Users\Andreas Klocke\Desktop\Textbausteine Mietwertgutachten Stand 20140117.xlsx
2016-12-09 09:39 - 2016-12-09 09:39 - 04619752 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Downloads\dfsetup221.exe
2016-12-08 13:44 - 2016-12-08 13:44 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-08 09:48 - 2016-12-08 09:48 - 00000334 _____ C:\windows\Backup.ini
2016-12-08 09:41 - 2016-12-08 09:41 - 17150504 _____ (IObit ) C:\Users\Andreas Klocke\Downloads\driver_booster_setup(4.1.0.389).exe
2016-12-07 16:04 - 2016-12-22 11:46 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow\Mozilla
2016-12-07 15:36 - 2016-12-08 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 09:51 - 2016-12-22 10:04 - 00524288 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-05 09:51 - 2016-12-22 10:04 - 00065536 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TM.blf
2016-12-05 09:51 - 2016-12-05 10:10 - 00524288 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TMContainer00000000000000000002.regtrans-ms
2016-12-05 09:38 - 2016-12-05 09:38 - 01199136 _____ C:\windows\system32\oem137.inf
2016-12-05 09:37 - 2016-12-05 09:37 - 07884536 _____ (Broadcom Corporation) C:\windows\system32\Drivers\BCMWL664.SYS
2016-12-05 09:37 - 2016-12-05 09:37 - 04401152 _____ (Broadcom Corporation) C:\windows\system32\bcmihvsrv64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 03667968 _____ (Broadcom Corporation) C:\windows\system32\bcmihvui64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 00096600 _____ (Broadcom Corporation) C:\windows\system32\bcmwlcoi.dll
2016-12-05 09:31 - 2016-12-05 09:31 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-02 10:32 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 10:32 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 10:23 - 2014-10-29 11:23 - 00000000 ____D C:\ProgramData\ProductData
2017-01-02 10:21 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-30 19:19 - 2015-03-13 10:26 - 01583137 _____ C:\windows\WindowsUpdate.log
2016-12-30 18:57 - 2015-09-10 17:31 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-12-30 14:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Tasks
2016-12-30 14:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Tasks
2016-12-23 17:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-12-23 17:03 - 2011-07-28 09:48 - 00003218 _____ C:\windows\System32\Tasks\HPCeeScheduleForNOTEBOOK$
2016-12-23 17:03 - 2011-07-28 09:48 - 00000342 _____ C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job
2016-12-23 13:29 - 2011-08-01 10:19 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2016-12-23 11:00 - 2011-07-28 13:35 - 00000000 ____D C:\Users\Andreas Klocke\.gimp-2.6
2016-12-23 11:00 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke
2016-12-23 10:34 - 2011-03-04 13:01 - 00705108 _____ C:\windows\system32\perfh007.dat
2016-12-23 10:34 - 2011-03-04 13:01 - 00151476 _____ C:\windows\system32\perfc007.dat
2016-12-23 10:34 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-23 10:34 - 2009-07-14 04:20 - 00000000 ____D C:\windows\System32
2016-12-23 10:34 - 2009-07-14 03:36 - 00657964 _____ C:\windows\system32\perfh009.dat
2016-12-23 10:34 - 2009-07-14 03:36 - 00123776 _____ C:\windows\system32\perfc009.dat
2016-12-22 13:51 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\Desktop
2016-12-22 12:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\drivers
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files (x86)
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 ___HD C:\ProgramData
2016-12-22 11:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-12-22 11:46 - 2013-09-26 11:25 - 00000000 ____D C:\ProgramData\Oracle
2016-12-22 11:45 - 2011-03-04 12:46 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2016-12-22 11:45 - 2011-03-04 12:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-22 11:44 - 2016-11-25 09:51 - 00000000 __SHD C:\Config.Msi
2016-12-22 11:44 - 2015-10-09 07:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-22 11:44 - 2015-07-10 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-22 11:44 - 2013-05-17 08:46 - 00000000 ____D C:\Program Files\Java
2016-12-22 11:44 - 2011-03-04 12:21 - 00000000 __SHD C:\windows\Installer
2016-12-22 11:44 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64
2016-12-22 11:43 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-22 11:42 - 2015-07-31 09:45 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-12-22 11:40 - 2016-01-22 09:22 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-22 10:51 - 2015-07-14 13:37 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\CrashDumps
2016-12-22 10:51 - 2011-10-12 13:53 - 00000000 ____D C:\windows\Minidump
2016-12-22 10:47 - 2015-07-31 09:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-22 10:47 - 2011-06-18 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
2016-12-22 10:43 - 2016-08-04 07:32 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\iFunSoft
2016-12-22 10:37 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\Documents
2016-12-22 10:37 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files
2016-12-22 10:35 - 2015-02-25 17:15 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\ElevatedDiagnostics
2016-12-22 10:34 - 2011-08-14 13:02 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\Diagnostics
2016-12-22 10:06 - 2009-07-14 05:45 - 00471400 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-22 10:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\catroot
2016-12-22 10:02 - 2011-03-04 12:20 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-22 10:02 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2016-12-22 10:02 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\DriverStore
2016-12-22 10:01 - 2011-03-04 12:27 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll
2016-12-22 10:01 - 2009-07-14 04:20 - 00000000 __RSD C:\windows\assembly
2016-12-22 10:00 - 2011-03-04 12:26 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-22 09:59 - 2011-03-04 12:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\catroot2
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default\AppData\Roaming
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming
2016-12-22 09:58 - 2011-03-04 12:42 - 00000000 __SHD C:\System Volume Information
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\winsxs
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2016-12-22 09:40 - 2014-06-01 15:16 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-22 09:40 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\hpqLog
2016-12-22 09:38 - 2011-07-28 09:53 - 00130248 _____ C:\Users\Andreas Klocke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-22 09:37 - 2009-07-14 04:20 - 00000000 __RSD C:\windows\Fonts
2016-12-17 14:56 - 2011-08-01 11:36 - 00003542 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:56 - 2011-08-01 11:36 - 00003414 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag
2016-12-16 15:59 - 2016-10-04 08:02 - 00622592 _____ C:\windows\system32\config\DEFAULT.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00069632 _____ C:\windows\system32\config\SAM.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00028672 _____ C:\windows\system32\config\SECURITY.iodefrag.bak
2016-12-16 15:59 - 2009-07-27 16:04 - 00000000 __SHD C:\boot
2016-12-16 15:58 - 2009-07-14 05:45 - 00000000 ____D C:\windows\debug
2016-12-15 18:25 - 2011-08-05 11:54 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\gtk-2.0
2016-12-15 12:57 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Microsoft.NET
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\en-US
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\de-DE
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\en-US
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Drivers\UMDF
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\de-DE
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-15 10:01 - 2011-07-28 10:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-15 09:59 - 2013-08-12 09:56 - 00000000 ____D C:\windows\system32\MRT
2016-12-15 09:54 - 2011-07-28 10:37 - 135632432 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-12-15 09:51 - 2011-03-04 12:25 - 01607460 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-12-14 13:23 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-14 13:21 - 2016-10-11 11:01 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-12-14 12:27 - 2016-11-23 15:11 - 00013971 _____ C:\Users\Andreas Klocke\Desktop\Fahrten.xlsx
2016-12-14 09:51 - 2015-03-13 10:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 13:57 - 2015-09-10 17:31 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 13:57 - 2015-09-10 17:31 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 13:57 - 2015-09-10 17:31 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 13:57 - 2011-11-15 09:43 - 00000000 ____D C:\windows\system32\Macromed
2016-12-13 13:57 - 2011-03-04 12:58 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-12-13 09:15 - 2011-06-18 16:26 - 00000000 ____D C:\windows\SoftwareDistribution
2016-12-12 14:16 - 2014-03-31 10:06 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\FileZilla
2016-12-12 12:32 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-09 09:42 - 2013-05-12 19:19 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-12-09 09:42 - 2013-05-12 19:19 - 00000000 ____D C:\Program Files\Defraggler
2016-12-08 13:44 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-08 09:30 - 2015-07-31 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-07 16:04 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow
2016-12-05 09:57 - 2015-07-31 09:01 - 00000000 ____D C:\ProgramData\IObit
2016-12-05 09:52 - 2011-08-01 13:50 - 00000302 _____ C:\windows\system32\ricdb.ini
2016-12-05 09:47 - 2016-10-14 11:19 - 00524288 ___SH C:\windows\system32\config\components{52e3f6e1-91f7-11e6-866e-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-05 09:47 - 2016-10-14 11:19 - 00065536 ___SH C:\windows\system32\config\components{52e3f6e1-91f7-11e6-866e-028037ec0200}.TM.blf
2016-12-05 09:28 - 2014-03-31 10:20 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\Nvu

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-08-10 08:31 - 2011-08-10 08:35 - 0053342 _____ () C:\Users\Andreas Klocke\AppData\Roaming\QWInstall.log
2014-06-01 15:31 - 2014-06-01 15:32 - 0000347 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Andreas Klocke\AppData\Local\Temp\jre-8u111-windows-au.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-11-25 10:39

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (02-01-2017 10:44:39)
Gestartet von C:\Users\Andreas Klocke\Downloads
Windows 7 Professional Service Pack 1 (X64) (2011-07-28 08:49:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2611109511-3762378734-2693064966-500 - Administrator - Disabled)
Andreas Klocke (S-1-5-21-2611109511-3762378734-2693064966-1001 - Administrator - Enabled) => C:\Users\Andreas Klocke
Gast (S-1-5-21-2611109511-3762378734-2693064966-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2611109511-3762378734-2693064966-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.38.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.38.0 - Alcor Micro Corp.) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.61 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.61 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.100.35469 - Hewlett-Packard Company)
Embedded Security for HP ProtectTools (HKLM\...\{87821717-5688-4AE6-887A-6B11571D0CD7}) (Version: 6.0.100.2572 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.13 - Hewlett-Packard Company)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fotosizer 1.32 (HKLM-x32\...\Fotosizer) (Version: 1.32 - Fotosizer.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{7B4DEBE1-E3E3-45BD-88E6-6C3CA9EEED36}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Client Automation Agent Preload  (HKLM-x32\...\{52B18ABC-AD5F-4C3C-B391-04F57B380449}) (Version: 7.5 - Hewlett-Packard)
HP Connection Manager (HKLM-x32\...\{7A6B4340-7090-418F-8976-EE9650B35550}) (Version: 4.1.22.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{5B059455-4572-4F70-8D91-2097B07215E5}) (Version: 1.1.13.2 - Hewlett-Packard Company)
HP GPS and Location (HKLM-x32\...\{A6B2155C-176A-4F1C-88C0-F5C987322EEB}) (Version: 1.0.27.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{E0824C9B-F196-4667-8CE8-3A0B685B0820}) (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Mobile Broadband Drivers (HKLM-x32\...\{646E8C34-C88B-42F9-9F41-985A801219E1}) (Version: 6.3.5.3 - Ericsson AB)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.03.959 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{72CD20B8-55F3-4B4F-A44F-E381232E84ED}) (Version: 3.0.1.9258 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.21.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Privacy Manager for HP ProtectTools (HKLM\...\{5476AB75-E584-4497-80AF-7F205D8F6F54}) (Version: 6.01.842 - Hewlett-Packard Company)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio MyDVD Business 2010 (HKLM-x32\...\{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}) (Version: 12.1.74.13 - Roxio)
Roxio Secure Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.8.73.2 - Roxio)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.48 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.33 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 6.0.0.33 - Hewlett-Packard Company) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0503311F-8A93-440C-98CC-F5B4C9244C58} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\windows\system32\GWX\GWXUXWorker.exe
Task: {053987B9-3528-4CB6-AB0C-D12CA94CE81B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {10861006-35C2-448E-B494-1D73D9BA27B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {1BAC6A70-B6A8-4881-B094-0DD97CFB43A4} - System32\Tasks\HPCeeScheduleForNOTEBOOK$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {272B286C-38E4-41BC-8E9A-6D585824A19D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {4702C01B-5554-4D86-AE48-7105CB197236} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {494E193A-D252-482D-871B-AD16C1A06F52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2016-12-07] (HP Inc.)
Task: {5551B4E6-8D44-4010-B945-EA88BF040D55} - System32\Tasks\HPCeeScheduleForAndreas Klocke => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {6EE044D3-4411-4C8E-B684-2D5C2A14C1FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {7068AC73-D794-429E-BB4E-D8ADAEA305EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {74B2BA24-EF27-45CE-8952-A87B7884D356} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {7D5290F2-01EB-4158-BC37-D033A712ED12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {9E0D2230-A53B-4D95-AF06-DF44327F2131} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\windows\system32\GWX\GWXConfigManager.exe
Task: {B1F5954E-4058-4BE7-8627-51058F8C6EC3} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {BC46D6E8-57D0-46A1-B659-69E9008ED3BD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {C0883B86-715B-412C-BE72-BADB20FBF5D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {D28589C8-A04C-48CF-9A8D-B0917BD51D66} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\windows\system32\GWX\GWXUXWorker.exe
Task: {EFC5DCD2-D500-4312-A563-D2EB3EA7DFB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-04-01 17:42 - 2011-04-01 17:42 - 00156216 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-02-01 10:39 - 2013-02-01 10:39 - 03401216 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 21:18 - 2010-09-06 21:18 - 01412608 _____ () C:\windows\system32\LIBEAY32.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2013-02-01 10:26 - 2013-02-01 10:26 - 01956864 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcNp64.DLL
2013-02-01 09:39 - 2013-02-01 09:39 - 01323008 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 00200704 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-01-27 03:14 - 2011-01-27 03:14 - 00036408 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Remote.dll
2011-03-04 12:58 - 2011-01-27 02:34 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-01-27 03:13 - 2011-01-27 03:13 - 00080440 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2011-01-27 03:13 - 2011-01-27 03:13 - 00047160 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2013-02-01 10:14 - 2013-02-01 10:14 - 02830336 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 02863104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-01 10:15 - 2013-02-01 10:15 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-01 09:42 - 2013-02-01 09:42 - 02035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-01 09:43 - 2013-02-01 09:43 - 01945600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-02-01 10:12 - 2013-02-01 10:12 - 03092480 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2011-06-18 16:35 - 2010-02-17 19:20 - 00065576 ____R () C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\MBMDebug.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2016-12-14 09:51 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 09:51 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:9FF7C773 [138]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.67.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [{BF5366CA-0ED1-491C-AA39-264717C602C0}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C4E3B9A-525B-4953-BD1F-74BC27003BD4}] => LPort=2869
FirewallRules: [{FC16BA93-364F-4E09-A41E-CDC86A2BE0CB}] => LPort=1900
FirewallRules: [{0B2963DA-9B7E-459C-8530-E0A87ECB9601}] => LPort=2799
FirewallRules: [{4FFF0DD1-792E-4C01-8FB0-E8BC648CC5D3}] => LPort=2799
FirewallRules: [{AF549EE5-55AC-4780-BC54-FA6A519367B7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{88440814-9C50-4B3A-AA93-A1D08AD03245}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A54A37F3-104B-4EC4-9FC2-6AC467C60282}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68FD1D23-05DC-4795-8CB3-F8504EAE7FD7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BFD9CC55-6048-4940-8C0F-D760045AC31D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

