Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.10.2015, 15:27   #1
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Hallo zusammen,

ich habe ein Problem mit meinem Abgesicherten Modus. Sobald ich den Abgesicherten Modus starte und in den Bildschirm der Benutzerauswahl komme dauert es ein paar Sekunden und der PC startet von selbst neu.
Einer der Benutzer ist mit einem kurzen, einfachen Passwort gesichert. Wenn man in den paar Sekunden bis zum Neustart den Benutzer anklickt und das Passwort eingibt, wird angezeigt, dass dieses falsch wäre. Das Passwort ist sowas Einfaches wie "12" - das kann ich nicht jedes Mal falsch eingegeben haben.

Vielleicht noch nützliche Hintergrundinfos:
Ich habe den abgesicherten Modus seit Ewigkeiten nicht mehr genutzt. Das Problem ist nur erkannt worden, weil ich eine neue Version von Kaspersky Internet Security aufspielen wollte. Ich habe die 2015er Version deinstalliert, neu gestartet und wollte die 2016er installieren. Diese Installation hängt sich aber bei "5 Sekunden verbleibend" auf. D.h. der PC läuft noch, aber die Installation kommt nicht weiter voran - auch nach einer Stunde Wartezeit.
Nach der Internet-Recherche wurde auf der Kaspersky-Seite geraten, ein Kaspersky-Entfernungstool im Abgesicherten Modus zu starten und dann die neue Version zu installieren. Nur diesen kann ich wie gesagt nicht starten.

Mein System habe ich vor ca. 2,5-3 Jahren aufgesetzt. Ich hatte mal ein Problem mit einem GVU Trojaner und habe den mit meinem Halbwissen und (ich glaube) mit einer Boot-CD und Malwarebytes Anti-Malware in den Griff bekommen. Dazu sei aber gesagt, dass ich mir nicht mehr 100% sicher bin, ob das dieser PC war, oder der vorherige. Das ist leider ein bißchen zu lange her...

Bezüglich des aktuellen Problems habe ich nur Malwarebytes Anti-Malware laufen lassen. Kritische Elemente gab es keine, Log siehe unten.

Nachträglicher Edit: Da ich die 2015er Kaspersky-Version deinstalliert habe, ist momentan kein Virenscanner aktiv Der Letzte vollständige Systemscan davon war ca. 5-6 Monate alt und hatte keinen Befund.
Die Comodo Firewall hatte ich ganz vergessen und erst in den Logs ist die mir wieder aufgefallen. Seitdem ich Kaspersky 2015 hatte war diese nicht mehr im Autostart und daher standardmäßig deaktiviert.

Weiterhin habe ich die Anleitung im Forum befolgt:
- Defogger genutzt, Fehlermeldung gab es keine
- Systemscan mit FRST
FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
durchgeführt von Mario (Administrator) auf WAKGOD (28-10-2015 15:38:08)
Gestartet von D:\Users\Mario\downloads
Geladene Profile: Mario (Verfügbare Profile: Mario & Lernen)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files\aquasuite\AquaComputerService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(devolo AG) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Autodesk, Inc.) D:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(CMedia) C:\Program Files\ASUS Xonar D2X Audio\Customapp\AsusAudioCenter.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Advanced Micro Devices Inc.) D:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Advanced Micro Devices Inc.) D:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [ApplePhotoStreams] => D:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Spotify Web Helper] => C:\Users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-22] (Spotify Ltd)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Spotify] => C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe [7736128 2015-10-22] (Spotify Ltd)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\MountPoints2: {51026f4a-6261-11e2-9e27-806e6f6e6963} - E:\Run.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2014-10-01]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-08-20]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0B52BEBB-7563-41E0-B641-7EB5A06869B3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1B8A7188-20ED-4D44-8C47-45B185A97B35}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{F3E5FAE6-6066-4660-9FD6-542222576451}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-18] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2508083331-1529705533-2935304339-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Mario\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2508083331-1529705533-2935304339-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-07] ()
FF SearchPlugin: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\searchplugins\youtube-videosuche.xml [2015-05-29]
FF Extension: Video DownloadHelper - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-08-18]
FF Extension: Adblock Plus - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-30] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - d:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-03-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Aqua Computer Service; C:\Program Files\aquasuite\AquaComputerService.exe [536064 2013-03-27] (Aqua Computer GmbH & Co. KG) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
R2 DevoloNetworkService; D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-05] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-08-17] (Futuremark)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 mitsijm2012; D:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-07] (Autodesk, Inc.)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-05] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AIDA64Driver; D:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [30624 2012-10-28] ()
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-01-20] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2013-12-05] (Paragon Software Group)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VUSB3HUB; system32\DRIVERS\ViaHub3.sys [X]
S3 xhcdrv; system32\DRIVERS\xhcdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-28 15:37 - 2015-10-28 15:38 - 00000000 ____D C:\FRST
2015-10-28 15:19 - 2015-10-28 15:19 - 00000000 _____ C:\Users\Mario\defogger_reenable
2015-10-28 14:50 - 2015-10-28 14:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-28 14:50 - 2015-10-28 14:50 - 00000790 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-28 14:50 - 2015-10-28 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-28 14:50 - 2015-10-28 14:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-28 14:50 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-28 14:50 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-28 14:50 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-28 13:35 - 2015-10-28 13:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-28 13:35 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-28 13:35 - 2015-06-30 01:05 - 00931000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-10-28 13:35 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-10-28 12:47 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-28 12:46 - 2015-10-28 14:59 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-28 12:46 - 2015-10-28 13:35 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-24 19:52 - 2015-10-24 19:52 - 00000000 _____ C:\Windows\SysWOW64\OCL91BD.tmp
2015-10-24 19:51 - 2015-10-24 19:51 - 00000000 _____ C:\Windows\SysWOW64\OCL4285.tmp
2015-10-18 19:40 - 2015-10-18 19:40 - 00000000 ____D C:\ProgramData\Stardock
2015-10-16 10:18 - 2015-10-16 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 14:23 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 14:23 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 14:23 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-13 19:29 - 2015-10-13 19:29 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher
2015-10-13 18:51 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 18:51 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 18:51 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 18:51 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 18:51 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 18:51 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 18:51 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 18:51 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 18:51 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 18:51 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 18:51 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 18:51 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 18:51 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 18:51 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 18:51 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 18:51 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 18:51 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 18:51 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 18:51 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 18:51 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 18:51 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 18:51 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 18:51 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 18:51 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 18:51 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 18:51 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 18:51 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 18:51 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 18:51 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 18:51 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 18:51 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 18:51 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 18:51 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 18:51 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 18:51 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 18:51 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 18:51 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 18:51 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 18:51 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 18:51 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 18:51 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 18:51 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 18:51 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 18:51 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 18:51 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 18:51 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 18:51 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 18:51 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 18:51 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 18:51 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 18:51 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 18:51 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 18:51 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 18:51 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 18:51 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 18:51 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 18:51 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 18:51 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 18:51 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 18:51 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 18:51 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 18:50 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 18:50 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 18:50 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 18:50 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 18:50 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 18:50 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-13 18:50 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 18:50 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-13 18:50 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-13 18:50 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-13 18:50 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-13 18:50 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-13 18:50 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-13 18:50 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-13 18:50 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-13 18:50 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-13 18:50 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-13 18:50 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-13 18:50 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-13 18:50 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-13 18:50 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-13 18:50 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-13 18:50 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-13 18:50 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-13 18:50 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 18:50 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 18:50 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 18:50 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 18:50 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-13 18:50 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 18:50 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-13 18:50 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-13 18:50 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-13 18:50 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-13 18:50 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-13 18:50 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-13 18:50 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-13 18:50 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 19:25 - 2015-10-12 19:25 - 00000000 ____D C:\Users\Mario\AppData\Roaming\7DaysToDie
2015-09-30 14:00 - 2015-09-30 14:00 - 00000930 _____ C:\Users\Public\Desktop\MATLAB R2010a Student.lnk
2015-09-30 14:00 - 2015-09-30 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2015-09-30 11:17 - 2015-09-30 11:33 - 00000000 ____D C:\Users\Mario\AppData\Roaming\PDF Architect 3
2015-09-30 11:17 - 2015-09-30 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3
2015-09-30 11:17 - 2015-09-30 11:17 - 00000000 ____D C:\Program Files (x86)\PDF Architect 3
2015-09-30 11:16 - 2015-09-30 11:17 - 00000000 ____D C:\Program Files\PDFCreator
2015-09-30 11:16 - 2015-09-30 11:16 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-09-30 11:16 - 2015-09-30 11:16 - 00000836 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2015-09-30 11:16 - 2015-09-30 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-09-30 11:00 - 2015-09-30 11:06 - 00000000 ____D C:\Program Files (x86)\RegCleaner
2015-09-30 10:58 - 2015-09-30 11:00 - 00000962 _____ C:\Users\Mario\Desktop\RegCleaner.lnk
2015-09-30 10:58 - 2015-09-30 11:00 - 00000962 _____ C:\Users\Lernen\Desktop\RegCleaner.lnk
2015-09-30 10:58 - 2015-09-30 10:58 - 00003124 _____ C:\Windows\System32\Tasks\{2E792ADF-5189-427D-B92B-4AF2670A9F4B}
2015-09-30 10:38 - 2015-09-30 11:19 - 00000000 ____D C:\Users\Mario\AppData\Local\PDFCreator
2015-09-30 10:31 - 2015-09-30 10:31 - 00000000 ____D C:\Users\Mario\AppData\Roaming\PDF Architect
2015-09-30 10:30 - 2015-09-30 10:30 - 00000000 ____D C:\ProgramData\PDF Architect 3