15-12-2016 09:42:40 Windows Update
22-12-2016 09:36:43 Installed HP Support Solutions Framework
22-12-2016 09:39:53 Installed HP Support Assistant
22-12-2016 09:44:08 Windows Modules Installer
22-12-2016 09:47:59 Windows Modules Installer
22-12-2016 09:57:25 HPSF Applying updates
22-12-2016 09:57:54 Installiert Alcor Micro Smart Card Reader Driver

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: BlueSoleil Generic Bluetooth Driver
Description: BlueSoleil Generic Bluetooth Driver
Class Guid: {9b21fd3a-b1ab-4eb9-956f-e56acfe78bce}
Manufacturer: IVT Corporation
Service: Btcsrusb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/29/2016 06:33:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm pdf24-Creator.exe, Version 7.8.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1974

Startzeit: 01d261f8be2ede8e

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\PDF24\pdf24-Creator.exe

Berichts-ID: efde22aa-cdec-11e6-9fb6-028037ec0200

Error: (12/20/2016 01:48:32 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: PowerEvent wurde nicht verarbeitet. Aufgetretener Fehler: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Avira.OE.ServiceHost.ServiceHost.OnPowerEvent(Object sender, PowerBroadcastStatusEventArgs e)
   bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHandler`1 eventHandler, Object sender, T eventArgs)
   bei Avira.OE.ServiceHost.WindowsService.OnPowerEvent(PowerBroadcastStatus powerStatus)
   bei System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData)

Error: (12/16/2016 03:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxsrvc.exe, Version: 8.15.10.2963, Zeitstempel: 0x50f70dc5
Name des fehlerhaften Moduls: igfxsrvc.exe, Version: 8.15.10.2963, Zeitstempel: 0x50f70dc5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000347d
ID des fehlerhaften Prozesses: 0x1aa4
Startzeit der fehlerhaften Anwendung: 0x01d2579e774d6d6e
Pfad der fehlerhaften Anwendung: C:\windows\system32\igfxsrvc.exe
Pfad des fehlerhaften Moduls: C:\windows\system32\igfxsrvc.exe
Berichtskennung: 440c91c5-c39a-11e6-a81f-028037ec0200

Error: (12/15/2016 12:51:46 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020

Error: (12/15/2016 12:50:01 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020

Error: (12/15/2016 12:46:13 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Data.Linq, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil . Error code = 0x80070020

Error: (12/15/2016 12:45:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020

Error: (12/15/2016 12:45:12 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Microsoft.Office.BusinessData, Version=14.0.0.0000000, Culture=neutral, PublicKeyToken=71E9BCE111E9429C . Error code = 0x80070020

Error: (12/13/2016 09:12:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (4336) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/12/2016 12:20:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.6.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e20

Startzeit: 01d25469a63a70e8

Endzeit: 0

Anwendungspfad: C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe

Berichts-ID: ece00bb2-c05c-11e6-b99f-028037ec0200


Systemfehler:
=============
Error: (01/02/2017 10:33:45 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (01/02/2017 10:21:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Advanced SystemCare Service 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/30/2016 08:51:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Advanced SystemCare Service 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (12/29/2016 06:44:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{995C996E-D918-4A8C-A302-45719A6F4EA7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/29/2016 06:11:55 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 80.

Error: (12/29/2016 06:11:52 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 80.

Error: (12/29/2016 06:06:54 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 80.

Error: (12/29/2016 06:06:35 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 80.

Error: (12/29/2016 06:01:53 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 80.

Error: (12/29/2016 06:01:19 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 80.


CodeIntegrity:
===================================
  Date: 2017-01-02 10:41:25.665
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 10:29:36.864
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 19:19:24.987
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 19:16:40.713
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 19:03:49.174
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 19:03:47.829
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 19:03:34.483
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 19:03:31.068
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 19:03:25.356
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-30 19:00:32.896
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 74%
Installierter physikalischer RAM: 4030.36 MB
Verfügbarer physikalischer RAM: 1026.38 MB
Summe virtueller Speicher: 8058.9 MB
Verfügbarer virtueller Speicher: 4432.15 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:445.69 GB) (Free:282.35 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_RECOVERY) (Fixed) (Total:14.77 GB) (Free:2.2 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.08 GB) FAT32
Drive g: (Hist. Luftbilder) (CDROM) (Total:1.5 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C288F40A)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         

Alt 02.01.2017, 12:44   #7
M-K-D-B
/// TB-Ausbilder
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Servus,





bitte beachten:
Zitat:
Gestartet von C:\Users\Andreas Klocke\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.







Schritt 1
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 02.01.2017, 15:04   #8
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Code:
ATTFilter
# AdwCleaner v6.041 - Bericht erstellt am 02/01/2017 um 14:15:23
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2017-01-02.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Andreas Klocke - NOTEBOOK
# Gestartet von : C:\Users\Andreas Klocke\Desktop\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

[-] Dienst gelöscht: iFunSoftUpdaterSvc


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Andreas Klocke\AppData\Roaming\iFunSoft
[-] Ordner gelöscht: C:\ProgramData\iFunSoft
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\iFunSoft
[-] Ordner gelöscht: C:\Program Files (x86)\iFunSoft


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2413 Bytes] - [02/01/2017 14:15:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [2522 Bytes] - [22/12/2016 12:31:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [2593 Bytes] - [02/01/2017 14:14:31]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2632 Bytes] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.01.2017
Suchlaufzeit: 14:26
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.01.02.01
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Andreas Klocke

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 312238
Abgelaufene Zeit: 23 Min., 7 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64 
Ran by Andreas Klocke (Administrator) on 02.01.2017 at 14:55:27,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 169 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{081E90E0-8B72-4072-B789-D0B273781C3B} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{099C8E3E-78F2-4991-A51B-0EEE97A06440} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{1FB946BC-CFC7-45CD-9A2B-108357641CE4} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{3E019208-E0B9-49D2-8BC2-801188BC801C} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{5CECDC93-BEB0-4F42-AEFB-6018C5181615} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{65ED1A5F-2A9D-4958-8173-2CC46BCEE6AE} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{71F25EBD-33E7-4949-9AFB-63CCC8E068D4} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{7EB2A96B-A2AF-490C-AD1E-592FFA12AFC6} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{7FEA9EFF-035A-4933-BD02-97F140D6E846} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{82AFD3E7-2E72-4125-870B-B66E270EEA9A} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{A3A0B245-03BE-48B3-AB16-7AA3F8F64634} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{B212C1B4-F743-4863-8457-81F84A330BCE} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{B6EABEE7-BE2D-46D3-B936-0E6ECB10FFB0} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{BEBC6EF2-B51B-4661-90A3-5C493F7BDAC7} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{C5DE7826-6C3C-4A5B-A3BC-B0655D8DC081} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{D0990F18-8DBD-420C-89DE-A0B033CD1FD9} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{DCB50D68-25F9-41D0-B8CF-EFFC7428ABFA} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{E1B745D2-22B0-4BE4-AB02-B56A20B1DA59} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{EEBD6548-F259-49BA-9A47-5785E8CD50F9} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\{F20797A2-1428-445A-9BF6-30804C86BFC8} (Empty Folder)
Successfully deleted: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\extensions\iobitascsurfingprotection@iobit.com (Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\user.js (File) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01H85D4I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1J9H7QN2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SACQSCT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24TR1D6R (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2LQGZYV4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2QD4RB2J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33Z7EWPH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46O4FOPF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4G2IMV18 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SQHMJI8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58S3S021 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\659MGZEU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\741124TW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7V01LNI2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82NSYQCM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88TE84CS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8U4126M9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YUUCAMJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQQ2KIJ6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZ7BQI4W (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8O4165Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQ7NQ6M9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTG6XPBD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CW5V43H3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D5555O51 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DX10QB98 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E6M147FK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EA9LRESM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDWC0RA5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXJL7UV1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJMVZ176 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FT9AJU37 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPZL0QA3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GY0ONRJ1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0OVYLDF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1A86E9M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IENL2VRN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IP39OFUB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6C1Z03G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6DATPDF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSVI81Q9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZRFLV2I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K4HF0ZFK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLIYB2E0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVYXG91N (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M04WZZ6G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MC3JCKAJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MM4E2HRP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3O9M2RB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N7YZ0HBL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OK1L20HX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OKKSJCJ0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZJHU0U2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PCJQ3JJY (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PFB32TZV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQQ894OA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6OCLDVX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2IZHD4S (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RB9IKX8Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RQXSZA38 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9RX1LUR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U0G7O790 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XMC991SX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y093AE6G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3C10UIF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YS9O0POX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWL8CJIG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZDZO97TG (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01H85D4I (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1J9H7QN2 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SACQSCT (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24TR1D6R (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2LQGZYV4 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2QD4RB2J (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33Z7EWPH (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46O4FOPF (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4G2IMV18 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SQHMJI8 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58S3S021 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\659MGZEU (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\741124TW (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7V01LNI2 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\82NSYQCM (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\88TE84CS (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8U4126M9 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YUUCAMJ (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQQ2KIJ6 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZ7BQI4W (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8O4165Z (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQ7NQ6M9 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTG6XPBD (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CW5V43H3 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D5555O51 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DX10QB98 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E6M147FK (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EA9LRESM (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDWC0RA5 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXJL7UV1 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FJMVZ176 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FT9AJU37 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPZL0QA3 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GY0ONRJ1 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0OVYLDF (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1A86E9M (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IENL2VRN (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IP39OFUB (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6C1Z03G (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6DATPDF (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSVI81Q9 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZRFLV2I (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K4HF0ZFK (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLIYB2E0 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVYXG91N (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M04WZZ6G (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MC3JCKAJ (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MM4E2HRP (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3O9M2RB (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N7YZ0HBL (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OK1L20HX (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OKKSJCJ0 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZJHU0U2 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PCJQ3JJY (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PFB32TZV (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PQQ894OA (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6OCLDVX (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2IZHD4S (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RB9IKX8Q (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RQXSZA38 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S9RX1LUR (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U0G7O790 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XMC991SX (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y093AE6G (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3C10UIF (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YS9O0POX (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWL8CJIG (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZDZO97TG (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\SysWOW64\REN9137.tmp (File) 

Deleted the following from C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\prefs.js
user_pref(extensions.iobitascsurfingprotection@iobit.com.install-event-fired, true);
user_pref(extensions.xpiState, {\app-profile\:{\iobitascsurfingprotection@iobit.com\:{\d\:\C:\\\\Users\\\\Andreas Klocke\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.01.2017 at 14:58:03,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (Administrator) auf NOTEBOOK (02-01-2017 15:02:30)
Gestartet von C:\Users\Andreas Klocke\Desktop
Geladene Profile: Andreas Klocke &  (Verfügbare Profile: Andreas Klocke)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-08-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DsMgr] => C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [93240 2011-04-20] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2011-02-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\MountPoints2: {0d7abbcf-99c1-11e0-9ecc-806e6f6e6963} - G:\bin\shelexec.exe index.html
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0d7abbcf-99c1-11e0-9ecc-806e6f6e6963} - G:\bin\shelexec.exe index.html
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{89B4A81F-D2DC-4F62-AC14-4F20103515A1}: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{E2E22EAE-77F5-4A60-87D5-5ED74C889313}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Nvu\Profiles\1p5ijy2s.default [2016-12-12]
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default [2017-01-02]
FF Homepage: Mozilla\Firefox\Profiles\16jk24xp.default -> hxxp://www.google.de/
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-images.xml [2014-11-21]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-maps.xml [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-08-10] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default [2017-01-02]
CHR Extension: (Google Präsentationen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Google-Suche) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (HP Network Check Launcher) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2016-12-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [485712 2011-05-19] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320512 2011-05-09] (Hewlett-Packard) [Datei ist nicht signiert]
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [980320 2011-01-20] (Infineon Technologies AG)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert]
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [203104 2011-01-20] (Infineon Technologies AG)
S3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-10-29] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2016-06-23] (Synaptics Incorporated)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [4819968 2011-06-18] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [586280 2011-03-03] (Ericsson AB)
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 ASPI; C:\windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [148032 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-12] (Avira Operations GmbH & Co. KG)
S3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [42536 2016-06-23] (IVT Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 ecnssndis; C:\windows\System32\Drivers\wwuss64.sys [26664 2014-10-29] (Ericsson AB)
R3 ecnssndisfltr; C:\windows\System32\Drivers\wwussf64.sys [29736 2014-10-29] (Ericsson AB)
R3 h36wgps; C:\windows\System32\DRIVERS\h36wgps64.sys [101416 2011-02-28] (Ericsson AB)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 johci; C:\windows\System32\DRIVERS\johci.sys [26208 2014-10-29] (JMicron Technology Corp.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
R3 Mbm3DevMt; C:\windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
R3 Mbm3mdfl; C:\windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
R3 Mbm3Mdm; C:\windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-10-29] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2596456 2016-06-23] (Sonix Tech. Co., Ltd.)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R3 WirelessKeyboardFilter; C:\windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R3 WwanUsbServ; C:\windows\System32\DRIVERS\WwanUsbMp64.sys [279312 2014-10-29] (Ericsson AB)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-02 14:58 - 2017-01-02 14:58 - 00028270 _____ C:\Users\Andreas Klocke\Desktop\JRT.txt
2017-01-02 14:55 - 2017-01-02 14:55 - 01663040 _____ (Malwarebytes) C:\Users\Andreas Klocke\Desktop\JRT.exe
2017-01-02 14:51 - 2017-01-02 14:51 - 00001207 _____ C:\Users\Andreas Klocke\Desktop\mbam.txt
2017-01-02 10:38 - 2017-01-02 10:38 - 00000000 ____D C:\Users\Andreas Klocke\Downloads\FRST-OlderVersion
2016-12-23 11:00 - 2016-12-23 11:00 - 00048077 _____ C:\Users\Andreas Klocke\.recently-used.xbel
2016-12-22 13:50 - 2016-12-22 13:51 - 00001211 _____ C:\Users\Andreas Klocke\Desktop\mbamlog.txt
2016-12-22 12:35 - 2017-01-02 14:23 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-22 12:34 - 2016-12-22 12:34 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-22 12:34 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-12-22 12:34 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-12-22 12:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-12-22 12:30 - 2017-01-02 14:15 - 00000000 ____D C:\AdwCleaner
2016-12-22 12:30 - 2016-12-22 12:31 - 22851472 _____ (Malwarebytes ) C:\Users\Andreas Klocke\Desktop\mbam-setup-2.2.1.1043.exe
2016-12-22 12:29 - 2016-12-22 12:29 - 03977168 _____ C:\Users\Andreas Klocke\Desktop\AdwCleaner_6.041.exe
2016-12-22 11:58 - 2016-12-22 12:43 - 00464724 _____ C:\TDSSKiller.3.1.0.12_22.12.2016_11.58.11_log.txt
2016-12-22 11:57 - 2016-12-22 11:57 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Andreas Klocke\Desktop\tdsskiller.exe
2016-12-22 11:50 - 2017-01-02 10:46 - 00039817 _____ C:\Users\Andreas Klocke\Desktop\Addition.txt
2016-12-22 11:48 - 2017-01-02 15:02 - 00026223 _____ C:\Users\Andreas Klocke\Desktop\FRST.txt
2016-12-22 11:47 - 2017-01-02 15:02 - 00000000 ____D C:\FRST
2016-12-22 11:47 - 2017-01-02 10:38 - 02418176 _____ (Farbar) C:\Users\Andreas Klocke\Desktop\FRST64.exe
2016-12-22 11:44 - 2016-12-22 11:42 - 00110144 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-64.dll
2016-12-22 11:26 - 2017-01-02 14:17 - 00000504 _____ C:\windows\setupact.log
2016-12-22 11:26 - 2017-01-02 14:16 - 00002234 _____ C:\windows\PFRO.log
2016-12-22 11:26 - 2016-12-22 11:26 - 00000000 _____ C:\windows\setuperr.log
2016-12-22 10:37 - 2016-12-22 10:38 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-22 10:37 - 2016-12-22 10:37 - 00002808 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\Program Files\CCleaner
2016-12-22 10:36 - 2016-12-22 10:37 - 08803648 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Documents\ccsetup525.exe
2016-12-22 10:25 - 2016-12-30 14:05 - 00003240 _____ C:\windows\System32\Tasks\HPCeeScheduleForAndreas Klocke
2016-12-22 10:11 - 2017-01-02 14:40 - 00524288 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 10:11 - 2017-01-02 14:40 - 00065536 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TM.blf
2016-12-22 10:11 - 2016-12-22 11:25 - 00524288 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 10:03 - 2017-01-02 10:21 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job
2016-12-22 10:03 - 2016-12-22 10:03 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\HP_Development_Company,_L
2016-12-22 10:01 - 2016-12-22 10:01 - 00000000 ____D C:\ProgramData\McAfee
2016-12-22 09:59 - 2016-12-22 09:59 - 00000248 _____ C:\windows\hbcikrnl.ini
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\ProgramData\SZCCID
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicroData
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicro
2016-12-22 09:49 - 2016-12-22 09:49 - 00002231 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-12-22 09:49 - 2016-12-22 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-12-22 09:41 - 2016-12-22 09:41 - 00000000 ____D C:\ProgramData\HP Inc
2016-12-22 09:35 - 2016-12-22 09:35 - 04057776 _____ (Oleg N. Scherbakov) C:\Users\Andreas Klocke\Documents\HPSupportSolutionsFramework-12.5.32.203.exe
2016-12-16 15:59 - 2016-12-16 15:59 - 00000000 ____H C:\asc_rdflag
2016-12-16 15:58 - 2017-01-02 14:16 - 05871433 ____H C:\Users\Andreas Klocke\AppData\Local\IconCache.db
2016-12-15 09:41 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-12-15 09:41 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-12-15 09:41 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-12-15 09:41 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-12-15 09:41 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-15 09:41 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-12-15 09:41 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-12-15 09:41 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-12-15 09:41 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-12-15 09:41 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-12-15 09:41 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-12-15 09:41 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-12-15 09:41 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-12-15 09:41 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-12-15 09:41 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-15 09:41 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-12-15 09:41 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-15 09:41 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-12-15 09:41 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-12-15 09:41 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-12-15 09:41 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-12-15 09:41 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-12-15 09:41 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-12-15 09:41 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-12-15 09:41 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-12-15 09:41 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-12-15 09:41 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-12-15 09:41 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-12-15 09:41 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-12-15 09:41 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-12-15 09:41 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-12-15 09:41 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-15 09:41 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-15 09:41 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-12-15 09:41 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-12-15 09:41 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-12-15 09:41 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-15 09:41 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-12-15 09:41 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-12-12 14:57 - 2016-12-12 14:57 - 00773579 _____ C:\Users\Andreas Klocke\Desktop\kps Solingen.pdf
2016-12-12 14:15 - 2016-12-12 14:15 - 06880664 _____ (Tim Kosse) C:\Users\Andreas Klocke\Downloads\FileZilla_3.23.0.2_win64-setup.exe
2016-12-12 12:28 - 2015-12-22 17:47 - 00099052 _____ C:\Users\Andreas Klocke\Desktop\Textbausteine Mietwertgutachten Stand 20140117.xlsx
2016-12-09 09:39 - 2016-12-09 09:39 - 04619752 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Downloads\dfsetup221.exe
2016-12-08 13:44 - 2016-12-08 13:44 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-08 09:48 - 2016-12-08 09:48 - 00000334 _____ C:\windows\Backup.ini
2016-12-08 09:41 - 2016-12-08 09:41 - 17150504 _____ (IObit ) C:\Users\Andreas Klocke\Downloads\driver_booster_setup(4.1.0.389).exe
2016-12-07 16:04 - 2016-12-22 11:46 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow\Mozilla
2016-12-07 15:36 - 2016-12-08 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 09:51 - 2016-12-22 10:04 - 00524288 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-05 09:51 - 2016-12-22 10:04 - 00065536 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TM.blf
2016-12-05 09:51 - 2016-12-05 10:10 - 00524288 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TMContainer00000000000000000002.regtrans-ms
2016-12-05 09:38 - 2016-12-05 09:38 - 01199136 _____ C:\windows\system32\oem137.inf
2016-12-05 09:37 - 2016-12-05 09:37 - 07884536 _____ (Broadcom Corporation) C:\windows\system32\Drivers\BCMWL664.SYS
2016-12-05 09:37 - 2016-12-05 09:37 - 04401152 _____ (Broadcom Corporation) C:\windows\system32\bcmihvsrv64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 03667968 _____ (Broadcom Corporation) C:\windows\system32\bcmihvui64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 00096600 _____ (Broadcom Corporation) C:\windows\system32\bcmwlcoi.dll
2016-12-05 09:31 - 2016-12-05 09:31 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-02 14:57 - 2015-09-10 17:31 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-01-02 14:30 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 14:30 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 14:17 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-30 14:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Tasks
2016-12-30 14:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Tasks
2016-12-23 17:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-12-23 17:03 - 2011-07-28 09:48 - 00003218 _____ C:\windows\System32\Tasks\HPCeeScheduleForNOTEBOOK$
2016-12-23 17:03 - 2011-07-28 09:48 - 00000342 _____ C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job
2016-12-23 13:29 - 2011-08-01 10:19 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2016-12-23 11:00 - 2011-07-28 13:35 - 00000000 ____D C:\Users\Andreas Klocke\.gimp-2.6
2016-12-23 11:00 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke
2016-12-23 10:34 - 2011-03-04 13:01 - 00705108 _____ C:\windows\system32\perfh007.dat
2016-12-23 10:34 - 2011-03-04 13:01 - 00151476 _____ C:\windows\system32\perfc007.dat
2016-12-23 10:34 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-23 10:34 - 2009-07-14 03:36 - 00657964 _____ C:\windows\system32\perfh009.dat
2016-12-23 10:34 - 2009-07-14 03:36 - 00123776 _____ C:\windows\system32\perfc009.dat
2016-12-22 12:35 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\drivers
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-22 11:46 - 2013-09-26 11:25 - 00000000 ____D C:\ProgramData\Oracle
2016-12-22 11:45 - 2011-03-04 12:46 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2016-12-22 11:45 - 2011-03-04 12:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-22 11:44 - 2016-11-25 09:51 - 00000000 __SHD C:\Config.Msi
2016-12-22 11:44 - 2015-10-09 07:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-22 11:44 - 2015-07-10 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-22 11:44 - 2013-05-17 08:46 - 00000000 ____D C:\Program Files\Java
2016-12-22 11:44 - 2011-03-04 12:21 - 00000000 __SHD C:\windows\Installer
2016-12-22 11:43 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-22 11:42 - 2015-07-31 09:45 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-12-22 11:40 - 2016-01-22 09:22 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-22 10:51 - 2015-07-14 13:37 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\CrashDumps
2016-12-22 10:51 - 2011-10-12 13:53 - 00000000 ____D C:\windows\Minidump
2016-12-22 10:47 - 2015-07-31 09:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-22 10:47 - 2011-06-18 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
2016-12-22 10:37 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\Documents
2016-12-22 10:37 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files
2016-12-22 10:35 - 2015-02-25 17:15 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\ElevatedDiagnostics
2016-12-22 10:34 - 2011-08-14 13:02 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\Diagnostics
2016-12-22 10:06 - 2009-07-14 05:45 - 00471400 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-22 10:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\catroot
2016-12-22 10:02 - 2011-03-04 12:20 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-22 10:02 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2016-12-22 10:02 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\DriverStore
2016-12-22 10:01 - 2011-03-04 12:27 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll
2016-12-22 10:01 - 2009-07-14 04:20 - 00000000 __RSD C:\windows\assembly
2016-12-22 10:00 - 2011-03-04 12:26 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-22 09:59 - 2011-03-04 12:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\catroot2
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default\AppData\Roaming
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\winsxs
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2016-12-22 09:40 - 2014-06-01 15:16 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-22 09:40 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\hpqLog
2016-12-22 09:38 - 2011-07-28 09:53 - 00130248 _____ C:\Users\Andreas Klocke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-22 09:37 - 2009-07-14 04:20 - 00000000 __RSD C:\windows\Fonts
2016-12-17 14:56 - 2011-08-01 11:36 - 00003542 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:56 - 2011-08-01 11:36 - 00003414 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag
2016-12-16 15:59 - 2016-10-04 08:02 - 00622592 _____ C:\windows\system32\config\DEFAULT.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00069632 _____ C:\windows\system32\config\SAM.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00028672 _____ C:\windows\system32\config\SECURITY.iodefrag.bak
2016-12-16 15:59 - 2009-07-27 16:04 - 00000000 __SHD C:\boot
2016-12-16 15:58 - 2009-07-14 05:45 - 00000000 ____D C:\windows\debug
2016-12-15 18:25 - 2011-08-05 11:54 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\gtk-2.0
2016-12-15 12:57 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Microsoft.NET
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\en-US
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\de-DE
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\en-US
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Drivers\UMDF
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\de-DE
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-15 10:01 - 2011-07-28 10:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-15 09:59 - 2013-08-12 09:56 - 00000000 ____D C:\windows\system32\MRT
2016-12-15 09:54 - 2011-07-28 10:37 - 135632432 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-12-15 09:51 - 2011-03-04 12:25 - 01607460 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-12-14 13:23 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-14 13:21 - 2016-10-11 11:01 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-12-14 12:27 - 2016-11-23 15:11 - 00013971 _____ C:\Users\Andreas Klocke\Desktop\Fahrten.xlsx
2016-12-14 09:51 - 2015-03-13 10:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 13:57 - 2015-09-10 17:31 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 13:57 - 2015-09-10 17:31 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 13:57 - 2015-09-10 17:31 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 13:57 - 2011-11-15 09:43 - 00000000 ____D C:\windows\system32\Macromed
2016-12-13 13:57 - 2011-03-04 12:58 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-12-13 09:15 - 2011-06-18 16:26 - 00000000 ____D C:\windows\SoftwareDistribution
2016-12-12 14:16 - 2014-03-31 10:06 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\FileZilla
2016-12-12 12:32 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-09 09:42 - 2013-05-12 19:19 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-12-09 09:42 - 2013-05-12 19:19 - 00000000 ____D C:\Program Files\Defraggler
2016-12-08 13:44 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-08 09:30 - 2015-07-31 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-07 16:04 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow
2016-12-05 09:57 - 2015-07-31 09:01 - 00000000 ____D C:\ProgramData\IObit
2016-12-05 09:52 - 2011-08-01 13:50 - 00000302 _____ C:\windows\system32\ricdb.ini
2016-12-05 09:47 - 2016-10-14 11:19 - 00524288 ___SH C:\windows\system32\config\components{52e3f6e1-91f7-11e6-866e-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-05 09:47 - 2016-10-14 11:19 - 00065536 ___SH C:\windows\system32\config\components{52e3f6e1-91f7-11e6-866e-028037ec0200}.TM.blf
2016-12-05 09:28 - 2014-03-31 10:20 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\Nvu