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-28 15:30 - 2015-04-08 19:26 - 00000000 ____D C:\Users\Mario\AppData\Local\Spotify
2015-10-28 15:22 - 2013-01-21 10:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-28 15:19 - 2013-01-19 18:59 - 00000000 ____D C:\Users\Mario
2015-10-28 15:18 - 2015-06-18 16:12 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-28 15:17 - 2009-07-14 05:45 - 00027168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-28 15:17 - 2009-07-14 05:45 - 00027168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-28 15:15 - 2015-04-08 19:24 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Spotify
2015-10-28 15:15 - 2011-04-12 08:43 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-10-28 15:15 - 2011-04-12 08:43 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-10-28 15:15 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-28 15:14 - 2013-01-22 15:47 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6D29F55A-55FE-4567-AD7B-56A549E15B84}
2015-10-28 15:13 - 2013-01-19 18:58 - 01817405 _____ C:\Windows\WindowsUpdate.log
2015-10-28 15:10 - 2015-06-18 16:12 - 00000000 ____D C:\Users\Mario\AppData\Local\Dropbox
2015-10-28 15:10 - 2015-01-17 14:31 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Raptr
2015-10-28 15:09 - 2015-06-18 16:12 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-28 15:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-28 15:09 - 2009-07-14 05:51 - 00151505 _____ C:\Windows\setupact.log
2015-10-28 14:59 - 2010-11-21 04:47 - 00835324 _____ C:\Windows\PFRO.log
2015-10-28 14:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Web
2015-10-28 13:34 - 2013-01-20 13:49 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-10-28 13:34 - 2013-01-20 13:49 - 00003877 _____ C:\Windows\LkmdfCoInst.log
2015-10-28 12:41 - 2015-08-13 13:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-27 19:43 - 2013-01-21 12:55 - 00000000 ____D C:\Users\Mario\AppData\Roaming\vlc
2015-10-27 14:08 - 2015-08-18 11:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-24 19:52 - 2014-12-23 20:10 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-10-21 21:48 - 2013-01-20 11:43 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-21 15:09 - 2015-08-27 12:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-18 19:40 - 2013-01-21 10:57 - 00665776 _____ C:\Windows\DirectX.log
2015-10-17 14:22 - 2013-01-21 10:21 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 14:22 - 2013-01-21 10:21 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 14:22 - 2013-01-21 10:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 12:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-10-16 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-16 10:18 - 2015-06-18 16:12 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-15 19:59 - 2014-12-11 18:12 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 19:59 - 2014-05-06 21:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 18:20 - 2014-12-26 16:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 21:54 - 2013-08-13 21:07 - 00000000 ____D C:\Windows\system32\MRT
2015-10-13 21:54 - 2013-02-20 19:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 21:51 - 2013-01-23 18:59 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 19:29 - 2015-09-01 15:58 - 00000760 _____ C:\Users\Mario\Desktop\Star Citizen Launcher.lnk
2015-10-13 19:29 - 2015-09-01 15:58 - 00000760 _____ C:\Users\Lernen\Desktop\Star Citizen Launcher.lnk
2015-10-12 10:36 - 2015-01-17 14:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-10-11 18:45 - 2013-07-14 13:52 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Might & Magic Heroes VI
2015-10-09 15:11 - 2015-04-04 15:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 11:31 - 2015-04-04 15:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-03 15:13 - 2015-06-30 10:03 - 00000000 ____D C:\Users\Mario\AppData\Local\Curious Expedition
2015-09-30 19:22 - 2013-06-22 17:25 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Canon
2015-09-30 12:40 - 2013-02-20 19:57 - 00000000 ____D C:\Users\Mario\AppData\Local\Microsoft Help
2015-09-30 10:31 - 2013-06-28 14:02 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2015-09-28 17:48 - 2015-01-17 14:34 - 00003973 _____ C:\Users\Mario\AppData\Roaming\LTspiceIV.ini

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-03-29 13:09 - 2013-03-29 13:09 - 4126720 _____ () C:\Program Files (x86)\GUT3A83.tmp
2015-01-17 14:34 - 2015-09-28 17:48 - 0003973 _____ () C:\Users\Mario\AppData\Roaming\LTspiceIV.ini
2014-11-28 19:39 - 2014-11-28 19:39 - 0000017 _____ () C:\Users\Mario\AppData\Local\resmon.resmoncfg
2015-02-11 17:30 - 2015-02-11 17:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-08 17:37 - 2013-07-08 17:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Mario\AppData\Local\Temp\AcDeltree.exe
C:\Users\Mario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0ohh1.dll
C:\Users\Mario\AppData\Local\Temp\ose00000.exe
C:\Users\Mario\AppData\Local\Temp\proxy_vole6365954364804184686.dll
C:\Users\Mario\AppData\Local\Temp\raptrpatch.exe
C:\Users\Mario\AppData\Local\Temp\raptr_stub.exe
C:\Users\Mario\AppData\Local\Temp\tmp6A4.exe
C:\Users\Mario\AppData\Local\Temp\_is6518.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-21 20:04

==================== Ende von FRST.txt ============================
         
--- --- ---


Weitere Logs in den nachfolgenden Posts, da ich die Zeichenanzahl überschreite

Geändert von Arktin (28.10.2015 um 15:51 Uhr) Grund: Zusatzinfo

Alt 28.10.2015, 15:33   #2
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Weitere Logs



Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
durchgeführt von Mario (2015-10-28 15:38:22)
Gestartet von D:\Users\Mario\downloads
Windows 7 Ultimate Service Pack 1 (X64) (2013-01-19 17:58:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2508083331-1529705533-2935304339-500 - Administrator - Disabled)
Gast (S-1-5-21-2508083331-1529705533-2935304339-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2508083331-1529705533-2935304339-1004 - Limited - Enabled)
Lernen (S-1-5-21-2508083331-1529705533-2935304339-1003 - Administrator - Enabled) => C:\Users\Lernen
Mario (S-1-5-21-2508083331-1529705533-2935304339-1000 - Administrator - Enabled) => C:\Users\Mario

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.25 - GIGABYTE)
3DMark (HKLM-x32\...\Steam App 223850) (Version:  - Futuremark)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20071 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aquasuite (HKLM-x32\...\aquasuite5) (Version:  - Aqua Computer GmbH & Co. KG)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1664-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (HKLM\...\Autodesk Inventor Professional 2012) (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Vault 2012 (Client) (HKLM-x32\...\Autodesk Vault 2012 (Client)) (Version: 16.0.56.200 - Autodesk, Inc.)
Autodesk Vault 2012 (Client) (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Autodesk Vault 2012 (Client) German Language Pack (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Automation - The Car Company Tycoon Game (HKLM-x32\...\Steam App 293760) (Version:  - Camshaft Software)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
cadvilla basic plus 5 (HKLM\...\{BE7D95B0-6BB8-4381-820F-4673D20C84F5}_is1) (Version: 5.0.0.2 - Trixl GmbH)
cadvilla Tutorial Version 1.0 (HKLM-x32\...\{C62795BE-D29B-4232-9F94-BCB542D122F0}_is1) (Version: 1.0 - Trixl GmbH)
calibre 64bit (HKLM\...\{1C757A31-7FAE-43EA-99C4-672222534BC2}) (Version: 1.7.0 - Kovid Goyal)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP620 series Benutzerregistrierung (HKLM-x32\...\Canon MP620 series Benutzerregistrierung) (Version:  - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Die Gilde 2 - Gold Edition (HKLM-x32\...\Die Gilde 2 - Gold Edition) (Version: V 1.20 - JoWood)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version:  - DIMPS)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
DWG TrueView 2012 (HKLM\...\DWG TrueView 2012) (Version: 18.2.51.0 - Autodesk)
DWG TrueView 2012 (Version: 18.2.51.0 - Autodesk) Hidden
Easy Tune 6 B12.0626.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0626.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eco Materials Adviser (x64) (HKLM\...\{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}) (Version: 1.32.0.0 - Granta Design Limited)
Elite Dangerous Launcher version 0.4.1765.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1765.0 - Frontier Developments)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{185D7B00-8600-4716-A619-D8CBE689974B}) (Version: 4.40.560.0 - Futuremark)
Galactic Civilizations II: Ultimate Edition (HKLM-x32\...\Steam App 202200) (Version:  - Stardock Entertainment)
GeekBuddy (HKLM-x32\...\{87A5B227-81F8-4E51-86CA-39E89CB33B16}) (Version: 4.18.121 - Comodo Security Solutions Inc)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackup Viewer 2.00 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version:  - Big Huge Games)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell)
MATLAB Student R2010a (HKLM-x32\...\MatlabR2010a) (Version: 7.10 - The MathWorks, Inc.)
Medieval Engineers (HKLM-x32\...\Steam App 333950) (Version:  - Keen Software House)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Might & Magic ® Heroes ® VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
Mozilla Firefox 18.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0 (x86 de)) (Version: 18.0 - Mozilla)
Mozilla Firefox 41.0.2 (x86 de) (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.241 - Logitech)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version:  - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.9 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 3.9 - Saal Digital Fotoservice GmbH) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1664-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spotify (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Star Citizen Launcher (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - Star Gem Inc.)
Star Conflict Launcher 1.0.1.18 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.11.26825 - Blizzard Entertainment)
Startopia (HKLM-x32\...\Steam App 243040) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Curious Expedition (HKLM-x32\...\Steam App 358130) (Version:  - )
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TriDef 3D 6.5 (HKLM-x32\...\essentials-bundle) (Version: 6.5 - Dynamic Digital Depth Australia Pty Ltd)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files\Autodesk\AutoCAD 2014\de-DE\acadficn.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

18-10-2015 19:39:54 DirectX wurde installiert
21-10-2015 14:58:29 Windows Update
21-10-2015 21:48:04 Windows Update
27-10-2015 14:01:55 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08B318D3-C1ED-4538-AC5E-BDF42A176481} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {0E274B58-D602-43B4-9684-33C2B4DB7AFC} - System32\Tasks\{ECF3DAD0-1AFD-46C1-B41C-AD08FBD55565} => pcalua.exe -a "D:\Program Files (x86)\TriDef 3D\TriDef\Common\TriDef3DDisplaySetup.exe" -d "d:\Program Files (x86)\TriDef 3D\TriDef\Common"
Task: {127B0FB4-4A66-41CB-BD24-71F99EF10A89} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {31992ED4-BD66-4F82-848C-58275783197B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {3A3463E1-7D8D-4D3D-A165-0F6099783F5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {7D01C1F8-8D0D-4097-8665-02EA9B625E21} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {7DF2D8CB-4288-4EF4-9EE7-6772106312AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {804CF0D1-F89A-4360-8160-1E38B5F777DF} - System32\Tasks\{4937B928-1F70-4E4D-9F90-30B19BFFD7FA} => pcalua.exe -a D:\Users\Mario\downloads\msicuu2.exe -d D:\Users\Mario\downloads
Task: {9C5CEEF5-980D-433B-937D-0563DAFDF9AB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {A7165FDA-6E77-40CD-A8EE-F4F316786142} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BC6FE798-7549-49F7-8DEC-7DB66AAFFE44} - System32\Tasks\{D6A16315-8AA0-4394-9949-62E4B972B07F} => pcalua.exe -a "F:\Spiele für Lan\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "F:\Spiele für Lan\Call of Duty 4 - Modern Warfare"
Task: {EDFE630F-5211-4DDA-80D6-5BFF684773B3} - System32\Tasks\{2E792ADF-5189-427D-B92B-4AF2670A9F4B} => pcalua.exe -a D:\Users\Mario\downloads\RegCleaner.exe -d D:\Users\Mario\downloads