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-08-10 08:31 - 2011-08-10 08:35 - 0053342 _____ () C:\Users\Andreas Klocke\AppData\Roaming\QWInstall.log
2014-06-01 15:31 - 2014-06-01 15:32 - 0000347 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Andreas Klocke\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Andreas Klocke\AppData\Local\Temp\libeay32.dll
C:\Users\Andreas Klocke\AppData\Local\Temp\msvcr120.dll
C:\Users\Andreas Klocke\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-11-25 10:39

==================== Ende von FRST.txt ============================
         

Alt 02.01.2017, 15:05   #9
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (02-01-2017 15:03:21)
Gestartet von C:\Users\Andreas Klocke\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-07-28 08:49:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2611109511-3762378734-2693064966-500 - Administrator - Disabled)
Andreas Klocke (S-1-5-21-2611109511-3762378734-2693064966-1001 - Administrator - Enabled) => C:\Users\Andreas Klocke
Gast (S-1-5-21-2611109511-3762378734-2693064966-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2611109511-3762378734-2693064966-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.38.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.38.0 - Alcor Micro Corp.) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.61 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.61 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.100.35469 - Hewlett-Packard Company)
Embedded Security for HP ProtectTools (HKLM\...\{87821717-5688-4AE6-887A-6B11571D0CD7}) (Version: 6.0.100.2572 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.13 - Hewlett-Packard Company)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fotosizer 1.32 (HKLM-x32\...\Fotosizer) (Version: 1.32 - Fotosizer.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{7B4DEBE1-E3E3-45BD-88E6-6C3CA9EEED36}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Client Automation Agent Preload  (HKLM-x32\...\{52B18ABC-AD5F-4C3C-B391-04F57B380449}) (Version: 7.5 - Hewlett-Packard)
HP Connection Manager (HKLM-x32\...\{7A6B4340-7090-418F-8976-EE9650B35550}) (Version: 4.1.22.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{5B059455-4572-4F70-8D91-2097B07215E5}) (Version: 1.1.13.2 - Hewlett-Packard Company)
HP GPS and Location (HKLM-x32\...\{A6B2155C-176A-4F1C-88C0-F5C987322EEB}) (Version: 1.0.27.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{E0824C9B-F196-4667-8CE8-3A0B685B0820}) (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Mobile Broadband Drivers (HKLM-x32\...\{646E8C34-C88B-42F9-9F41-985A801219E1}) (Version: 6.3.5.3 - Ericsson AB)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.03.959 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{72CD20B8-55F3-4B4F-A44F-E381232E84ED}) (Version: 3.0.1.9258 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.21.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Privacy Manager for HP ProtectTools (HKLM\...\{5476AB75-E584-4497-80AF-7F205D8F6F54}) (Version: 6.01.842 - Hewlett-Packard Company)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio MyDVD Business 2010 (HKLM-x32\...\{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}) (Version: 12.1.74.13 - Roxio)
Roxio Secure Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.8.73.2 - Roxio)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.48 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.33 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 6.0.0.33 - Hewlett-Packard Company) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0503311F-8A93-440C-98CC-F5B4C9244C58} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\windows\system32\GWX\GWXUXWorker.exe
Task: {053987B9-3528-4CB6-AB0C-D12CA94CE81B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {10861006-35C2-448E-B494-1D73D9BA27B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {1BAC6A70-B6A8-4881-B094-0DD97CFB43A4} - System32\Tasks\HPCeeScheduleForNOTEBOOK$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {272B286C-38E4-41BC-8E9A-6D585824A19D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {4702C01B-5554-4D86-AE48-7105CB197236} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {494E193A-D252-482D-871B-AD16C1A06F52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2016-12-07] (HP Inc.)
Task: {5551B4E6-8D44-4010-B945-EA88BF040D55} - System32\Tasks\HPCeeScheduleForAndreas Klocke => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {6EE044D3-4411-4C8E-B684-2D5C2A14C1FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {7068AC73-D794-429E-BB4E-D8ADAEA305EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {74B2BA24-EF27-45CE-8952-A87B7884D356} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {7D5290F2-01EB-4158-BC37-D033A712ED12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {9E0D2230-A53B-4D95-AF06-DF44327F2131} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\windows\system32\GWX\GWXConfigManager.exe
Task: {B1F5954E-4058-4BE7-8627-51058F8C6EC3} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {BC46D6E8-57D0-46A1-B659-69E9008ED3BD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {C0883B86-715B-412C-BE72-BADB20FBF5D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {D28589C8-A04C-48CF-9A8D-B0917BD51D66} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\windows\system32\GWX\GWXUXWorker.exe
Task: {EFC5DCD2-D500-4312-A563-D2EB3EA7DFB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-04-01 17:42 - 2011-04-01 17:42 - 00156216 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-02-01 10:39 - 2013-02-01 10:39 - 03401216 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 21:18 - 2010-09-06 21:18 - 01412608 _____ () C:\windows\system32\LIBEAY32.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2013-02-01 10:26 - 2013-02-01 10:26 - 01956864 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcNp64.DLL
2013-02-01 09:39 - 2013-02-01 09:39 - 01323008 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-01-27 03:14 - 2011-01-27 03:14 - 00036408 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Remote.dll
2011-03-04 12:58 - 2011-01-27 02:34 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-02-01 10:14 - 2013-02-01 10:14 - 02830336 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 02863104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-01 10:15 - 2013-02-01 10:15 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-01 09:42 - 2013-02-01 09:42 - 02035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-01 09:43 - 2013-02-01 09:43 - 01945600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-02-01 10:12 - 2013-02-01 10:12 - 03092480 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2011-06-18 16:35 - 2010-02-17 19:20 - 00065576 ____R () C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\MBMDebug.dll
2016-12-14 09:51 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 09:51 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:9FF7C773 [138]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.67.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [{BF5366CA-0ED1-491C-AA39-264717C602C0}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C4E3B9A-525B-4953-BD1F-74BC27003BD4}] => LPort=2869
FirewallRules: [{FC16BA93-364F-4E09-A41E-CDC86A2BE0CB}] => LPort=1900
FirewallRules: [{0B2963DA-9B7E-459C-8530-E0A87ECB9601}] => LPort=2799
FirewallRules: [{4FFF0DD1-792E-4C01-8FB0-E8BC648CC5D3}] => LPort=2799
FirewallRules: [{AF549EE5-55AC-4780-BC54-FA6A519367B7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{88440814-9C50-4B3A-AA93-A1D08AD03245}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A54A37F3-104B-4EC4-9FC2-6AC467C60282}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68FD1D23-05DC-4795-8CB3-F8504EAE7FD7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BFD9CC55-6048-4940-8C0F-D760045AC31D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

15-12-2016 09:42:40 Windows Update
22-12-2016 09:36:43 Installed HP Support Solutions Framework
22-12-2016 09:39:53 Installed HP Support Assistant
22-12-2016 09:44:08 Windows Modules Installer
22-12-2016 09:47:59 Windows Modules Installer
22-12-2016 09:57:25 HPSF Applying updates
22-12-2016 09:57:54 Installiert Alcor Micro Smart Card Reader Driver
02-01-2017 14:55:30 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: BlueSoleil Generic Bluetooth Driver
Description: BlueSoleil Generic Bluetooth Driver
Class Guid: {9b21fd3a-b1ab-4eb9-956f-e56acfe78bce}
Manufacturer: IVT Corporation
Service: Btcsrusb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/29/2016 06:33:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm pdf24-Creator.exe, Version 7.8.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1974

Startzeit: 01d261f8be2ede8e

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\PDF24\pdf24-Creator.exe

Berichts-ID: efde22aa-cdec-11e6-9fb6-028037ec0200

Error: (12/20/2016 01:48:32 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: PowerEvent wurde nicht verarbeitet. Aufgetretener Fehler: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Avira.OE.ServiceHost.ServiceHost.OnPowerEvent(Object sender, PowerBroadcastStatusEventArgs e)
   bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHandler`1 eventHandler, Object sender, T eventArgs)
   bei Avira.OE.ServiceHost.WindowsService.OnPowerEvent(PowerBroadcastStatus powerStatus)
   bei System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData)

Error: (12/16/2016 03:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxsrvc.exe, Version: 8.15.10.2963, Zeitstempel: 0x50f70dc5
Name des fehlerhaften Moduls: igfxsrvc.exe, Version: 8.15.10.2963, Zeitstempel: 0x50f70dc5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000347d
ID des fehlerhaften Prozesses: 0x1aa4
Startzeit der fehlerhaften Anwendung: 0x01d2579e774d6d6e
Pfad der fehlerhaften Anwendung: C:\windows\system32\igfxsrvc.exe
Pfad des fehlerhaften Moduls: C:\windows\system32\igfxsrvc.exe
Berichtskennung: 440c91c5-c39a-11e6-a81f-028037ec0200

Error: (12/15/2016 12:51:46 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020

Error: (12/15/2016 12:50:01 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil . Error code = 0x80070020

Error: (12/15/2016 12:46:13 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Data.Linq, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil . Error code = 0x80070020

Error: (12/15/2016 12:45:22 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020

Error: (12/15/2016 12:45:12 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Microsoft.Office.BusinessData, Version=14.0.0.0000000, Culture=neutral, PublicKeyToken=71E9BCE111E9429C . Error code = 0x80070020

Error: (12/13/2016 09:12:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (4336) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/12/2016 12:20:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.6.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e20

Startzeit: 01d25469a63a70e8

Endzeit: 0

Anwendungspfad: C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe

Berichts-ID: ece00bb2-c05c-11e6-b99f-028037ec0200


Systemfehler:
=============
Error: (01/02/2017 02:17:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Advanced SystemCare Service 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (01/02/2017 02:16:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (01/02/2017 02:16:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (01/02/2017 02:16:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (01/02/2017 02:15:21 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (01/02/2017 02:14:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/02/2017 02:14:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/02/2017 02:14:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/02/2017 02:14:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Power Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/02/2017 02:14:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-01-02 15:02:27.989
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 14:55:21.673
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 14:54:59.077
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 14:26:21.131
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 14:14:42.651
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 14:00:05.626
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 13:06:38.093
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 12:44:31.181
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 12:43:39.825
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 12:43:38.724
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 4030.36 MB
Verfügbarer physikalischer RAM: 2028.56 MB
Summe virtueller Speicher: 8058.9 MB
Verfügbarer virtueller Speicher: 5498.87 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:445.69 GB) (Free:282.12 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_RECOVERY) (Fixed) (Total:14.77 GB) (Free:2.2 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.08 GB) FAT32
Drive g: (Hist. Luftbilder) (CDROM) (Total:1.5 GB) (Free:0 GB) CDFS
Drive y: () (Network) (Total:912.45 GB) (Free:838.96 GB) 

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C288F40A)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         

Alt 02.01.2017, 17:15   #10
M-K-D-B
/// TB-Ausbilder
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
C:\Program Files (x86)\IObit\Advanced SystemCare
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 02.01.2017, 18:08   #11
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (02-01-2017 17:55:49) Run:1
Gestartet von C:\Users\Andreas Klocke\Desktop
Geladene Profile: Andreas Klocke (Verfügbare Profile: Andreas Klocke)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
C:\Program Files (x86)\IObit\Advanced SystemCare
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\AdvancedSystemCareService9 => Schlüssel erfolgreich entfernt
AdvancedSystemCareService9 => Dienst erfolgreich entfernt
"C:\Program Files (x86)\IObit\Advanced SystemCare" => nicht gefunden.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29965774 B
Java, Flash, Steam htmlcache => 639 B
Windows/system/drivers => 2723690 B
Edge => 0 B
Chrome => 465455771 B
Firefox => 82924114 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83754 B
systemprofile32 => 66088 B
LocalService => 82612 B
NetworkService => 66228 B
Andreas Klocke => 97917594 B

RecycleBin => 118997667 B
EmptyTemp: => 761.4 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:56:46 ====
         

Alt 02.01.2017, 20:21   #12
M-K-D-B
/// TB-Ausbilder
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Servus,

gut gemacht.

Fehlen noch die anderen Schritte.
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 03.01.2017, 12:25   #13
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Moin,
Eset hat noch 3 Bedrohungen gefunden.
C:\backup\Allgemein\Bürotechnik\Software\wz180gev-64.msi Variante von Win32/Systweak.L evtl. unerwünschte Anwendung
C:\Users\Andreas Klocke\AppData\Roaming\Wondershare\MobileGo\TempRoot\TempRoot.zip Mehrere Bedrohungen
C:\Users\Andreas Klocke\Downloads\CHIP Windows 10 Zwangs Update Stopper - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung

Hier die Log
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3e14d518c6f0184c9f2429a4d958d3a9
# end=init
# utc_time=2017-01-02 05:09:58
# local_time=2017-01-02 06:09:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31932
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3e14d518c6f0184c9f2429a4d958d3a9
# end=updated
# utc_time=2017-01-02 05:12:46
# local_time=2017-01-02 06:12:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3e14d518c6f0184c9f2429a4d958d3a9
# engine=31932
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-03 09:36:44
# local_time=2017-01-03 10:36:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 97 68516 76122570 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 90046442 235066054 0 0
# scanned=282106
# found=3
# cleaned=0
# scan_time=59037
sh=E69BCACB130F2390E51DD5171D7C671DCBC75F59 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\backup\Allgemein\Bürotechnik\Software\wz180gev-64.msi"
sh=6131B1CF07082488B3DC646EC9A97DAEAB93D9C1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Andreas Klocke\AppData\Roaming\Wondershare\MobileGo\TempRoot\TempRoot.zip"
sh=726268016E18B9992CF361C536910414E8A62FB9 ft=1 fh=2c77049b267f9e4a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas Klocke\Downloads\CHIP Windows 10 Zwangs Update Stopper - CHIP-Installer.exe"
         
Code:
ATTFilter
HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : NOTEBOOK
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Notebook\Andreas Klocke
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-01-03 11:03:51
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 8m 50s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 3

   Objects scanned . . . : 2.304.767
   Files scanned . . . . : 24.121
   Remnants scanned  . . : 364.526 files / 1.916.120 keys

Malware _____________________________________________________________________

   C:\Users\Andreas Klocke\Downloads\CHIP Windows 10 Zwangs Update Stopper - CHIP-Installer.exe
      Size . . . . . . . : 1.457.952 bytes
      Age  . . . . . . . : 446.9 days (2015-10-14 12:45:14)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : C04E77B7E69C0087FF98446A5467E4A2879A8138C1C018AA8F79ADA0134CD19F
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pi
      Fuzzy  . . . . . . : 103.0


Suspicious files ____________________________________________________________

   C:\Users\Andreas Klocke\Desktop\FRST64.exe
      Size . . . . . . . : 2.418.176 bytes
      Age  . . . . . . . : 12.0 days (2016-12-22 11:47:28)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 7B1EAFF262CB947F39609AA61124E60FD28DCD3CCD592DA5826588D3ECDA1E8F
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Andreas Klocke\Downloads\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\Andreas Klocke\Desktop\FRST64.exe
          1.0s C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata

   C:\Users\Andreas Klocke\Downloads\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.420.736 bytes
      Age  . . . . . . . : 12.0 days (2016-12-22 11:47:28)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E58ADE7FA354A1F256B4608AFD698C379E33FF23D5F62C95BDFC33995C230745
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Andreas Klocke\Downloads\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\Andreas Klocke\Desktop\FRST64.exe
          1.0s C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (Administrator) auf NOTEBOOK (03-01-2017 11:27:39)
Gestartet von C:\Users\Andreas Klocke\Desktop
Geladene Profile: Andreas Klocke &  (Verfügbare Profile: Andreas Klocke)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-08-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DsMgr] => C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [93240 2011-04-20] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2011-02-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\MountPoints2: {0d7abbcf-99c1-11e0-9ecc-806e6f6e6963} - G:\bin\shelexec.exe index.html
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0d7abbcf-99c1-11e0-9ecc-806e6f6e6963} - G:\bin\shelexec.exe index.html
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{89B4A81F-D2DC-4F62-AC14-4F20103515A1}: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{E2E22EAE-77F5-4A60-87D5-5ED74C889313}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Nvu\Profiles\1p5ijy2s.default [2016-12-12]
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default [2017-01-02]
FF Homepage: Mozilla\Firefox\Profiles\16jk24xp.default -> hxxp://www.google.de/
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-images.xml [2014-11-21]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-maps.xml [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-08-10] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default [2017-01-03]
CHR Extension: (Google Präsentationen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Google-Suche) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (HP Network Check Launcher) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2016-12-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [485712 2011-05-19] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320512 2011-05-09] (Hewlett-Packard) [Datei ist nicht signiert]
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [980320 2011-01-20] (Infineon Technologies AG)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert]
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [203104 2011-01-20] (Infineon Technologies AG)
S3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-10-29] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2016-06-23] (Synaptics Incorporated)
S2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [4819968 2011-06-18] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [586280 2011-03-03] (Ericsson AB)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 ASPI; C:\windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [148032 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-12] (Avira Operations GmbH & Co. KG)
S3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [42536 2016-06-23] (IVT Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 ecnssndis; C:\windows\System32\Drivers\wwuss64.sys [26664 2014-10-29] (Ericsson AB)
R3 ecnssndisfltr; C:\windows\System32\Drivers\wwussf64.sys [29736 2014-10-29] (Ericsson AB)
R3 h36wgps; C:\windows\System32\DRIVERS\h36wgps64.sys [101416 2011-02-28] (Ericsson AB)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 johci; C:\windows\System32\DRIVERS\johci.sys [26208 2014-10-29] (JMicron Technology Corp.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-01-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
R3 Mbm3DevMt; C:\windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
R3 Mbm3mdfl; C:\windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
R3 Mbm3Mdm; C:\windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-10-29] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2596456 2016-06-23] (Sonix Tech. Co., Ltd.)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R3 WirelessKeyboardFilter; C:\windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R3 WwanUsbServ; C:\windows\System32\DRIVERS\WwanUsbMp64.sys [279312 2014-10-29] (Ericsson AB)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-03 11:02 - 2017-01-03 11:26 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-03 11:02 - 2017-01-03 11:02 - 11581544 _____ (SurfRight B.V.) C:\Users\Andreas Klocke\Desktop\HitmanPro_x64.exe
2017-01-03 10:58 - 2017-01-03 10:58 - 00000764 _____ C:\Users\Andreas Klocke\Desktop\eset.txt
2017-01-02 18:09 - 2017-01-02 18:09 - 02870984 _____ (ESET) C:\Users\Andreas Klocke\Desktop\esetsmartinstaller_deu.exe
2017-01-02 18:09 - 2017-01-02 18:09 - 00000000 ____D C:\Program Files (x86)\ESET
2017-01-02 17:55 - 2017-01-02 17:56 - 00002854 _____ C:\Users\Andreas Klocke\Desktop\Fixlog.txt
2017-01-02 15:14 - 2017-01-02 15:14 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\ProductData
2017-01-02 14:58 - 2017-01-02 14:58 - 00028270 _____ C:\Users\Andreas Klocke\Desktop\JRT.txt
2017-01-02 14:55 - 2017-01-02 14:55 - 01663040 _____ (Malwarebytes) C:\Users\Andreas Klocke\Desktop\JRT.exe
2017-01-02 14:51 - 2017-01-02 14:51 - 00001207 _____ C:\Users\Andreas Klocke\Desktop\mbam.txt
2017-01-02 10:38 - 2017-01-02 10:38 - 00000000 ____D C:\Users\Andreas Klocke\Downloads\FRST-OlderVersion
2016-12-23 11:00 - 2016-12-23 11:00 - 00048077 _____ C:\Users\Andreas Klocke\.recently-used.xbel
2016-12-22 13:50 - 2016-12-22 13:51 - 00001211 _____ C:\Users\Andreas Klocke\Desktop\mbamlog.txt
2016-12-22 12:35 - 2017-01-03 11:24 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-22 12:34 - 2016-12-22 12:34 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-22 12:34 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-12-22 12:34 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-12-22 12:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-12-22 12:30 - 2017-01-02 14:15 - 00000000 ____D C:\AdwCleaner
2016-12-22 12:30 - 2016-12-22 12:31 - 22851472 _____ (Malwarebytes ) C:\Users\Andreas Klocke\Desktop\mbam-setup-2.2.1.1043.exe
2016-12-22 12:29 - 2016-12-22 12:29 - 03977168 _____ C:\Users\Andreas Klocke\Desktop\AdwCleaner_6.041.exe
2016-12-22 11:58 - 2016-12-22 12:43 - 00464724 _____ C:\TDSSKiller.3.1.0.12_22.12.2016_11.58.11_log.txt
2016-12-22 11:57 - 2016-12-22 11:57 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Andreas Klocke\Desktop\tdsskiller.exe
2016-12-22 11:50 - 2017-01-02 15:04 - 00043158 _____ C:\Users\Andreas Klocke\Desktop\Addition.txt
2016-12-22 11:48 - 2017-01-03 11:27 - 00027417 _____ C:\Users\Andreas Klocke\Desktop\FRST.txt
2016-12-22 11:47 - 2017-01-03 11:27 - 00000000 ____D C:\FRST
2016-12-22 11:47 - 2017-01-02 10:38 - 02418176 _____ (Farbar) C:\Users\Andreas Klocke\Desktop\FRST64.exe
2016-12-22 11:44 - 2016-12-22 11:42 - 00110144 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-64.dll
2016-12-22 11:26 - 2017-01-02 17:58 - 00000672 _____ C:\windows\setupact.log
2016-12-22 11:26 - 2017-01-02 14:16 - 00002234 _____ C:\windows\PFRO.log
2016-12-22 11:26 - 2016-12-22 11:26 - 00000000 _____ C:\windows\setuperr.log
2016-12-22 10:37 - 2016-12-22 10:38 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-22 10:37 - 2016-12-22 10:37 - 00002808 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\Program Files\CCleaner
2016-12-22 10:36 - 2016-12-22 10:37 - 08803648 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Documents\ccsetup525.exe
2016-12-22 10:25 - 2016-12-30 14:05 - 00003240 _____ C:\windows\System32\Tasks\HPCeeScheduleForAndreas Klocke
2016-12-22 10:11 - 2017-01-03 09:22 - 00524288 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 10:11 - 2017-01-03 09:22 - 00065536 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TM.blf
2016-12-22 10:11 - 2016-12-22 11:25 - 00524288 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 10:03 - 2017-01-02 10:21 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job
2016-12-22 10:03 - 2016-12-22 10:03 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\HP_Development_Company,_L
2016-12-22 10:01 - 2016-12-22 10:01 - 00000000 ____D C:\ProgramData\McAfee
2016-12-22 09:59 - 2016-12-22 09:59 - 00000248 _____ C:\windows\hbcikrnl.ini
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\ProgramData\SZCCID
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicroData
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicro
2016-12-22 09:49 - 2016-12-22 09:49 - 00002231 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-12-22 09:49 - 2016-12-22 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-12-22 09:41 - 2016-12-22 09:41 - 00000000 ____D C:\ProgramData\HP Inc
2016-12-22 09:35 - 2016-12-22 09:35 - 04057776 _____ (Oleg N. Scherbakov) C:\Users\Andreas Klocke\Documents\HPSupportSolutionsFramework-12.5.32.203.exe
2016-12-16 15:59 - 2016-12-16 15:59 - 00000000 ____H C:\asc_rdflag
2016-12-15 09:41 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-12-15 09:41 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-12-15 09:41 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-12-15 09:41 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-12-15 09:41 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-15 09:41 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-12-15 09:41 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-12-15 09:41 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-12-15 09:41 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-12-15 09:41 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-12-15 09:41 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-12-15 09:41 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-12-15 09:41 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-12-15 09:41 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-12-15 09:41 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-15 09:41 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-12-15 09:41 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-15 09:41 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-12-15 09:41 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-12-15 09:41 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-12-15 09:41 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-12-15 09:41 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-12-15 09:41 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-12-15 09:41 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-12-15 09:41 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-12-15 09:41 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-12-15 09:41 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-12-15 09:41 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-12-15 09:41 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-12-15 09:41 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-12-15 09:41 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-12-15 09:41 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-15 09:41 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-15 09:41 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-12-15 09:41 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-12-15 09:41 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-12-15 09:41 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-15 09:41 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-12-15 09:41 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-12-12 14:57 - 2016-12-12 14:57 - 00773579 _____ C:\Users\Andreas Klocke\Desktop\kps Solingen.pdf
2016-12-12 14:15 - 2016-12-12 14:15 - 06880664 _____ (Tim Kosse) C:\Users\Andreas Klocke\Downloads\FileZilla_3.23.0.2_win64-setup.exe
2016-12-12 12:28 - 2015-12-22 17:47 - 00099052 _____ C:\Users\Andreas Klocke\Desktop\Textbausteine Mietwertgutachten Stand 20140117.xlsx
2016-12-09 09:39 - 2016-12-09 09:39 - 04619752 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Downloads\dfsetup221.exe
2016-12-08 13:44 - 2016-12-08 13:44 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-08 09:48 - 2016-12-08 09:48 - 00000334 _____ C:\windows\Backup.ini
2016-12-08 09:41 - 2016-12-08 09:41 - 17150504 _____ (IObit ) C:\Users\Andreas Klocke\Downloads\driver_booster_setup(4.1.0.389).exe
2016-12-07 16:04 - 2016-12-22 11:46 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow\Mozilla
2016-12-07 15:36 - 2016-12-08 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 09:51 - 2016-12-22 10:04 - 00524288 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-05 09:51 - 2016-12-22 10:04 - 00065536 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TM.blf
2016-12-05 09:51 - 2016-12-05 10:10 - 00524288 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TMContainer00000000000000000002.regtrans-ms
2016-12-05 09:38 - 2016-12-05 09:38 - 01199136 _____ C:\windows\system32\oem137.inf
2016-12-05 09:37 - 2016-12-05 09:37 - 07884536 _____ (Broadcom Corporation) C:\windows\system32\Drivers\BCMWL664.SYS
2016-12-05 09:37 - 2016-12-05 09:37 - 04401152 _____ (Broadcom Corporation) C:\windows\system32\bcmihvsrv64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 03667968 _____ (Broadcom Corporation) C:\windows\system32\bcmihvui64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 00096600 _____ (Broadcom Corporation) C:\windows\system32\bcmwlcoi.dll
2016-12-05 09:31 - 2016-12-05 09:31 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-03 10:57 - 2015-09-10 17:31 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-01-02 18:11 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 18:11 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 17:58 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-01-02 17:56 - 2014-08-27 08:37 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow\Temp
2016-12-30 14:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Tasks
2016-12-30 14:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Tasks
2016-12-23 17:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-12-23 17:03 - 2011-07-28 09:48 - 00003218 _____ C:\windows\System32\Tasks\HPCeeScheduleForNOTEBOOK$
2016-12-23 17:03 - 2011-07-28 09:48 - 00000342 _____ C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job
2016-12-23 13:29 - 2011-08-01 10:19 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2016-12-23 11:00 - 2011-07-28 13:35 - 00000000 ____D C:\Users\Andreas Klocke\.gimp-2.6
2016-12-23 11:00 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke
2016-12-23 10:34 - 2011-03-04 13:01 - 00705108 _____ C:\windows\system32\perfh007.dat
2016-12-23 10:34 - 2011-03-04 13:01 - 00151476 _____ C:\windows\system32\perfc007.dat
2016-12-23 10:34 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-23 10:34 - 2009-07-14 03:36 - 00657964 _____ C:\windows\system32\perfh009.dat
2016-12-23 10:34 - 2009-07-14 03:36 - 00123776 _____ C:\windows\system32\perfc009.dat
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-22 11:46 - 2013-09-26 11:25 - 00000000 ____D C:\ProgramData\Oracle
2016-12-22 11:45 - 2011-03-04 12:46 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2016-12-22 11:45 - 2011-03-04 12:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-22 11:44 - 2016-11-25 09:51 - 00000000 __SHD C:\Config.Msi
2016-12-22 11:44 - 2015-10-09 07:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-22 11:44 - 2015-07-10 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-22 11:44 - 2013-05-17 08:46 - 00000000 ____D C:\Program Files\Java
2016-12-22 11:44 - 2011-03-04 12:21 - 00000000 __SHD C:\windows\Installer
2016-12-22 11:43 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-22 11:42 - 2015-07-31 09:45 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-12-22 11:40 - 2016-01-22 09:22 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-22 10:51 - 2015-07-14 13:37 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\CrashDumps
2016-12-22 10:51 - 2011-10-12 13:53 - 00000000 ____D C:\windows\Minidump
2016-12-22 10:47 - 2015-07-31 09:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-22 10:47 - 2011-06-18 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
2016-12-22 10:37 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\Documents
2016-12-22 10:37 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files
2016-12-22 10:35 - 2015-02-25 17:15 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\ElevatedDiagnostics
2016-12-22 10:34 - 2011-08-14 13:02 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\Diagnostics
2016-12-22 10:06 - 2009-07-14 05:45 - 00471400 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-22 10:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\catroot
2016-12-22 10:02 - 2011-03-04 12:20 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-22 10:02 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2016-12-22 10:02 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\DriverStore
2016-12-22 10:01 - 2011-03-04 12:27 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll
2016-12-22 10:01 - 2009-07-14 04:20 - 00000000 __RSD C:\windows\assembly
2016-12-22 10:00 - 2011-03-04 12:26 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-22 09:59 - 2011-03-04 12:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\catroot2
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default\AppData\Roaming
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\winsxs
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2016-12-22 09:40 - 2014-06-01 15:16 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-22 09:40 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\hpqLog
2016-12-22 09:38 - 2011-07-28 09:53 - 00130248 _____ C:\Users\Andreas Klocke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-22 09:37 - 2009-07-14 04:20 - 00000000 __RSD C:\windows\Fonts
2016-12-17 14:56 - 2011-08-01 11:36 - 00003542 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:56 - 2011-08-01 11:36 - 00003414 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag
2016-12-16 15:59 - 2016-10-04 08:02 - 00622592 _____ C:\windows\system32\config\DEFAULT.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00069632 _____ C:\windows\system32\config\SAM.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00028672 _____ C:\windows\system32\config\SECURITY.iodefrag.bak
2016-12-16 15:59 - 2009-07-27 16:04 - 00000000 __SHD C:\boot
2016-12-16 15:58 - 2009-07-14 05:45 - 00000000 ____D C:\windows\debug
2016-12-15 18:25 - 2011-08-05 11:54 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\gtk-2.0
2016-12-15 12:57 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Microsoft.NET
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\en-US
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\de-DE
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\en-US
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Drivers\UMDF
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\de-DE
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-15 10:01 - 2011-07-28 10:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-15 09:59 - 2013-08-12 09:56 - 00000000 ____D C:\windows\system32\MRT
2016-12-15 09:54 - 2011-07-28 10:37 - 135632432 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-12-15 09:51 - 2011-03-04 12:25 - 01607460 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-12-14 13:23 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-14 13:21 - 2016-10-11 11:01 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-12-14 12:27 - 2016-11-23 15:11 - 00013971 _____ C:\Users\Andreas Klocke\Desktop\Fahrten.xlsx
2016-12-14 09:51 - 2015-03-13 10:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 13:57 - 2015-09-10 17:31 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 13:57 - 2015-09-10 17:31 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 13:57 - 2015-09-10 17:31 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 13:57 - 2011-11-15 09:43 - 00000000 ____D C:\windows\system32\Macromed
2016-12-13 13:57 - 2011-03-04 12:58 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-12-13 09:15 - 2011-06-18 16:26 - 00000000 ____D C:\windows\SoftwareDistribution
2016-12-12 14:16 - 2014-03-31 10:06 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\FileZilla
2016-12-12 12:32 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-09 09:42 - 2013-05-12 19:19 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-12-09 09:42 - 2013-05-12 19:19 - 00000000 ____D C:\Program Files\Defraggler
2016-12-08 13:44 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-08 09:30 - 2015-07-31 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-07 16:04 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow
2016-12-05 09:57 - 2015-07-31 09:01 - 00000000 ____D C:\ProgramData\IObit
2016-12-05 09:52 - 2011-08-01 13:50 - 00000302 _____ C:\windows\system32\ricdb.ini
2016-12-05 09:47 - 2016-10-14 11:19 - 00524288 ___SH C:\windows\system32\config\components{52e3f6e1-91f7-11e6-866e-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-05 09:47 - 2016-10-14 11:19 - 00065536 ___SH C:\windows\system32\config\components{52e3f6e1-91f7-11e6-866e-028037ec0200}.TM.blf
2016-12-05 09:28 - 2014-03-31 10:20 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\Nvu