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-18 11:02 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-05 00:16 - 2013-10-05 00:16 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-01-31 17:02 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar D2X Audio\Customapp\VmixP8.dll
2013-03-12 17:10 - 2015-10-05 17:18 - 00778752 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 20:37 - 2015-07-03 17:12 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2015-01-20 20:37 - 2015-07-03 17:12 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 20:37 - 2015-07-03 17:12 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2014-05-23 15:54 - 2015-10-14 21:56 - 02423376 _____ () D:\Program Files (x86)\Steam\video.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 02549248 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 13:32 - 2015-09-24 01:33 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2013-01-18 19:30 - 2015-10-14 21:56 - 00705104 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 15:28 - 2015-10-09 19:13 - 00193024 _____ () D:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-05-15 15:27 - 2015-05-15 15:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-08 19:26 - 2015-10-22 21:57 - 50678592 _____ () C:\Users\Mario\AppData\Roaming\Spotify\libcef.dll
2015-08-18 11:02 - 2015-08-18 11:02 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-10-28 15:10 - 2015-10-28 15:10 - 00071168 _____ () c:\users\mario\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0ohh1.dll
2015-06-18 16:14 - 2015-09-24 00:07 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-18 16:14 - 2015-09-24 00:07 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-29 13:14 - 2015-09-24 00:07 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-18 16:14 - 2015-09-24 00:07 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 00976080 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 02254544 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 08024784 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 00032976 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\imageformats\qgif4.dll
2014-09-25 06:04 - 2014-09-25 06:04 - 01299664 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll
2015-04-08 19:26 - 2015-10-22 21:57 - 01880896 _____ () C:\Users\Mario\AppData\Roaming\Spotify\libglesv2.dll
2015-04-08 19:26 - 2015-10-22 21:57 - 00081216 _____ () C:\Users\Mario\AppData\Roaming\Spotify\libegl.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2015-06-27 00:09 - 2015-06-27 00:09 - 00271872 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2015-10-01 22:39 - 2015-10-01 22:39 - 02607872 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2013-01-18 19:30 - 2015-10-08 23:20 - 45010208 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-17 20:00 - 2014-10-17 20:00 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-01-20 11:02 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-09-02 10:29 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-31 20:35 - 2014-03-31 20:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ADSK DLMSession => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mario\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Mario\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: gbrspcontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{965F110C-420A-4BB4-A706-523D6FC60BBC}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B789D5C8-BD03-43D5-B714-4833E528D623}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00780DA0-577B-4DE8-A200-95DD3C1C9343}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{83E8AE4A-763B-4291-9A7B-2A968EA4BB57}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2DCFE65-3DB0-4320-88EE-C23BD24BB240}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ACA4E8FB-5D1E-48C3-A6E9-4FAA7FAC4989}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{73BAD040-D1D7-4685-9A19-EA2DE2D01F4E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A877C44B-2DD7-4663-853E-EA25059B6B33}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2BD3554F-4CD2-4EC8-BDF0-34D6EAB0A071}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{CF1DCAFB-EE5C-455A-B1AE-8A067ABEC4AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B76671E1-F9A0-4E10-8A71-926B2B725945}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{2C31BC53-9B0C-4923-93CD-134B2DDE73AD}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{F643CEA5-BA54-4214-88DE-727888D25D37}] => (Allow) D:\Program Files (x86)\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{E902DC53-990E-4F2A-B3DF-375B5DEAAEDC}] => (Allow) D:\Program Files (x86)\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{D50989DF-D2CB-492B-A02E-A110DE8FC546}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{BE381255-FE92-493C-95DE-BFA655C2C308}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{615144B6-3D45-41A6-B5AF-A2CF401E5545}] => (Allow) D:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{E0C74655-91E6-42AD-894C-952C91238E74}] => (Allow) D:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{2DF3094F-ADC5-4E83-802E-3AE6C815DDBF}] => (Allow) C:\Users\Mario\AppData\Local\Temp\pftD5A.tmp\fsetup.exe
FirewallRules: [{238A8B6A-42EF-42D9-BBE3-872D42343BEC}] => (Allow) C:\Users\Mario\AppData\Local\Temp\pftD5A.tmp\fsetup.exe
FirewallRules: [{10C6CD12-0C8B-470F-8015-0EACBC1D973B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{1DE769BD-2DF1-4E73-8065-AB8CD2984097}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{6B1EEDF5-314F-4269-AE46-6A0DFEA0456C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{975795EB-9BDD-4552-986E-C22896830E73}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{11CC7E6E-CEC7-4BD5-9524-71A0551FC455}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{FF94FF4C-B86C-41E7-A434-F3A2C23BD9C0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3A8D263E-8B23-4D6D-BA6E-3DE7E4D967CC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{ED4DDCF9-270B-4F78-95BB-689B0CC27DCB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{F5C0EDC3-DFDE-49BD-9D83-06FE78419BBB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{92E874AE-643D-4483-9CBE-BC78BF2F3D36}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{A151D699-5218-4B1E-8606-31320E0BA7F3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{B1CACD10-52EF-4571-8502-5E38B0959231}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{6EBD9D7A-21F5-4D59-BBD7-876AE98D7EFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{EEF5F05A-AC21-4252-B7FE-87D9742202E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{5FD004C9-ABEE-4101-8519-5D6C99415D76}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{B239C9D3-50D2-4DE9-9D79-1717B8392A10}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{037D0F96-F690-4044-92F2-E38D98906706}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{D2C9EDF3-A584-4344-AD10-44B766C4AECC}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F47C36C7-1598-45BB-AC9C-35400AB7E9EE}] => (Allow) D:\Alt D\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{E2098DA8-CC0A-4D33-A6AF-45CF25883389}] => (Allow) D:\Alt D\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{CE7547CC-63C4-4300-9EDC-95A1FADB3788}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{1E1700B2-922C-428D-9F37-4FA75BAA39AA}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{7AF04FF3-55E1-4D41-8B55-9E1890C5CDBA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{3497FFE5-1A21-4BB8-8ADE-A881372781AC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8B4224D1-8D3A-4056-80B2-522D02E20706}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{9887F9FA-F739-4098-BAA4-274D87B70473}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{ED6DF60F-B67F-4654-AAA8-4B375E2164BF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{4E93F34C-78BA-4E2A-863D-E7BFF2FB3345}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{D928C4C0-A916-4AAC-B1E8-51BAD62546D4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{7EE7FFB3-5B37-4E11-93D6-CA9CA5D4CBC0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{65CD7FB6-2D40-4BF4-BCC4-70B2CF364988}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{B2D21727-AA57-49E9-88A6-F36FD975DE6C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{FC43DFF8-1713-4D45-80DA-50BB75C64EBD}] => (Allow) D:\Program Files (x86)\Origin\FIFA Manager 14\Manager14.exe
FirewallRules: [{EC997D54-7C0C-4E26-8ADC-B4E04493E851}] => (Allow) D:\Program Files (x86)\Origin\FIFA Manager 14\Manager14.exe
FirewallRules: [{73476562-5129-4D52-A934-0D71AC2862C7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{29E75F0E-0EB7-4B71-9F24-75C1D4643F7F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{6D3F7DFD-178A-406F-AD2E-0B0EF247F96E}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Block) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{5BDF3BC9-ED72-4897-8C9B-D567A1285ED0}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Block) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{759F2E21-CB81-46E4-AC9D-4346474E59C3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{A264AAC2-52C6-4CB0-AA82-5E13D5B3F770}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{FE6CB7BE-23BC-45F2-A023-CB2BDDC1555E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{827F2D62-A790-4C9F-B654-6FDFEAE8C320}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{F92D3616-E596-45FB-890F-EF760A6CEE9C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{5F2BEE00-109F-4602-B7AB-95E53859552A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [TCP Query User{C8AB7109-039F-41E9-825B-D2104D1CAF19}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{171F1388-F727-4BFC-B5BC-35C45ABDF466}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{882D3BFB-CD02-4FD1-8E34-C49F1371E416}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1C3C6EAB-ECBD-487F-B2A4-BEA8F1CFB187}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{3821A5D5-0A44-49F0-9419-4FC79FDED117}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{29872FA9-284E-4BF9-AE32-ED2B90F50D1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{947B1178-5F2A-421A-85FD-5D751D6DF9A4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{C4E42559-9FFD-4C5D-ACBF-F32D794AC123}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{FA06CB50-3CD1-47EE-81C9-FE7A6F1FF5EB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{FDC95ECA-EE54-48F0-8787-EA2F6BB7129D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{A2BE1020-2694-4D46-8369-7727CBB68B56}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7E2186D6-000B-44C6-B71C-8C9A257A8442}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0C1113FB-04F8-4AE2-B518-6E97C577B84D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{DA1F2C81-CEF2-4F79-8536-01131133C031}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{4BA04CD1-368E-461E-A1AE-0094E42CB6EA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D4556F2F-72CF-4344-A42A-5A130B8B6C5B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{3A1F0628-B2DB-42AF-8B5A-4E279BF7DED9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{C9A2B82F-DE1C-453D-B49E-4A499BBE3934}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{CB92E315-4D46-41DF-BCBA-1480085DD941}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{DE64F4B6-96DC-4C95-BADE-968DFF200C55}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{17E3568F-6302-455B-A538-4F0D0A507753}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D4FC8FB6-F28A-4202-AFEE-53D858103120}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{B69283DC-9C37-4E91-8D26-CEB6A0681F07}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Galactic Civilizations II - Ultimate Edition\Twilight\GC2TwilightOfTheArnor.exe