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-08-10 08:31 - 2011-08-10 08:35 - 0053342 _____ () C:\Users\Andreas Klocke\AppData\Roaming\QWInstall.log
2014-06-01 15:31 - 2014-06-01 15:32 - 0000347 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-11-25 10:39

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (03-01-2017 11:28:30)
Gestartet von C:\Users\Andreas Klocke\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-07-28 08:49:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2611109511-3762378734-2693064966-500 - Administrator - Disabled)
Andreas Klocke (S-1-5-21-2611109511-3762378734-2693064966-1001 - Administrator - Enabled) => C:\Users\Andreas Klocke
Gast (S-1-5-21-2611109511-3762378734-2693064966-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2611109511-3762378734-2693064966-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.38.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.38.0 - Alcor Micro Corp.) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.61 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.60.48.61 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.100.35469 - Hewlett-Packard Company)
Embedded Security for HP ProtectTools (HKLM\...\{87821717-5688-4AE6-887A-6B11571D0CD7}) (Version: 6.0.100.2572 - Hewlett-Packard Company)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4303 - Hewlett-Packard Company)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.13 - Hewlett-Packard Company)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fotosizer 1.32 (HKLM-x32\...\Fotosizer) (Version: 1.32 - Fotosizer.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{7B4DEBE1-E3E3-45BD-88E6-6C3CA9EEED36}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Client Automation Agent Preload  (HKLM-x32\...\{52B18ABC-AD5F-4C3C-B391-04F57B380449}) (Version: 7.5 - Hewlett-Packard)
HP Connection Manager (HKLM-x32\...\{7A6B4340-7090-418F-8976-EE9650B35550}) (Version: 4.1.22.1 - Hewlett-Packard Company)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{62272D4E-78E9-4BAD-B7AA-63072D06AAA9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{5B059455-4572-4F70-8D91-2097B07215E5}) (Version: 1.1.13.2 - Hewlett-Packard Company)
HP GPS and Location (HKLM-x32\...\{A6B2155C-176A-4F1C-88C0-F5C987322EEB}) (Version: 1.0.27.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{E0824C9B-F196-4667-8CE8-3A0B685B0820}) (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Mobile Broadband Drivers (HKLM-x32\...\{646E8C34-C88B-42F9-9F41-985A801219E1}) (Version: 6.3.5.3 - Ericsson AB)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.03.959 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{72CD20B8-55F3-4B4F-A44F-E381232E84ED}) (Version: 3.0.1.9258 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.21.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Privacy Manager for HP ProtectTools (HKLM\...\{5476AB75-E584-4497-80AF-7F205D8F6F54}) (Version: 6.01.842 - Hewlett-Packard Company)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio MyDVD Business 2010 (HKLM-x32\...\{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}) (Version: 12.1.74.13 - Roxio)
Roxio Secure Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.8.73.2 - Roxio)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.48 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.33 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 6.0.0.33 - Hewlett-Packard Company) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {031A00D8-1319-4E29-9EE5-23058EC64C6A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {0503311F-8A93-440C-98CC-F5B4C9244C58} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\windows\system32\GWX\GWXUXWorker.exe
Task: {053987B9-3528-4CB6-AB0C-D12CA94CE81B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {10861006-35C2-448E-B494-1D73D9BA27B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {1BAC6A70-B6A8-4881-B094-0DD97CFB43A4} - System32\Tasks\HPCeeScheduleForNOTEBOOK$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {272B286C-38E4-41BC-8E9A-6D585824A19D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {4702C01B-5554-4D86-AE48-7105CB197236} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {494E193A-D252-482D-871B-AD16C1A06F52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2016-12-07] (HP Inc.)
Task: {5551B4E6-8D44-4010-B945-EA88BF040D55} - System32\Tasks\HPCeeScheduleForAndreas Klocke => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {6EE044D3-4411-4C8E-B684-2D5C2A14C1FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {7068AC73-D794-429E-BB4E-D8ADAEA305EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {74B2BA24-EF27-45CE-8952-A87B7884D356} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {7D5290F2-01EB-4158-BC37-D033A712ED12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
Task: {9E0D2230-A53B-4D95-AF06-DF44327F2131} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\windows\system32\GWX\GWXConfigManager.exe
Task: {BC46D6E8-57D0-46A1-B659-69E9008ED3BD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {C0883B86-715B-412C-BE72-BADB20FBF5D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {D28589C8-A04C-48CF-9A8D-B0917BD51D66} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\windows\system32\GWX\GWXUXWorker.exe
Task: {EFC5DCD2-D500-4312-A563-D2EB3EA7DFB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-04-01 17:42 - 2011-04-01 17:42 - 00156216 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-02-01 10:39 - 2013-02-01 10:39 - 03401216 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 21:18 - 2010-09-06 21:18 - 01412608 _____ () C:\windows\system32\LIBEAY32.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2013-02-01 10:26 - 2013-02-01 10:26 - 01956864 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcNp64.DLL
2013-02-01 09:39 - 2013-02-01 09:39 - 01323008 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2013-02-01 10:17 - 2013-02-01 10:17 - 00200704 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
2016-12-06 15:09 - 2016-12-06 15:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-01-27 03:14 - 2011-01-27 03:14 - 00036408 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Remote.dll
2011-03-04 12:58 - 2011-01-27 02:34 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-01-27 03:13 - 2011-01-27 03:13 - 00080440 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2011-01-27 03:13 - 2011-01-27 03:13 - 00047160 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2013-02-01 10:14 - 2013-02-01 10:14 - 02830336 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 02863104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-01 10:15 - 2013-02-01 10:15 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-01 09:42 - 2013-02-01 09:42 - 02035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-01 09:43 - 2013-02-01 09:43 - 01945600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-02-01 10:12 - 2013-02-01 10:12 - 03092480 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2011-06-18 16:35 - 2010-02-17 19:20 - 00065576 ____R () C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\MBMDebug.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2016-12-14 09:51 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 09:51 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:9FF7C773 [138]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.67.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe
FirewallRules: [{BF5366CA-0ED1-491C-AA39-264717C602C0}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C4E3B9A-525B-4953-BD1F-74BC27003BD4}] => LPort=2869
FirewallRules: [{FC16BA93-364F-4E09-A41E-CDC86A2BE0CB}] => LPort=1900
FirewallRules: [{0B2963DA-9B7E-459C-8530-E0A87ECB9601}] => LPort=2799
FirewallRules: [{4FFF0DD1-792E-4C01-8FB0-E8BC648CC5D3}] => LPort=2799
FirewallRules: [{AF549EE5-55AC-4780-BC54-FA6A519367B7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{88440814-9C50-4B3A-AA93-A1D08AD03245}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A54A37F3-104B-4EC4-9FC2-6AC467C60282}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68FD1D23-05DC-4795-8CB3-F8504EAE7FD7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BFD9CC55-6048-4940-8C0F-D760045AC31D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

15-12-2016 09:42:40 Windows Update
22-12-2016 09:36:43 Installed HP Support Solutions Framework
22-12-2016 09:39:53 Installed HP Support Assistant
22-12-2016 09:44:08 Windows Modules Installer
22-12-2016 09:47:59 Windows Modules Installer
22-12-2016 09:57:25 HPSF Applying updates
22-12-2016 09:57:54 Installiert Alcor Micro Smart Card Reader Driver
02-01-2017 14:55:30 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: BlueSoleil Generic Bluetooth Driver
Description: BlueSoleil Generic Bluetooth Driver
Class Guid: {9b21fd3a-b1ab-4eb9-956f-e56acfe78bce}
Manufacturer: IVT Corporation
Service: Btcsrusb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/03/2017 11:01:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/03/2017 08:48:23 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5520) WebCacheLocal: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (01/03/2017 08:48:23 AM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (5520) WebCacheLocal: Versuch, Datei "C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (01/03/2017 08:48:13 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5520) WebCacheLocal: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (01/03/2017 08:48:13 AM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (5520) WebCacheLocal: Versuch, Datei "C:\Users\Andreas Klocke\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (01/02/2017 06:09:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Andreas Klocke\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/02/2017 06:09:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Andreas Klocke\Desktop\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/29/2016 06:33:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm pdf24-Creator.exe, Version 7.8.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1974

Startzeit: 01d261f8be2ede8e

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\PDF24\pdf24-Creator.exe

Berichts-ID: efde22aa-cdec-11e6-9fb6-028037ec0200

Error: (12/20/2016 01:48:32 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: PowerEvent wurde nicht verarbeitet. Aufgetretener Fehler: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Avira.OE.ServiceHost.ServiceHost.OnPowerEvent(Object sender, PowerBroadcastStatusEventArgs e)
   bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHandler`1 eventHandler, Object sender, T eventArgs)
   bei Avira.OE.ServiceHost.WindowsService.OnPowerEvent(PowerBroadcastStatus powerStatus)
   bei System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData)

Error: (12/16/2016 03:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxsrvc.exe, Version: 8.15.10.2963, Zeitstempel: 0x50f70dc5
Name des fehlerhaften Moduls: igfxsrvc.exe, Version: 8.15.10.2963, Zeitstempel: 0x50f70dc5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000347d
ID des fehlerhaften Prozesses: 0x1aa4
Startzeit der fehlerhaften Anwendung: 0x01d2579e774d6d6e
Pfad der fehlerhaften Anwendung: C:\windows\system32\igfxsrvc.exe
Pfad des fehlerhaften Moduls: C:\windows\system32\igfxsrvc.exe
Berichtskennung: 440c91c5-c39a-11e6-a81f-028037ec0200


Systemfehler:
=============
Error: (01/02/2017 06:12:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/02/2017 06:12:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANDREA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/02/2017 06:12:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/02/2017 06:12:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANDREA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/02/2017 06:12:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/02/2017 06:12:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANDREA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/02/2017 06:11:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/02/2017 06:11:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANDREA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/02/2017 06:11:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (01/02/2017 06:11:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\ANDREA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


CodeIntegrity:
===================================
  Date: 2017-01-03 11:27:35.901
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-03 11:02:54.281
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-03 11:02:11.154
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-03 10:17:18.376
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-03 09:02:18.766
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 18:11:21.702
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 18:05:21.184
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 17:55:47.159
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 17:05:54.068
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-02 17:05:36.417
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 65%
Installierter physikalischer RAM: 4030.36 MB
Verfügbarer physikalischer RAM: 1398.2 MB
Summe virtueller Speicher: 8058.9 MB
Verfügbarer virtueller Speicher: 4478.33 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:445.69 GB) (Free:281.17 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_RECOVERY) (Fixed) (Total:14.77 GB) (Free:2.2 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.08 GB) FAT32
Drive g: (Hist. Luftbilder) (CDROM) (Total:1.5 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C288F40A)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         
So ESET hat wie gesagt 3 Bedrohungen gefunden und HitmanPro hat nochmal 1 Bedrohung und 2 Hinweise zu FRST gegeben.

Nach zweimaligem Neustart fällt leider immer noch auf, dass der Rechner sehr langsam hochfährt sowie zwischen der Auswahl der Authentifizierung und der Passworteingabe eine Ewigkeit vergeht. Nach der Anmeldung scheint der Rechner jetzt immerhin schneller betriebsbereit zu sein.

Alt 03.01.2017, 20:49   #14
M-K-D-B
/// TB-Ausbilder
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Servus,



Malware scheint wohl nicht wirklich der Grund für die Probleme zu sein.






Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?




Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
C:\backup\Allgemein\Bürotechnik\Software\wz180gev-64.msi
C:\Users\Andreas Klocke\AppData\Roaming\Wondershare\MobileGo\TempRoot\TempRoot.zip
C:\Users\Andreas Klocke\Downloads\*CHIP-Installer.exe
Reboot:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!





Du kannst noch versuchen, die Windows-Probleme mit diesem Tool zu beheben:
  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-7 durch. (Siehe Bildanleitung)








Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup:
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.





Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.




Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.




Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 04.01.2017, 09:05   #15
foreveryoung
 
Windows 7 Pro 64Bit sehr langsam - Standard

Windows 7 Pro 64Bit sehr langsam



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (04-01-2017 08:38:29) Run:2
Gestartet von C:\Users\Andreas Klocke\Desktop
Geladene Profile: Andreas Klocke (Verfügbare Profile: Andreas Klocke)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\backup\Allgemein\Bürotechnik\Software\wz180gev-64.msi
C:\Users\Andreas Klocke\AppData\Roaming\Wondershare\MobileGo\TempRoot\TempRoot.zip
C:\Users\Andreas Klocke\Downloads\*CHIP-Installer.exe
Reboot:
end
         
*****************

Prozess erfolgreich geschlossen.
C:\backup\Allgemein\Bürotechnik\Software\wz180gev-64.msi => erfolgreich verschoben
C:\Users\Andreas Klocke\AppData\Roaming\Wondershare\MobileGo\TempRoot\TempRoot.zip => erfolgreich verschoben

=========== "C:\Users\Andreas Klocke\Downloads\*CHIP-Installer.exe" ==========

C:\Users\Andreas Klocke\Downloads\CHIP Windows 10 Zwangs Update Stopper - CHIP-Installer.exe => erfolgreich verschoben

========= Ende -> "C:\Users\Andreas Klocke\Downloads\*CHIP-Installer.exe" ========



Das System musste neu gestartet werden.