FirewallRules: [{43FCA703-B52B-4E8F-9DE6-059582A39FCB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Galactic Civilizations II - Ultimate Edition\Twilight\GC2TwilightOfTheArnor.exe
FirewallRules: [{1FF871DC-18DF-4FBB-A1CB-49AB28701B82}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{CF1B2E55-5202-4A39-8AE9-6AE46D573345}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{54FE59E1-9103-43EA-9C46-E07323457987}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{1C639D60-B663-4F39-B4E0-17F654262FBE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{1CFF44AF-D38F-4C78-8527-EAAE8F432DFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{71CEAE73-30D4-4CBC-ABDB-E4FC09CD188F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{DBBD6CF8-E3BE-4D0F-8D4D-3FB98EF99CAF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{0AA5A1F0-BD01-4FFA-B959-C88A317E84E8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F27784D8-47CA-44FE-87CA-F2F1576DB70F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{C98905A5-D9B9-410B-842D-D6890AAD9E26}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{AA210F4E-DF56-4C0D-ACF5-8925EF72CC6B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{47C33655-31DE-44EA-8B55-A1A2516117A3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{E0B0954C-159B-4C08-B9E3-DD6BA1FEDF7D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{235EE3C3-03B6-4D9B-893B-BCECA33AE19B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{9D22DAE1-C78D-4653-B6FC-66EE1B29DF1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{7D04F1D6-B4B8-453B-A943-5C1593891D0B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{8B4503BD-B1C4-4D81-89D8-0A6F64BE73FB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{FDDF32DF-7D1A-4FE7-96BE-32D42264BA0F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{84E79338-CCE9-4188-A10D-29157E1E2D17}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF02C93D-2C46-4B37-B962-19C384EFA103}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4093C914-3DB5-4D9D-B031-511890105978}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{381ADD66-D099-4C9B-8D72-EDE6A20F6C93}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{D459F41E-0222-4801-AB26-B1AD23C8B280}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{CC601224-2620-4A8B-A97F-14EDBF23819D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{7C704CCB-D2D7-4EEB-91BC-2D7F939950E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{07DA511F-A879-40D4-8210-875DDC636D98}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{B20656FC-4A61-41DB-A531-94F54783756B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6619F624-5F3E-4E80-AD42-545272D81329}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{0936A2F7-D3A3-4E2B-A0ED-0F33B52EB512}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A774F7CA-FC0D-47FF-909E-59ECB45D2851}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{C9F87D21-6E00-4062-80C0-DAF0FD5640EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{3D1B9255-57D4-461B-9D22-D1471755E308}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{8D27AD06-0868-4688-A6B2-B51F5BC6D4CE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{4228A036-11D7-4BB8-8FCA-9271312F0895}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{5C04C660-20C1-49C0-B4A9-192860CA45A8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{E5477090-605F-4FF8-BD5D-3DED100C98BE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B3E43AF9-533C-4F86-91CC-35625F6BE444}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{5D93F297-1DDD-465F-ABFE-8D39128B2693}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{8CA85D9C-C006-4ECE-9808-2D29EC2472F2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{4C564B59-BAD6-4B06-B975-29D2F05EF243}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{7197C9C5-9CCF-4380-95FD-1E8CBB5C6611}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{01590297-4C7F-413D-92DB-2A47C434E028}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{CE039751-19F0-4428-B7F5-C83DD8A2FB94}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{A6DDD054-18A6-439F-A60A-616E8D1642DD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{ED9A5189-DF33-4BA9-A490-898C1A5BA7F6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{0C9BADB8-F037-4F09-A4A0-9408C6D11667}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{1EFCBD7B-CDB5-47E0-B936-A50E4535B880}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{49094478-BCB4-4C30-9E49-011A22E44791}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{5F71D05D-0E04-4CA3-B6A2-F41C3D6F715C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{B1F57978-828B-4EE4-AA13-D6BF0E33846E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [TCP Query User{92C1F3DB-5222-4C52-929A-C93582778AF6}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2997A13E-DDD7-4A5F-B11A-398848D5EBF1}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BB34A2C2-72CD-4A4C-BBAA-1CBB1811A6E4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{C5351D06-B0ED-4F2A-9CC6-0B3FBC9A1BF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{F02664CB-D9FD-4110-A4B4-D44A491BB3E6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{20D3098E-6A12-4D13-BC8E-CE7083E79863}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{91CC3A78-75DD-4CA0-A280-B5530D3BD5A1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Curious Expedition\nw.exe
FirewallRules: [{E301BF3A-364A-4B44-810E-179DE09C8918}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Curious Expedition\nw.exe
FirewallRules: [{A76CF13A-DF1A-4F27-86A3-47861F64AC06}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{EBF72FAF-CA77-440B-B764-F7E62C73F40C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{C782509E-96AF-45E4-B73E-DE8711607348}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D506091C-508A-4AD9-853F-6561717B110F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{0ADC0B6A-3CD0-4E69-A6B3-F06E56C334E3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II\GuildII.exe
FirewallRules: [{8970025C-2E16-4258-8340-1B63FAEEAD60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II\GuildII.exe
FirewallRules: [{D40896D7-B9A1-48A3-9ED8-3506AEA9EF14}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{93D5BDE9-C894-4A45-85AF-9BCCC25DCEA8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{12EF3CB6-8AD8-43FB-BBF2-0F099E79241E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{445DCB15-C78B-41BD-9ED1-18AEE923759F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{50AFAF84-361C-4C08-B15F-5D9BF04E2218}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Startopia\startopia.exe
FirewallRules: [{7421C5EB-E854-40AE-9BBD-2272689F6252}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Startopia\startopia.exe
FirewallRules: [{EF008559-261D-42B3-BB85-2EB84E7EAD31}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{C40176B6-31D1-4C04-8493-607766BBA6EF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{E23D771E-DDEF-4909-92CD-C2FBDBCE4651}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{3EA6C4A0-023F-4C1B-BB38-C71530B6A4FA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{DAE989FB-6A91-4AAA-B155-9E4FCA45E9A6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{A4810FB3-3F25-46AB-B823-DF5C43C983D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{D1225A65-5001-4772-9907-A112DD061934}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{D6453AE3-D6D4-4A87-BD10-2939712CB073}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{09902A01-1461-49B5-B819-CCB1EE9EF85C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AD6EC883-8EEC-4FD8-8991-EF6FD969AE05}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D5C8C7F4-F71A-4EB6-A966-6969532EACBC}] => (Allow) D:\Program Files (x86)\BattleNet\Battle.net\Battle.net.exe
FirewallRules: [{0992C7DB-857C-43A9-9E25-348506338EEB}] => (Allow) D:\Program Files (x86)\BattleNet\Battle.net\Battle.net.exe
FirewallRules: [{634E3C0B-9271-450E-A53C-50425C5EB0BA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95A7FBB1-1E81-44CF-9A08-076CF6A3E16A}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{2974D597-073A-4F4B-B5B7-3FFB95D9E450}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{B674311E-17DB-458E-9CE0-048ECADC5B1F}] => (Allow) C:\Users\Mario\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{EFC31C88-F374-45C5-BCC9-01A60A414DE0}D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => (Allow) D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [UDP Query User{DAA27DAD-AA07-4DBE-8E02-CAD1934207A3}D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => (Allow) D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [{766FE798-8AB6-4D1B-90A0-D6E8CFA21A8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{43CC7273-0E98-4D0D-ABA1-29FFBC4F0F4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{C15D9151-6047-40D4-AF2F-02B24FFF3BF1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{7E2B5519-AA68-417C-97A8-DE4A973B5CF6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{0BB7039B-A1D4-40B2-AB34-4DC4D04D9CA3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5C9856C4-6E45-4194-9735-7F3D23FD8E97}] => (Allow) LPort=2869
FirewallRules: [{D72B930C-88BB-4FDF-B074-B1D29D9C0B17}] => (Allow) LPort=1900
FirewallRules: [{BEDC4523-6F08-4543-8160-8AE8FD01614E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{3C0ACA69-928B-402B-B610-EBE8F264DAF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{455CBFE4-DC85-45CE-AF60-D521D2A349F0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{0B5CFA37-7488-434B-86E1-7572C9D8B094}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{0B4AE6B6-6A7C-4A37-8347-48969AFDB17B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{97CCF153-C52A-42A5-B650-09BA1D7A3398}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{19A28B81-EE4B-4760-BE5D-AD0082AA6D1D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DAB135F4-5948-445D-9AA6-39AEC2FC07D5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4356867B-75D5-4E91-92E1-47FC55225FCF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{235135FB-C6BA-4936-983B-23272E7574C9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{4C5AA192-30AD-4E9B-A8C7-22A79B2E7BE9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [TCP Query User{FDF54BB0-5126-4D1E-B9F5-E8B8C9E3CB32}C:\users\mario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DAEF1DBD-5D05-4690-83F4-30062D6C5D1F}C:\users\mario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mario\appdata\roaming\spotify\spotify.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [d:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/28/2015 03:09:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/28/2015 02:59:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/28/2015 01:35:39 PM) (Source: MsiInstaller) (EventID: 10005) (User: WakGod)
Description: Programm: Kaspersky Internet Security -- Fehler 29005. <<29005>>InstallDir=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\