==== Ende von Fixlog 08:38:39 ====
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Andreas Klocke (Administrator) auf NOTEBOOK (03-01-2017 11:27:39)
Gestartet von C:\Users\Andreas Klocke\Desktop
Geladene Profile: Andreas Klocke &  (Verfügbare Profile: Andreas Klocke)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [IFXSPMGT] => c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-08-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DsMgr] => C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [93240 2011-04-20] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2011-02-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\...\MountPoints2: {0d7abbcf-99c1-11e0-9ecc-806e6f6e6963} - G:\bin\shelexec.exe index.html
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0d7abbcf-99c1-11e0-9ecc-806e6f6e6963} - G:\bin\shelexec.exe index.html
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{89B4A81F-D2DC-4F62-AC14-4F20103515A1}: [DhcpNameServer] 192.168.67.1
Tcpip\..\Interfaces\{E2E22EAE-77F5-4A60-87D5-5ED74C889313}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de
HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EA2D295C-3996-4512-AD4C-53DC4BE9B96D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2611109511-3762378734-2693064966-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-22] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Nvu\Profiles\1p5ijy2s.default [2016-12-12]
FF ProfilePath: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default [2017-01-02]
FF Homepage: Mozilla\Firefox\Profiles\16jk24xp.default -> hxxp://www.google.de/
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-images.xml [2014-11-21]
FF SearchPlugin: C:\Users\Andreas Klocke\AppData\Roaming\Mozilla\Firefox\Profiles\16jk24xp.default\searchplugins\google-maps.xml [2014-11-21]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2011-08-10] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default [2017-01-03]
CHR Extension: (Google Präsentationen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Google-Suche) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Google Docs Offline) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (HP Network Check Launcher) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2016-12-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Andreas Klocke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [485712 2011-05-19] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320512 2011-05-09] (Hewlett-Packard) [Datei ist nicht signiert]
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [980320 2011-01-20] (Infineon Technologies AG)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert]
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [203104 2011-01-20] (Infineon Technologies AG)
S3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-10-29] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246376 2016-06-23] (Synaptics Incorporated)
S2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [4819968 2011-06-18] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [586280 2011-03-03] (Ericsson AB)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 ASPI; C:\windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [Datei ist nicht signiert]
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [148032 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-12] (Avira Operations GmbH & Co. KG)
S3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [42536 2016-06-23] (IVT Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 ecnssndis; C:\windows\System32\Drivers\wwuss64.sys [26664 2014-10-29] (Ericsson AB)
R3 ecnssndisfltr; C:\windows\System32\Drivers\wwussf64.sys [29736 2014-10-29] (Ericsson AB)
R3 h36wgps; C:\windows\System32\DRIVERS\h36wgps64.sys [101416 2011-02-28] (Ericsson AB)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 johci; C:\windows\System32\DRIVERS\johci.sys [26208 2014-10-29] (JMicron Technology Corp.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-01-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
R3 Mbm3DevMt; C:\windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
R3 Mbm3mdfl; C:\windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
R3 Mbm3Mdm; C:\windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-10-29] (Intel Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [2596456 2016-06-23] (Sonix Tech. Co., Ltd.)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R3 WirelessKeyboardFilter; C:\windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R3 WwanUsbServ; C:\windows\System32\DRIVERS\WwanUsbMp64.sys [279312 2014-10-29] (Ericsson AB)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-03 11:02 - 2017-01-03 11:26 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-03 11:02 - 2017-01-03 11:02 - 11581544 _____ (SurfRight B.V.) C:\Users\Andreas Klocke\Desktop\HitmanPro_x64.exe
2017-01-03 10:58 - 2017-01-03 10:58 - 00000764 _____ C:\Users\Andreas Klocke\Desktop\eset.txt
2017-01-02 18:09 - 2017-01-02 18:09 - 02870984 _____ (ESET) C:\Users\Andreas Klocke\Desktop\esetsmartinstaller_deu.exe
2017-01-02 18:09 - 2017-01-02 18:09 - 00000000 ____D C:\Program Files (x86)\ESET
2017-01-02 17:55 - 2017-01-02 17:56 - 00002854 _____ C:\Users\Andreas Klocke\Desktop\Fixlog.txt
2017-01-02 15:14 - 2017-01-02 15:14 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\ProductData
2017-01-02 14:58 - 2017-01-02 14:58 - 00028270 _____ C:\Users\Andreas Klocke\Desktop\JRT.txt
2017-01-02 14:55 - 2017-01-02 14:55 - 01663040 _____ (Malwarebytes) C:\Users\Andreas Klocke\Desktop\JRT.exe
2017-01-02 14:51 - 2017-01-02 14:51 - 00001207 _____ C:\Users\Andreas Klocke\Desktop\mbam.txt
2017-01-02 10:38 - 2017-01-02 10:38 - 00000000 ____D C:\Users\Andreas Klocke\Downloads\FRST-OlderVersion
2016-12-23 11:00 - 2016-12-23 11:00 - 00048077 _____ C:\Users\Andreas Klocke\.recently-used.xbel
2016-12-22 13:50 - 2016-12-22 13:51 - 00001211 _____ C:\Users\Andreas Klocke\Desktop\mbamlog.txt
2016-12-22 12:35 - 2017-01-03 11:24 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-22 12:34 - 2016-12-22 12:34 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-22 12:34 - 2016-12-22 12:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-22 12:34 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-12-22 12:34 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-12-22 12:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-12-22 12:30 - 2017-01-02 14:15 - 00000000 ____D C:\AdwCleaner
2016-12-22 12:30 - 2016-12-22 12:31 - 22851472 _____ (Malwarebytes ) C:\Users\Andreas Klocke\Desktop\mbam-setup-2.2.1.1043.exe
2016-12-22 12:29 - 2016-12-22 12:29 - 03977168 _____ C:\Users\Andreas Klocke\Desktop\AdwCleaner_6.041.exe
2016-12-22 11:58 - 2016-12-22 12:43 - 00464724 _____ C:\TDSSKiller.3.1.0.12_22.12.2016_11.58.11_log.txt
2016-12-22 11:57 - 2016-12-22 11:57 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Andreas Klocke\Desktop\tdsskiller.exe
2016-12-22 11:50 - 2017-01-02 15:04 - 00043158 _____ C:\Users\Andreas Klocke\Desktop\Addition.txt
2016-12-22 11:48 - 2017-01-03 11:27 - 00027417 _____ C:\Users\Andreas Klocke\Desktop\FRST.txt
2016-12-22 11:47 - 2017-01-03 11:27 - 00000000 ____D C:\FRST
2016-12-22 11:47 - 2017-01-02 10:38 - 02418176 _____ (Farbar) C:\Users\Andreas Klocke\Desktop\FRST64.exe
2016-12-22 11:44 - 2016-12-22 11:42 - 00110144 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-64.dll
2016-12-22 11:26 - 2017-01-02 17:58 - 00000672 _____ C:\windows\setupact.log
2016-12-22 11:26 - 2017-01-02 14:16 - 00002234 _____ C:\windows\PFRO.log
2016-12-22 11:26 - 2016-12-22 11:26 - 00000000 _____ C:\windows\setuperr.log
2016-12-22 10:37 - 2016-12-22 10:38 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-22 10:37 - 2016-12-22 10:37 - 00002808 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-22 10:37 - 2016-12-22 10:37 - 00000000 ____D C:\Program Files\CCleaner
2016-12-22 10:36 - 2016-12-22 10:37 - 08803648 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Documents\ccsetup525.exe
2016-12-22 10:25 - 2016-12-30 14:05 - 00003240 _____ C:\windows\System32\Tasks\HPCeeScheduleForAndreas Klocke
2016-12-22 10:11 - 2017-01-03 09:22 - 00524288 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-22 10:11 - 2017-01-03 09:22 - 00065536 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TM.blf
2016-12-22 10:11 - 2016-12-22 11:25 - 00524288 ___SH C:\windows\system32\config\components{c805c034-c825-11e6-9b35-028037ec0200}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 10:03 - 2017-01-02 10:21 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForAndreas Klocke.job
2016-12-22 10:03 - 2016-12-22 10:03 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\HP_Development_Company,_L
2016-12-22 10:01 - 2016-12-22 10:01 - 00000000 ____D C:\ProgramData\McAfee
2016-12-22 09:59 - 2016-12-22 09:59 - 00000248 _____ C:\windows\hbcikrnl.ini
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2016-12-22 09:59 - 2016-12-22 09:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\ProgramData\SZCCID
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicroData
2016-12-22 09:58 - 2016-12-22 09:58 - 00000000 ____D C:\Program Files (x86)\AlcorMicro
2016-12-22 09:49 - 2016-12-22 09:49 - 00002231 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-12-22 09:49 - 2016-12-22 09:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-12-22 09:41 - 2016-12-22 09:41 - 00000000 ____D C:\ProgramData\HP Inc
2016-12-22 09:35 - 2016-12-22 09:35 - 04057776 _____ (Oleg N. Scherbakov) C:\Users\Andreas Klocke\Documents\HPSupportSolutionsFramework-12.5.32.203.exe
2016-12-16 15:59 - 2016-12-16 15:59 - 00000000 ____H C:\asc_rdflag
2016-12-15 09:41 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-12-15 09:41 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-12-15 09:41 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-12-15 09:41 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-15 09:41 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-12-15 09:41 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-12-15 09:41 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-12-15 09:41 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-12-15 09:41 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-12-15 09:41 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-12-15 09:41 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-15 09:41 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-12-15 09:41 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-12-15 09:41 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-12-15 09:41 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-12-15 09:41 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-12-15 09:41 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-12-15 09:41 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-12-15 09:41 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-12-15 09:41 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-12-15 09:41 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-15 09:41 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-12-15 09:41 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-15 09:41 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-12-15 09:41 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-15 09:41 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-12-15 09:41 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-12-15 09:41 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-12-15 09:41 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-12-15 09:41 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-12-15 09:41 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-12-15 09:41 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-12-15 09:41 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-12-15 09:41 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-12-15 09:41 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-12-15 09:41 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-12-15 09:41 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-12-15 09:41 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-12-15 09:41 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-12-15 09:41 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-12-15 09:41 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-15 09:41 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-12-15 09:41 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-12-15 09:41 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-12-15 09:41 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-12-15 09:41 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-12-15 09:41 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-12-15 09:41 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-12-15 09:41 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-12-15 09:41 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-12-15 09:41 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-12-15 09:41 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-12-15 09:41 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-12-15 09:41 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-12-15 09:41 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-12-15 09:41 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-15 09:41 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-15 09:41 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-12-15 09:41 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-12-15 09:41 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-12-15 09:41 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-12-15 09:41 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-12-15 09:41 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-15 09:41 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-15 09:41 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-12-15 09:41 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-12-12 14:57 - 2016-12-12 14:57 - 00773579 _____ C:\Users\Andreas Klocke\Desktop\kps Solingen.pdf
2016-12-12 14:15 - 2016-12-12 14:15 - 06880664 _____ (Tim Kosse) C:\Users\Andreas Klocke\Downloads\FileZilla_3.23.0.2_win64-setup.exe
2016-12-12 12:28 - 2015-12-22 17:47 - 00099052 _____ C:\Users\Andreas Klocke\Desktop\Textbausteine Mietwertgutachten Stand 20140117.xlsx
2016-12-09 09:39 - 2016-12-09 09:39 - 04619752 _____ (Piriform Ltd) C:\Users\Andreas Klocke\Downloads\dfsetup221.exe
2016-12-08 13:44 - 2016-12-08 13:44 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-08 09:48 - 2016-12-08 09:48 - 00000334 _____ C:\windows\Backup.ini
2016-12-08 09:41 - 2016-12-08 09:41 - 17150504 _____ (IObit ) C:\Users\Andreas Klocke\Downloads\driver_booster_setup(4.1.0.389).exe
2016-12-07 16:04 - 2016-12-22 11:46 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow\Mozilla
2016-12-07 15:36 - 2016-12-08 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 09:51 - 2016-12-22 10:04 - 00524288 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-05 09:51 - 2016-12-22 10:04 - 00065536 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TM.blf
2016-12-05 09:51 - 2016-12-05 10:10 - 00524288 ___SH C:\windows\system32\config\components{9821f7e4-bac7-11e6-8424-028037ec0200}.TMContainer00000000000000000002.regtrans-ms
2016-12-05 09:38 - 2016-12-05 09:38 - 01199136 _____ C:\windows\system32\oem137.inf
2016-12-05 09:37 - 2016-12-05 09:37 - 07884536 _____ (Broadcom Corporation) C:\windows\system32\Drivers\BCMWL664.SYS
2016-12-05 09:37 - 2016-12-05 09:37 - 04401152 _____ (Broadcom Corporation) C:\windows\system32\bcmihvsrv64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 03667968 _____ (Broadcom Corporation) C:\windows\system32\bcmihvui64.dll
2016-12-05 09:37 - 2016-12-05 09:37 - 00096600 _____ (Broadcom Corporation) C:\windows\system32\bcmwlcoi.dll
2016-12-05 09:31 - 2016-12-05 09:31 - 00000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-03 10:57 - 2015-09-10 17:31 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-01-02 18:11 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 18:11 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 17:58 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-01-02 17:56 - 2014-08-27 08:37 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow\Temp
2016-12-30 14:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Tasks
2016-12-30 14:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Tasks
2016-12-23 17:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-12-23 17:03 - 2011-07-28 09:48 - 00003218 _____ C:\windows\System32\Tasks\HPCeeScheduleForNOTEBOOK$
2016-12-23 17:03 - 2011-07-28 09:48 - 00000342 _____ C:\windows\Tasks\HPCeeScheduleForNOTEBOOK$.job
2016-12-23 13:29 - 2011-08-01 10:19 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2016-12-23 11:00 - 2011-07-28 13:35 - 00000000 ____D C:\Users\Andreas Klocke\.gimp-2.6
2016-12-23 11:00 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke
2016-12-23 10:34 - 2011-03-04 13:01 - 00705108 _____ C:\windows\system32\perfh007.dat
2016-12-23 10:34 - 2011-03-04 13:01 - 00151476 _____ C:\windows\system32\perfc007.dat
2016-12-23 10:34 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-23 10:34 - 2009-07-14 03:36 - 00657964 _____ C:\windows\system32\perfh009.dat
2016-12-23 10:34 - 2009-07-14 03:36 - 00123776 _____ C:\windows\system32\perfc009.dat
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-22 12:34 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-22 11:46 - 2013-09-26 11:25 - 00000000 ____D C:\ProgramData\Oracle
2016-12-22 11:45 - 2011-03-04 12:46 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2016-12-22 11:45 - 2011-03-04 12:20 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-22 11:44 - 2016-11-25 09:51 - 00000000 __SHD C:\Config.Msi
2016-12-22 11:44 - 2015-10-09 07:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-22 11:44 - 2015-07-10 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-22 11:44 - 2013-05-17 08:46 - 00000000 ____D C:\Program Files\Java
2016-12-22 11:44 - 2011-03-04 12:21 - 00000000 __SHD C:\windows\Installer
2016-12-22 11:43 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-22 11:42 - 2015-07-31 09:45 - 00110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2016-12-22 11:40 - 2016-01-22 09:22 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-22 10:51 - 2015-07-14 13:37 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\CrashDumps
2016-12-22 10:51 - 2011-10-12 13:53 - 00000000 ____D C:\windows\Minidump
2016-12-22 10:47 - 2015-07-31 09:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-22 10:47 - 2011-06-18 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star
2016-12-22 10:37 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\Documents
2016-12-22 10:37 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files
2016-12-22 10:35 - 2015-02-25 17:15 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\ElevatedDiagnostics
2016-12-22 10:34 - 2011-08-14 13:02 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Local\Diagnostics
2016-12-22 10:06 - 2009-07-14 05:45 - 00471400 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-22 10:05 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\catroot
2016-12-22 10:02 - 2011-03-04 12:20 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-22 10:02 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2016-12-22 10:02 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\DriverStore
2016-12-22 10:01 - 2011-03-04 12:27 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll
2016-12-22 10:01 - 2009-07-14 04:20 - 00000000 __RSD C:\windows\assembly
2016-12-22 10:00 - 2011-03-04 12:26 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-22 09:59 - 2011-03-04 12:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\catroot2
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default\AppData\Roaming
2016-12-22 09:59 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\winsxs
2016-12-22 09:48 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2016-12-22 09:40 - 2014-06-01 15:16 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-22 09:40 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\hpqLog
2016-12-22 09:38 - 2011-07-28 09:53 - 00130248 _____ C:\Users\Andreas Klocke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-22 09:37 - 2009-07-14 04:20 - 00000000 __RSD C:\windows\Fonts
2016-12-17 14:56 - 2011-08-01 11:36 - 00003542 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:56 - 2011-08-01 11:36 - 00003414 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 120553472 _____ C:\windows\system32\config\SOFTWARE.iodefrag
2016-12-16 15:59 - 2016-10-04 08:02 - 00622592 _____ C:\windows\system32\config\DEFAULT.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00069632 _____ C:\windows\system32\config\SAM.iodefrag.bak
2016-12-16 15:59 - 2016-10-04 08:02 - 00028672 _____ C:\windows\system32\config\SECURITY.iodefrag.bak
2016-12-16 15:59 - 2009-07-27 16:04 - 00000000 __SHD C:\boot
2016-12-16 15:58 - 2009-07-14 05:45 - 00000000 ____D C:\windows\debug
2016-12-15 18:25 - 2011-08-05 11:54 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\gtk-2.0
2016-12-15 12:57 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Microsoft.NET
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\en-US
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\SysWOW64\de-DE
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\en-US
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\Drivers\UMDF
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\de-DE
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-15 10:01 - 2011-07-28 10:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-15 09:59 - 2013-08-12 09:56 - 00000000 ____D C:\windows\system32\MRT
2016-12-15 09:54 - 2011-07-28 10:37 - 135632432 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-12-15 09:51 - 2011-03-04 12:25 - 01607460 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-12-14 13:23 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-14 13:21 - 2016-10-11 11:01 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2016-12-14 13:21 - 2013-03-28 08:21 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-12-14 12:27 - 2016-11-23 15:11 - 00013971 _____ C:\Users\Andreas Klocke\Desktop\Fahrten.xlsx
2016-12-14 09:51 - 2015-03-13 10:41 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 13:57 - 2015-09-10 17:31 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 13:57 - 2015-09-10 17:31 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 13:57 - 2015-09-10 17:31 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 13:57 - 2011-11-15 09:43 - 00000000 ____D C:\windows\system32\Macromed
2016-12-13 13:57 - 2011-03-04 12:58 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-12-13 09:15 - 2011-06-18 16:26 - 00000000 ____D C:\windows\SoftwareDistribution
2016-12-12 14:16 - 2014-03-31 10:06 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\FileZilla
2016-12-12 12:32 - 2011-07-28 09:49 - 00000000 ___RD C:\Users\Andreas Klocke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-09 09:42 - 2013-05-12 19:19 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-12-09 09:42 - 2013-05-12 19:19 - 00000000 ____D C:\Program Files\Defraggler
2016-12-08 13:44 - 2016-07-26 14:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-08 09:30 - 2015-07-31 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-07 16:04 - 2011-07-28 09:49 - 00000000 ____D C:\Users\Andreas Klocke\AppData\LocalLow
2016-12-05 09:57 - 2015-07-31 09:01 - 00000000 ____D C:\ProgramData\IObit
2016-12-05 09:52 - 2011-08-01 13:50 - 00000302 _____ C:\windows\system32\ricdb.ini
2016-12-05 09:47 - 2016-10-14 11:19 - 00524288 ___SH C:\windows\system32\config\components{52e3f6e1-91f7-11e6-866e-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
2016-12-05 09:47 - 2016-10-14 11:19 - 00065536 ___SH C:\windows\system32\config\components{52e3f6e1-91f7-11e6-866e-028037ec0200}.TM.blf
2016-12-05 09:28 - 2014-03-31 10:20 - 00000000 ____D C:\Users\Andreas Klocke\AppData\Roaming\Nvu

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-08-10 08:31 - 2011-08-10 08:35 - 0053342 _____ () C:\Users\Andreas Klocke\AppData\Roaming\QWInstall.log
2014-06-01 15:31 - 2014-06-01 15:32 - 0000347 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-11-25 10:39

==================== Ende von FRST.txt ============================
         
Bei Windows Repair wurde mir ein Update angeboten. Das Forum auf das ich bei Tweaking.com weitergeleitet wurde hat im Top ein Ad-Fenster mit Download Button und in den Foreneinträgen Links. Da mir das alles unverständlich ist, führe ich das Programm ohne Update durch.

Antwort

Themen zu Windows 7 Pro 64Bit sehr langsam
arbeitet, auslastung, ccleaner, cpu, diverse, driver, driver booster, einloggen, fehler, festplatte, forum, foto, klicke, langsam, langsamer, laptop, laptop langsam, passwort, ram, rechner, registry, stillstand, system, treiber, trojaner, windows, windows 7



Ähnliche Themen: Windows 7 Pro 64Bit sehr langsam


  1. W10 64Bit Apple MacBook Pro 13" Programmstart sehr stark verzögert + PC sehr langsam
    Log-Analyse und Auswertung - 13.12.2016 (13)
  2. windows 7 64bit sehr langsam
    Log-Analyse und Auswertung - 08.10.2016 (12)
  3. Windows 8, 64bit: Rechner sehr langsam und immer wieder am einfrieren
    Log-Analyse und Auswertung - 22.07.2016 (18)
  4. Windows 10 hängt sehr oft und reagiert nur sehr langsam
    Log-Analyse und Auswertung - 15.11.2015 (11)
  5. laptop läuft sehr langsam, Tastatureingabe oft zeitverzögert, windows 7, 64bit
    Plagegeister aller Art und deren Bekämpfung - 11.10.2015 (21)
  6. Windows bzw. ganzer Rechner läuft sehr sehr langsam.....
    Plagegeister aller Art und deren Bekämpfung - 28.09.2015 (11)
  7. Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem
    Log-Analyse und Auswertung - 01.07.2015 (20)
  8. Window 7 (64bit): PC sehr Langsam
    Log-Analyse und Auswertung - 30.04.2015 (7)
  9. Window 7 (64bit): PC seit ca. 1 Woche sehr Langsam
    Log-Analyse und Auswertung - 28.04.2015 (11)
  10. Windows 7 Google Chrome Browser sehr langsam Bilder werden langsam geladen
    Log-Analyse und Auswertung - 03.02.2015 (15)
  11. Windows 7 64Bit home Premium sehr langsam
    Log-Analyse und Auswertung - 26.10.2014 (11)
  12. Windows 8 (64bit) - PC plötzlich langsam
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (13)
  13. Windows Vista fährt nur sehr langsam hoch und braucht sehr lange um Befehle auszufuehren.
    Log-Analyse und Auswertung - 22.11.2013 (1)
  14. tbhcn in Autostart - Win7 64bit sehr langsam
    Log-Analyse und Auswertung - 02.11.2013 (9)
  15. Win 7 (64Bit) Rechner sehr langsam, mehrere Scanner haben sich aufgehängt
    Log-Analyse und Auswertung - 14.10.2013 (9)
  16. Win7-64bit sehr langsam, Kaspersky meldete Befall durch Java, sowie dubiose Seitenmeldung von www.superfish.com bei standardseitenaufruf
    Log-Analyse und Auswertung - 05.10.2013 (9)
  17. Programme starten sehr langsam / Windows allg. sehr lahm
    Log-Analyse und Auswertung - 18.05.2013 (2)

Zum Thema Windows 7 Pro 64Bit sehr langsam - Hallo, mir wurde in diesem Forum vor einigen Jahren mal sehr gut bei der Bereinigung von einem Trojaner geholfen. Diesmal geht es um mein 5 Jahre altes HP Probook 6360b, - Windows 7 Pro 64Bit sehr langsam...
Archiv
Du betrachtest: Windows 7 Pro 64Bit sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.