Error: (10/28/2015 01:33:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/28/2015 01:31:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/28/2015 01:19:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/28/2015 01:13:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/28/2015 01:12:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/28/2015 01:08:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/28/2015 01:07:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (10/28/2015 03:10:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
CFRMD

Error: (10/28/2015 03:09:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎10.‎2015 um 15:09:15 unerwartet heruntergefahren.

Error: (10/28/2015 03:00:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
CFRMD

Error: (10/28/2015 01:34:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
CFRMD

Error: (10/28/2015 01:32:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
CFRMD

Error: (10/28/2015 01:31:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎10.‎2015 um 13:31:15 unerwartet heruntergefahren.

Error: (10/28/2015 01:19:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
CFRMD

Error: (10/28/2015 01:14:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
CFRMD

Error: (10/28/2015 01:13:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎10.‎2015 um 13:13:15 unerwartet heruntergefahren.

Error: (10/28/2015 01:13:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


CodeIntegrity:
===================================
  Date: 2015-05-25 12:21:06.199
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 17:26:48.911
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 17:26:48.906
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-17 06:28:58.487
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:39:38.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:39:38.575
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:34:46.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:34:46.722
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:30:55.667
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-11 18:31:00.124
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16346.1 MB
Verfügbarer physikalischer RAM: 12632.66 MB
Summe virtueller Speicher: 32690.4 MB
Verfügbarer virtueller Speicher: 28592.38 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:21.66 GB) NTFS
Drive d: (Müllhalde) (Fixed) (Total:1863.01 GB) (Free:416.02 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: E389A575)
Partition 1: (Active) - (Size=100 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C052AFF8)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 28.10.2015, 15:39   #3
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Weitere Logs



Gmer.txt
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-10-28 16:05:11
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 M4-CT128 rev.000F 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Mario\AppData\Local\Temp\uwldqpod.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                       0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                         0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                       0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                       000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                          00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                   00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                          000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                   0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                         000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                              0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                       000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                         0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                            000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                         00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                       00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                   00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                   00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82                                                                                                                                00000000729517fa 2 bytes CALL 75b711a9 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88                                                                                                                            0000000072951860 2 bytes CALL 75b711a9 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98                                                                                                                          0000000072951942 2 bytes JMP 75c97089 C:\Windows\syswow64\WS2_32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109                                                                                                                         000000007295194d 2 bytes JMP 75c9cba6 C:\Windows\syswow64\WS2_32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                  0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                    0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                  0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                  000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                             * 9
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                     00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                              00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                     000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                              0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                    000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                         0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                  000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                    0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                       000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                    00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                  00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                              00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                              00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                    0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                      0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                    0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                    000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                       00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                       000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                      000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                           0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                    000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                      0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                         000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                      00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                    00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                       0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                         0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                       0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                       000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                          00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                   00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                          000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                   0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                         000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                              0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                       000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                         0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                            000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                         00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                       00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                   00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                   00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17                                                                                                 0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17                                                                                                   0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17                                                                                                 0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42                                                                                                 000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17                                                                                                    00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                             00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17                                                                                                    000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                             0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17                                                                                                   000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17                                                                                                        0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17                                                                                                 000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17                                                                                                   0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17                                                                                                      000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17                                                                                                   00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17                                                                                                 00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20                                                                                             00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe[4276] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31                                                                                             00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                          0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                            0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                          0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                          000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                             00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                      00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                             000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                      0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                            000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                 0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                          000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                            0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                               000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                            00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                          00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                      00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe[4316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                      00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                  0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                    0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                  0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                  000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                     00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                              00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                     000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                              0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                    000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                         0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                  000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                    0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                       000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                    00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                  00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                              00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe[4488] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                              00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                            0000000077101401 2 bytes JMP 75b9b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                              0000000077101419 2 bytes JMP 75b9b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                            0000000077101431 2 bytes JMP 75c18fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                            000000007710144a 2 bytes CALL 75b7489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                             * 9
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                               00000000771014dd 2 bytes JMP 75c188c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                        00000000771014f5 2 bytes JMP 75c18aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                               000000007710150d 2 bytes JMP 75c187ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                        0000000077101525 2 bytes JMP 75c18b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                              000000007710153d 2 bytes JMP 75b8fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                   0000000077101555 2 bytes JMP 75b968ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                            000000007710156d 2 bytes JMP 75c19089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                              0000000077101585 2 bytes JMP 75c18bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                 000000007710159d 2 bytes JMP 75c1877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                              00000000771015b5 2 bytes JMP 75b8fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                            00000000771015cd 2 bytes JMP 75b9b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                        00000000771016b2 2 bytes JMP 75c18f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[7316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                        00000000771016bd 2 bytes JMP 75c18713 C:\Windows\syswow64\kernel32.dll

---- Threads - GMER 2.1 ----

Thread   C:\Windows\System32\svchost.exe [1248:5848]                                                                                                                                                                     000007fee20a9688
---- Processes - GMER 2.1 ----

Library  c:\users\mario\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0ohh1.dll (*** suspicious ***) @ C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4276](2015-10-28 14:10:11)  0000000067ec0000

---- EOF - GMER 2.1 ----
         
--- --- ---



Anti-Malware
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 28.10.2015
Suchlaufzeit: 14:50
Protokolldatei: MalwarebytesAntiMalware.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.10.28.03
Rootkit-Datenbank: v2015.10.23.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Mario

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 468996
Abgelaufene Zeit: 5 Min., 43 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.InstallCore, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\InstallCore, In Quarantäne, [c78cb4a8dcafdb5b48d35e0b9e65916f], 
PUP.Optional.Trovi, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [1a39bca093f800365267256322e1d828], 

Registrierungswerte: 3
PUP.Optional.Trovi, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333004&octid=EB_ORIGINAL_CTID&ISID=B8B249D6-5D2F-4965-94D3-7787834984CF&SearchSource=58&CUI=&UM=8&UP=SP0EAACCEC-65EF-425E-BBB1-5EAD840049B7&D=081615&q={searchTerms}&SSPV=&SSPV=, In Quarantäne, [db783428008bf046d3e5ee9af40fa55b]
PUP.Optional.Conduit, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}&SSPV=&SSPV=, In Quarantäne, [9bb85a02cac10135b4e51343c2411ce4]
PUP.Optional.Trovi, HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Trovi, In Quarantäne, [242f96c6f7947cbaf5c3ddab788b29d7]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], 
PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy\F4FED44496C8480C8FF212AD45D34268, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], 
PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy\OpenCandy_B449523B83C343A6A364A123184B9A32, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], 

Dateien: 2
PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy\F4FED44496C8480C8FF212AD45D34268\TuneUpUtilities2013-2200218_de-DE.exe, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], 
PUP.Optional.OpenCandy, C:\Users\Mario\AppData\Roaming\OpenCandy\OpenCandy_B449523B83C343A6A364A123184B9A32\LenovoSHAREit722.exe, In Quarantäne, [66ed312bc8c3b5818a1ff2497191e020], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Normalerweise würde ich das System (auch auf Grund des "Alters") einfach platt machen und neu aufspielen, aber momentan geht das aus diversen Gründen leider nicht (frühestens in einem halben Jahr)

Ich hoffe ihr könnt mir hier weiterhelfen
__________________

Alt 31.10.2015, 12:14   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.10.2015, 14:52   #5
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Hallo,, danke für die Antwort.

Die Logs:
mbar:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.10.31.03
  rootkit: v2015.10.28.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18059
Mario :: WAKGOD [administrator]

31.10.2015 15:26:43
mbar-log-2015-10-31 (15-26-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 472215
Time elapsed: 15 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Und TDSSKiller:
Code:
ATTFilter
15:46:38.0791 0x1cdc  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:46:41.0677 0x1cdc  ============================================================
15:46:41.0677 0x1cdc  Current date / time: 2015/10/31 15:46:41.0677
15:46:41.0677 0x1cdc  SystemInfo:
15:46:41.0677 0x1cdc  
15:46:41.0677 0x1cdc  OS Version: 6.1.7601 ServicePack: 1.0
15:46:41.0677 0x1cdc  Product type: Workstation
15:46:41.0677 0x1cdc  ComputerName: WAKGOD
15:46:41.0677 0x1cdc  UserName: Mario
15:46:41.0677 0x1cdc  Windows directory: C:\Windows
15:46:41.0677 0x1cdc  System windows directory: C:\Windows
15:46:41.0677 0x1cdc  Running under WOW64
15:46:41.0677 0x1cdc  Processor architecture: Intel x64
15:46:41.0677 0x1cdc  Number of processors: 8
15:46:41.0677 0x1cdc  Page size: 0x1000
15:46:41.0677 0x1cdc  Boot type: Normal boot
15:46:41.0677 0x1cdc  ============================================================
15:46:41.0716 0x1cdc  KLMD registered as C:\Windows\system32\drivers\08834096.sys
15:46:41.0768 0x1cdc  System UUID: {C317D38B-165C-E69A-9FE2-8E3A51FCF591}
15:46:41.0947 0x1cdc  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:41.0987 0x1cdc  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:41.0991 0x1cdc  ============================================================
15:46:41.0991 0x1cdc  \Device\Harddisk0\DR0:
15:46:41.0991 0x1cdc  MBR partitions:
15:46:41.0991 0x1cdc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0x32000
15:46:41.0991 0x1cdc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
15:46:41.0991 0x1cdc  \Device\Harddisk1\DR1:
15:46:41.0991 0x1cdc  MBR partitions:
15:46:41.0991 0x1cdc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
15:46:41.0992 0x1cdc  ============================================================
15:46:41.0993 0x1cdc  C: <-> \Device\Harddisk0\DR0\Partition2
15:46:42.0015 0x1cdc  D: <-> \Device\Harddisk1\DR1\Partition1
15:46:42.0015 0x1cdc  ============================================================
15:46:42.0015 0x1cdc  Initialize success
15:46:42.0015 0x1cdc  ============================================================
15:47:47.0435 0x1e94  ============================================================
15:47:47.0435 0x1e94  Scan started
15:47:47.0435 0x1e94  Mode: Manual; SigCheck; TDLFS; 
15:47:47.0435 0x1e94  ============================================================
15:47:47.0435 0x1e94  KSN ping started
15:47:49.0857 0x1e94  KSN ping finished: true
15:47:51.0090 0x1e94  ================ Scan system memory ========================
15:47:51.0090 0x1e94  System memory - ok
15:47:51.0090 0x1e94  ================ Scan services =============================
15:47:51.0119 0x1e94  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:47:51.0149 0x1e94  1394ohci - ok
15:47:51.0158 0x1e94  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:47:51.0169 0x1e94  ACPI - ok
15:47:51.0171 0x1e94  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:47:51.0179 0x1e94  AcpiPmi - ok
15:47:51.0184 0x1e94  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:47:51.0190 0x1e94  AdobeARMservice - ok
15:47:51.0210 0x1e94  [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:47:51.0219 0x1e94  AdobeFlashPlayerUpdateSvc - ok
15:47:51.0228 0x1e94  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:47:51.0241 0x1e94  adp94xx - ok
15:47:51.0248 0x1e94  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:47:51.0259 0x1e94  adpahci - ok
15:47:51.0263 0x1e94  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:47:51.0271 0x1e94  adpu320 - ok
15:47:51.0275 0x1e94  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:47:51.0282 0x1e94  AeLookupSvc - ok
15:47:51.0291 0x1e94  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:47:51.0304 0x1e94  AFD - ok
15:47:51.0308 0x1e94  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:47:51.0314 0x1e94  agp440 - ok
15:47:51.0346 0x1e94  [ 0E64D7144478027F427F601D9D569EC9, 1D29F64152F8F6D368DCAA597EC7BB8E14CC1C7D4EF1FFF0A4387271DB4373A7 ] AIDA64Driver    D:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64
15:47:51.0354 0x1e94  AIDA64Driver - ok
15:47:51.0357 0x1e94  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:47:51.0365 0x1e94  ALG - ok
15:47:51.0368 0x1e94  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:47:51.0373 0x1e94  aliide - ok
15:47:51.0379 0x1e94  [ 606C8F129FE18D6E3EA2FD542D43D72D, 1BDB9B1C3C8345429FFF25189DCA16F4174F29B5C5DFD5AEB5C277CD4E6EBCA8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:47:51.0392 0x1e94  AMD External Events Utility - ok
15:47:51.0394 0x1e94  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:47:51.0399 0x1e94  amdide - ok
15:47:51.0402 0x1e94  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:47:51.0409 0x1e94  AmdK8 - ok
15:47:51.0412 0x1e94  amdkmdag - ok
15:47:51.0422 0x1e94  [ C0C27A1094F6EA978FB2CAACFDE0E594, 9B481D55ED3D55A975CB1EB32DD0DB9AD032D592585A5799F81918EFB7843AAE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:47:51.0441 0x1e94  amdkmdap - ok
15:47:51.0444 0x1e94  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:47:51.0452 0x1e94  AmdPPM - ok
15:47:51.0455 0x1e94  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:47:51.0462 0x1e94  amdsata - ok
15:47:51.0467 0x1e94  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:47:51.0475 0x1e94  amdsbs - ok
15:47:51.0477 0x1e94  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:47:51.0483 0x1e94  amdxata - ok
15:47:51.0485 0x1e94  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
15:47:51.0493 0x1e94  AppID - ok
15:47:51.0495 0x1e94  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:47:51.0502 0x1e94  AppIDSvc - ok
15:47:51.0505 0x1e94  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
15:47:51.0512 0x1e94  Appinfo - ok
15:47:51.0517 0x1e94  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:47:51.0522 0x1e94  Apple Mobile Device Service - ok
15:47:51.0524 0x1e94  [ BA957E7ACD2B44FA3B01FAA64F6A9060, 24824B5B50A0F4BD1E41C2A68682E072387E6E4743538A1C72B261430F743597 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
15:47:51.0530 0x1e94  AppleCharger - ok
15:47:51.0532 0x1e94  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:47:51.0538 0x1e94  AppleChargerSrv - ok
15:47:51.0543 0x1e94  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:47:51.0551 0x1e94  AppMgmt - ok
15:47:51.0562 0x1e94  [ CC0DC15E4D13E3A886D3C2D37EB33BCD, ABEAB456D91B0CAF5F9E80621ED5A2B6B51D59F9C00B92C21B96D2E528948059 ] Aqua Computer Service C:\Program Files\aquasuite\AquaComputerService.exe
15:47:51.0572 0x1e94  Aqua Computer Service - detected UnsignedFile.Multi.Generic ( 1 )
15:47:54.0066 0x1e94  Aqua Computer Service ( UnsignedFile.Multi.Generic ) - warning
15:47:56.0453 0x1e94  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:47:56.0460 0x1e94  arc - ok
15:47:56.0463 0x1e94  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:47:56.0470 0x1e94  arcsas - ok
15:47:56.0481 0x1e94  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:47:56.0490 0x1e94  aspnet_state - ok
15:47:56.0492 0x1e94  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:47:56.0510 0x1e94  AsyncMac - ok
15:47:56.0512 0x1e94  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:47:56.0518 0x1e94  atapi - ok
15:47:56.0522 0x1e94  [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:47:56.0529 0x1e94  AtiHDAudioService - ok
15:47:56.0540 0x1e94  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:47:56.0558 0x1e94  AudioEndpointBuilder - ok
15:47:56.0568 0x1e94  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:47:56.0583 0x1e94  AudioSrv - ok
15:47:56.0588 0x1e94  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:47:56.0598 0x1e94  AxInstSV - ok
15:47:56.0607 0x1e94  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:47:56.0620 0x1e94  b06bdrv - ok
15:47:56.0626 0x1e94  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:47:56.0637 0x1e94  b57nd60a - ok
15:47:56.0642 0x1e94  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:47:56.0650 0x1e94  BDESVC - ok
15:47:56.0651 0x1e94  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:47:56.0668 0x1e94  Beep - ok
15:47:56.0680 0x1e94  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:47:56.0698 0x1e94  BFE - ok
15:47:56.0712 0x1e94  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:47:56.0743 0x1e94  BITS - ok
15:47:56.0746 0x1e94  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:47:56.0753 0x1e94  blbdrive - ok
15:47:56.0761 0x1e94  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:47:56.0770 0x1e94  Bonjour Service - ok
15:47:56.0774 0x1e94  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:47:56.0781 0x1e94  bowser - ok
15:47:56.0783 0x1e94  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:47:56.0791 0x1e94  BrFiltLo - ok
15:47:56.0793 0x1e94  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:47:56.0800 0x1e94  BrFiltUp - ok
15:47:56.0804 0x1e94  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:47:56.0812 0x1e94  Browser - ok
15:47:56.0818 0x1e94  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:47:56.0829 0x1e94  Brserid - ok
15:47:56.0832 0x1e94  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:47:56.0840 0x1e94  BrSerWdm - ok
15:47:56.0842 0x1e94  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:47:56.0850 0x1e94  BrUsbMdm - ok
15:47:56.0852 0x1e94  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:47:56.0859 0x1e94  BrUsbSer - ok
15:47:56.0862 0x1e94  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:47:56.0870 0x1e94  BTHMODEM - ok
15:47:56.0874 0x1e94  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:47:56.0893 0x1e94  bthserv - ok
15:47:56.0897 0x1e94  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:47:56.0915 0x1e94  cdfs - ok
15:47:56.0919 0x1e94  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:47:56.0927 0x1e94  cdrom - ok
15:47:56.0930 0x1e94  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:47:56.0948 0x1e94  CertPropSvc - ok
15:47:56.0950 0x1e94  CFRMD - ok
15:47:56.0953 0x1e94  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:47:56.0961 0x1e94  circlass - ok
15:47:56.0968 0x1e94  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:47:56.0979 0x1e94  CLFS - ok
15:47:57.0023 0x1e94  [ 9A5944952B122BBF68D0032EF440CFB5, D4046BA3F985A7F95F1A4A55B6F2976E292C861771CAC80CEC6DE4C82E8FDBB0 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
15:47:57.0063 0x1e94  ClickToRunSvc - ok
15:47:57.0069 0x1e94  [ 9A151FD0A9B64C5E9C07E71F6C731546, 0546F5F46F8CD46EA8B2CC5ED2CD650B65A320FF617FB9248D2F65093F40752E ] CLPSLauncher    C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
15:47:57.0074 0x1e94  CLPSLauncher - ok
15:47:57.0080 0x1e94  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:47:57.0086 0x1e94  clr_optimization_v2.0.50727_32 - ok
15:47:57.0092 0x1e94  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:47:57.0100 0x1e94  clr_optimization_v2.0.50727_64 - ok
15:47:57.0109 0x1e94  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:47:57.0116 0x1e94  clr_optimization_v4.0.30319_32 - ok
15:47:57.0120 0x1e94  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:47:57.0131 0x1e94  clr_optimization_v4.0.30319_64 - ok
15:47:57.0134 0x1e94  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:47:57.0140 0x1e94  CmBatt - ok
15:47:57.0142 0x1e94  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:47:57.0148 0x1e94  cmdide - ok
15:47:57.0185 0x1e94  [ 0367F029425CBD5506E8DB2757FF3A8F, EABE6AE4CDB692717AD243D8AA9E11E7AEC0E566204C6873F7E6D24AA5593043 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
15:47:57.0232 0x1e94  cmudaxp - ok
15:47:57.0243 0x1e94  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
15:47:57.0259 0x1e94  CNG - ok
15:47:57.0261 0x1e94  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:47:57.0267 0x1e94  Compbatt - ok
15:47:57.0269 0x1e94  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:47:57.0278 0x1e94  CompositeBus - ok
15:47:57.0280 0x1e94  COMSysApp - ok
15:47:57.0282 0x1e94  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:47:57.0288 0x1e94  crcdisk - ok
15:47:57.0293 0x1e94  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:47:57.0302 0x1e94  CryptSvc - ok
15:47:57.0312 0x1e94  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:47:57.0326 0x1e94  CSC - ok
15:47:57.0338 0x1e94  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:47:57.0355 0x1e94  CscService - ok
15:47:57.0358 0x1e94  dbupdate - ok
15:47:57.0359 0x1e94  dbupdatem - ok
15:47:57.0369 0x1e94  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:47:57.0395 0x1e94  DcomLaunch - ok
15:47:57.0402 0x1e94  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:47:57.0424 0x1e94  defragsvc - ok
15:47:57.0551 0x1e94  [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
15:47:57.0601 0x1e94  DevoloNetworkService - ok
15:47:57.0607 0x1e94  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:47:57.0625 0x1e94  DfsC - ok
15:47:57.0629 0x1e94  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:47:57.0636 0x1e94  dg_ssudbus - ok
15:47:57.0643 0x1e94  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:47:57.0654 0x1e94  Dhcp - ok
15:47:57.0676 0x1e94  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:47:57.0703 0x1e94  DiagTrack - ok
15:47:57.0706 0x1e94  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:47:57.0724 0x1e94  discache - ok
15:47:57.0727 0x1e94  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:47:57.0733 0x1e94  Disk - ok
15:47:57.0737 0x1e94  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
15:47:57.0744 0x1e94  dmvsc - ok
15:47:57.0749 0x1e94  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:47:57.0758 0x1e94  Dnscache - ok
15:47:57.0764 0x1e94  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:47:57.0785 0x1e94  dot3svc - ok
15:47:57.0789 0x1e94  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:47:57.0809 0x1e94  DPS - ok
15:47:57.0811 0x1e94  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:47:57.0817 0x1e94  drmkaud - ok
15:47:57.0832 0x1e94  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:47:57.0851 0x1e94  DXGKrnl - ok
15:47:57.0856 0x1e94  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:47:57.0875 0x1e94  EapHost - ok
15:47:57.0877 0x1e94  EasyAntiCheat - ok
15:47:57.0923 0x1e94  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:47:57.0981 0x1e94  ebdrv - ok
15:47:57.0985 0x1e94  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS             C:\Windows\System32\lsass.exe
15:47:57.0991 0x1e94  EFS - ok
15:47:58.0004 0x1e94  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:47:58.0021 0x1e94  ehRecvr - ok
15:47:58.0025 0x1e94  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:47:58.0033 0x1e94  ehSched - ok
15:47:58.0042 0x1e94  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:47:58.0056 0x1e94  elxstor - ok
15:47:58.0058 0x1e94  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:47:58.0065 0x1e94  ErrDev - ok
15:47:58.0068 0x1e94  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
15:47:58.0073 0x1e94  etdrv - ok
15:47:58.0081 0x1e94  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:47:58.0105 0x1e94  EventSystem - ok
15:47:58.0110 0x1e94  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:47:58.0130 0x1e94  exfat - ok
15:47:58.0135 0x1e94  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:47:58.0155 0x1e94  fastfat - ok
15:47:58.0166 0x1e94  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:47:58.0183 0x1e94  Fax - ok
15:47:58.0186 0x1e94  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:47:58.0192 0x1e94  fdc - ok
15:47:58.0194 0x1e94  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:47:58.0212 0x1e94  fdPHost - ok
15:47:58.0214 0x1e94  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:47:58.0232 0x1e94  FDResPub - ok
15:47:58.0235 0x1e94  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:47:58.0241 0x1e94  FileInfo - ok
15:47:58.0244 0x1e94  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:47:58.0261 0x1e94  Filetrace - ok
15:47:58.0283 0x1e94  [ ECC329F6104EE208C24C4A8C1B4A9D14, E120DAAB58C4083577A8445230DBB841984818188BFD0609576BC704C836DF3F ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:47:58.0310 0x1e94  FlexNet Licensing Service 64 - ok
15:47:58.0313 0x1e94  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:47:58.0320 0x1e94  flpydisk - ok
15:47:58.0326 0x1e94  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:47:58.0335 0x1e94  FltMgr - ok
15:47:58.0353 0x1e94  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
15:47:58.0377 0x1e94  FontCache - ok
15:47:58.0381 0x1e94  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:47:58.0386 0x1e94  FontCache3.0.0.0 - ok
15:47:58.0389 0x1e94  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:47:58.0394 0x1e94  FsDepends - ok
15:47:58.0397 0x1e94  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:47:58.0402 0x1e94  Fs_Rec - ok
15:47:58.0409 0x1e94  [ 18AEB680709A01F0FAA74165EE995F39, FBBEDD9A5BA1F620C6F71647550372C0C5A21C342272BB284CF797CC572487E7 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
15:47:58.0419 0x1e94  Futuremark SystemInfo Service - ok
15:47:58.0425 0x1e94  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:47:58.0435 0x1e94  fvevol - ok
15:47:58.0438 0x1e94  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:47:58.0444 0x1e94  gagp30kx - ok
15:47:58.0445 0x1e94  gdrv - ok
15:47:58.0448 0x1e94  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:47:58.0452 0x1e94  GEARAspiWDM - ok
15:47:58.0486 0x1e94  [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP    C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
15:47:58.0519 0x1e94  GeekBuddyRSP - ok
15:47:58.0534 0x1e94  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:47:58.0563 0x1e94  gpsvc - ok
15:47:58.0578 0x1e94  GPUZ - ok
15:47:58.0580 0x1e94  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
15:47:58.0586 0x1e94  GVTDrv64 - ok
15:47:58.0588 0x1e94  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:47:58.0595 0x1e94  hcw85cir - ok
15:47:58.0601 0x1e94  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:47:58.0613 0x1e94  HdAudAddService - ok
15:47:58.0617 0x1e94  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:58.0626 0x1e94  HDAudBus - ok
15:47:58.0629 0x1e94  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:47:58.0635 0x1e94  HidBatt - ok
15:47:58.0638 0x1e94  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:47:58.0647 0x1e94  HidBth - ok
15:47:58.0650 0x1e94  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:47:58.0658 0x1e94  HidIr - ok
15:47:58.0660 0x1e94  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:47:58.0678 0x1e94  hidserv - ok
15:47:58.0680 0x1e94  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:47:58.0686 0x1e94  HidUsb - ok
15:47:58.0690 0x1e94  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:47:58.0708 0x1e94  hkmsvc - ok
15:47:58.0714 0x1e94  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:47:58.0724 0x1e94  HomeGroupListener - ok
15:47:58.0728 0x1e94  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:47:58.0738 0x1e94  HomeGroupProvider - ok
15:47:58.0742 0x1e94  [ B45C9BCB2E5D40A68A8AD0A5810BA071, 1C31B6E7407B62B7162AE09980B8BD66A6A774F659E78E54D2F078E6902F4A08 ] hotcore3        C:\Windows\system32\DRIVERS\hotcore3.sys
15:47:58.0747 0x1e94  hotcore3 - ok
15:47:58.0750 0x1e94  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:47:58.0757 0x1e94  HpSAMD - ok
15:47:58.0769 0x1e94  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:47:58.0786 0x1e94  HTTP - ok
15:47:58.0789 0x1e94  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:47:58.0794 0x1e94  hwpolicy - ok
15:47:58.0798 0x1e94  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:47:58.0805 0x1e94  i8042prt - ok
15:47:58.0815 0x1e94  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:47:58.0827 0x1e94  iaStor - ok
15:47:58.0831 0x1e94  [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:47:58.0835 0x1e94  IAStorDataMgrSvc - ok
15:47:58.0843 0x1e94  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:47:58.0855 0x1e94  iaStorV - ok
15:47:58.0860 0x1e94  [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:47:58.0865 0x1e94  ICCS - detected UnsignedFile.Multi.Generic ( 1 )
15:48:01.0312 0x1e94  Detect skipped due to KSN trusted
15:48:01.0312 0x1e94  ICCS - ok
15:48:01.0316 0x1e94  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:48:01.0320 0x1e94  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:48:03.0763 0x1e94  Detect skipped due to KSN trusted
15:48:03.0763 0x1e94  IDriverT - ok
15:48:03.0777 0x1e94  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:48:03.0795 0x1e94  idsvc - ok
15:48:03.0798 0x1e94  IEEtwCollectorService - ok
15:48:03.0801 0x1e94  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:48:03.0807 0x1e94  iirsp - ok
15:48:03.0820 0x1e94  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:48:03.0839 0x1e94  IKEEXT - ok
15:48:03.0853 0x1e94  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:48:03.0867 0x1e94  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
15:48:06.0306 0x1e94  Detect skipped due to KSN trusted
15:48:06.0306 0x1e94  Intel(R) Capability Licensing Service Interface - ok
15:48:06.0319 0x1e94  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:48:06.0336 0x1e94  Intel(R) Capability Licensing Service TCP IP Interface - ok
15:48:06.0339 0x1e94  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:48:06.0344 0x1e94  intelide - ok
15:48:06.0347 0x1e94  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:48:06.0355 0x1e94  intelppm - ok
15:48:06.0358 0x1e94  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:48:06.0377 0x1e94  IPBusEnum - ok
15:48:06.0381 0x1e94  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:48:06.0399 0x1e94  IpFilterDriver - ok
15:48:06.0408 0x1e94  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:48:06.0422 0x1e94  iphlpsvc - ok
15:48:06.0426 0x1e94  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:48:06.0433 0x1e94  IPMIDRV - ok
15:48:06.0437 0x1e94  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:48:06.0456 0x1e94  IPNAT - ok
15:48:06.0467 0x1e94  [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:48:06.0479 0x1e94  iPod Service - ok
15:48:06.0482 0x1e94  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:48:06.0490 0x1e94  IRENUM - ok
15:48:06.0492 0x1e94  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:48:06.0497 0x1e94  isapnp - ok
15:48:06.0503 0x1e94  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:48:06.0513 0x1e94  iScsiPrt - ok
15:48:06.0515 0x1e94  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:48:06.0520 0x1e94  iusb3hcs - ok
15:48:06.0527 0x1e94  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
15:48:06.0537 0x1e94  iusb3hub - ok
15:48:06.0549 0x1e94  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:48:06.0566 0x1e94  iusb3xhc - ok
15:48:06.0571 0x1e94  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:48:06.0578 0x1e94  jhi_service - ok
15:48:06.0581 0x1e94  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:48:06.0587 0x1e94  kbdclass - ok
15:48:06.0589 0x1e94  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:48:06.0596 0x1e94  kbdhid - ok
15:48:06.0598 0x1e94  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso          C:\Windows\system32\lsass.exe
15:48:06.0605 0x1e94  KeyIso - ok
15:48:06.0609 0x1e94  [ 6D3F864756213A589A86B2E93EBEB3F9, 19B1F21B92E206CAE48AE29EDCFCCA7346E5C8C8F93CA798576D90F112A8B990 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
15:48:06.0618 0x1e94  klflt - ok
15:48:06.0623 0x1e94  [ FA4108F8C8067E4CDF01CD33BF372280, 69317362032BC353851A1696689FA4A7CA343737B8C3E4D2799BC0CD7079376F ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
15:48:06.0633 0x1e94  klhk - ok
15:48:06.0648 0x1e94  [ D4EAEEF7BCB49EC1DF1BFA55C9D68ABC, 7546B7DB9EB8743D976CC0F4C567F367361138168F4A751EA461E81A2D66985E ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
15:48:06.0668 0x1e94  KLIF - ok
15:48:06.0671 0x1e94  [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
15:48:06.0677 0x1e94  KLIM6 - ok
15:48:06.0681 0x1e94  [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:48:06.0687 0x1e94  KSecDD - ok
15:48:06.0691 0x1e94  [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:48:06.0699 0x1e94  KSecPkg - ok
15:48:06.0702 0x1e94  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:48:06.0719 0x1e94  ksthunk - ok
15:48:06.0726 0x1e94  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:48:06.0750 0x1e94  KtmRm - ok
15:48:06.0754 0x1e94  [ 875805538A76210489D65A37332085E9, B0C9A18D6367437190EEFB30EB44B7D15F69A2FAEF71FE777AABEE5F3525AD48 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:48:06.0760 0x1e94  L1C - ok
15:48:06.0766 0x1e94  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:48:06.0787 0x1e94  LanmanServer - ok
15:48:06.0791 0x1e94  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:48:06.0813 0x1e94  LanmanWorkstation - ok
15:48:06.0816 0x1e94  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
15:48:06.0822 0x1e94  LGBusEnum - ok
15:48:06.0825 0x1e94  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
15:48:06.0830 0x1e94  LGSHidFilt - ok
15:48:06.0832 0x1e94  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
15:48:06.0837 0x1e94  LGVirHid - ok
15:48:06.0840 0x1e94  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:48:06.0859 0x1e94  lltdio - ok
15:48:06.0865 0x1e94  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:48:06.0888 0x1e94  lltdsvc - ok
15:48:06.0890 0x1e94  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:48:06.0908 0x1e94  lmhosts - ok
15:48:06.0915 0x1e94  [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:48:06.0924 0x1e94  LMS - ok
15:48:06.0929 0x1e94  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:48:06.0936 0x1e94  LSI_FC - ok
15:48:06.0940 0x1e94  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:48:06.0947 0x1e94  LSI_SAS - ok
15:48:06.0950 0x1e94  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:48:06.0955 0x1e94  LSI_SAS2 - ok
15:48:06.0959 0x1e94  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:48:06.0966 0x1e94  LSI_SCSI - ok
15:48:06.0970 0x1e94  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:48:06.0989 0x1e94  luafv - ok
15:48:06.0991 0x1e94  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:48:06.0997 0x1e94  MBAMProtector - ok
15:48:07.0049 0x1e94  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:48:07.0072 0x1e94  MBAMService - ok
15:48:07.0076 0x1e94  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:48:07.0082 0x1e94  MBAMWebAccessControl - ok
15:48:07.0086 0x1e94  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:48:07.0094 0x1e94  Mcx2Svc - ok
15:48:07.0096 0x1e94  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:48:07.0102 0x1e94  megasas - ok
15:48:07.0108 0x1e94  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:48:07.0117 0x1e94  MegaSR - ok
15:48:07.0121 0x1e94  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
15:48:07.0128 0x1e94  MEIx64 - ok
15:48:07.0271 0x1e94  [ 29731E3F45A70312E82A72EA96483171, A2BB7B7451394CBC2C0BC01E54150D2695C7E63A753A72982AD156FA46B054CA ] mitsijm2012     D:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
15:48:07.0286 0x1e94  mitsijm2012 - ok
15:48:07.0289 0x1e94  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:48:07.0308 0x1e94  MMCSS - ok
15:48:07.0311 0x1e94  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:48:07.0328 0x1e94  Modem - ok
15:48:07.0331 0x1e94  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:48:07.0338 0x1e94  monitor - ok
15:48:07.0341 0x1e94  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:48:07.0347 0x1e94  mouclass - ok
15:48:07.0349 0x1e94  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:48:07.0355 0x1e94  mouhid - ok
15:48:07.0359 0x1e94  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:48:07.0365 0x1e94  mountmgr - ok
15:48:07.0368 0x1e94  [ 730A519505621DF46BCBF9CDAC9FB6AD, BEA87E6C88630D5978045B720D9DCC4ABB1EE5E48AF5115363800E84EABA61E6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:48:07.0375 0x1e94  MozillaMaintenance - ok
15:48:07.0380 0x1e94  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:48:07.0387 0x1e94  mpio - ok
15:48:07.0390 0x1e94  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:48:07.0409 0x1e94  mpsdrv - ok
15:48:07.0422 0x1e94  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:48:07.0452 0x1e94  MpsSvc - ok
15:48:07.0456 0x1e94  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:48:07.0465 0x1e94  MRxDAV - ok
15:48:07.0469 0x1e94  [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:48:07.0478 0x1e94  mrxsmb - ok
15:48:07.0484 0x1e94  [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:48:07.0495 0x1e94  mrxsmb10 - ok
15:48:07.0499 0x1e94  [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:48:07.0507 0x1e94  mrxsmb20 - ok
15:48:07.0510 0x1e94  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:48:07.0516 0x1e94  msahci - ok
15:48:07.0520 0x1e94  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:48:07.0527 0x1e94  msdsm - ok
15:48:07.0531 0x1e94  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:48:07.0540 0x1e94  MSDTC - ok
15:48:07.0544 0x1e94  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:48:07.0562 0x1e94  Msfs - ok
15:48:07.0564 0x1e94  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:48:07.0582 0x1e94  mshidkmdf - ok
15:48:07.0584 0x1e94  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:48:07.0589 0x1e94  msisadrv - ok
15:48:07.0594 0x1e94  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:48:07.0614 0x1e94  MSiSCSI - ok
15:48:07.0616 0x1e94  msiserver - ok
15:48:07.0618 0x1e94  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:48:07.0636 0x1e94  MSKSSRV - ok
15:48:07.0638 0x1e94  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:48:07.0656 0x1e94  MSPCLOCK - ok
15:48:07.0658 0x1e94  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:48:07.0676 0x1e94  MSPQM - ok
15:48:07.0683 0x1e94  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:48:07.0692 0x1e94  MsRPC - ok
15:48:07.0696 0x1e94  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:48:07.0701 0x1e94  mssmbios - ok
15:48:07.0761 0x1e94  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:48:07.0828 0x1e94  MSTEE - ok
15:48:07.0830 0x1e94  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:48:07.0836 0x1e94  MTConfig - ok
15:48:07.0839 0x1e94  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:48:07.0845 0x1e94  Mup - ok
15:48:07.0852 0x1e94  [ 97CCA67FCDABB8441149F04B34ABF510, 25043EC25193E2968F9112330DF63C7F9B9BEBDEEE323ACB3C396AB9494E577F ] mvs91xx         C:\Windows\system32\DRIVERS\mvs91xx.sys
15:48:07.0862 0x1e94  mvs91xx - ok
15:48:07.0871 0x1e94  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:48:07.0895 0x1e94  napagent - ok
15:48:07.0902 0x1e94  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:48:07.0916 0x1e94  NativeWifiP - ok
15:48:07.0931 0x1e94  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:48:07.0951 0x1e94  NDIS - ok
15:48:07.0954 0x1e94  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:48:07.0972 0x1e94  NdisCap - ok
15:48:07.0975 0x1e94  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:48:07.0992 0x1e94  NdisTapi - ok
15:48:07.0995 0x1e94  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:48:08.0012 0x1e94  Ndisuio - ok
15:48:08.0017 0x1e94  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:48:08.0036 0x1e94  NdisWan - ok
15:48:08.0039 0x1e94  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:48:08.0056 0x1e94  NDProxy - ok
15:48:08.0058 0x1e94  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
15:48:08.0065 0x1e94  Netaapl - ok
15:48:08.0068 0x1e94  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:48:08.0086 0x1e94  NetBIOS - ok
15:48:08.0092 0x1e94  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:48:08.0113 0x1e94  NetBT - ok
15:48:08.0115 0x1e94  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon        C:\Windows\system32\lsass.exe
15:48:08.0121 0x1e94  Netlogon - ok
15:48:08.0128 0x1e94  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:48:08.0152 0x1e94  Netman - ok
15:48:08.0161 0x1e94  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:08.0173 0x1e94  NetMsmqActivator - ok
15:48:08.0176 0x1e94  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:08.0184 0x1e94  NetPipeActivator - ok
15:48:08.0192 0x1e94  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:48:08.0217 0x1e94  netprofm - ok
15:48:08.0221 0x1e94  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:08.0229 0x1e94  NetTcpActivator - ok
15:48:08.0232 0x1e94  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:48:08.0240 0x1e94  NetTcpPortSharing - ok
15:48:08.0243 0x1e94  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:48:08.0249 0x1e94  nfrd960 - ok
15:48:08.0255 0x1e94  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:48:08.0266 0x1e94  NlaSvc - ok
15:48:08.0269 0x1e94  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:48:08.0286 0x1e94  Npfs - ok
15:48:08.0304 0x1e94  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
15:48:08.0309 0x1e94  NPF_devolo - ok
15:48:08.0312 0x1e94  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:48:08.0331 0x1e94  nsi - ok
15:48:08.0333 0x1e94  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:48:08.0351 0x1e94  nsiproxy - ok
15:48:08.0376 0x1e94  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:48:08.0402 0x1e94  Ntfs - ok
15:48:08.0405 0x1e94  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:48:08.0422 0x1e94  Null - ok
15:48:08.0426 0x1e94  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:48:08.0433 0x1e94  nvraid - ok
15:48:08.0438 0x1e94  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:48:08.0446 0x1e94  nvstor - ok
15:48:08.0449 0x1e94  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:48:08.0456 0x1e94  nv_agp - ok
15:48:08.0459 0x1e94  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:48:08.0467 0x1e94  ohci1394 - ok
15:48:08.0471 0x1e94  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:48:08.0479 0x1e94  ose - ok
15:48:08.0548 0x1e94  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:48:08.0631 0x1e94  osppsvc - ok
15:48:08.0642 0x1e94  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:48:08.0653 0x1e94  p2pimsvc - ok
15:48:08.0662 0x1e94  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:48:08.0675 0x1e94  p2psvc - ok
15:48:08.0678 0x1e94  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:48:08.0686 0x1e94  Parport - ok
15:48:08.0689 0x1e94  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:48:08.0696 0x1e94  partmgr - ok
15:48:08.0700 0x1e94  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:48:08.0709 0x1e94  PcaSvc - ok
15:48:08.0714 0x1e94  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:48:08.0722 0x1e94  pci - ok
15:48:08.0724 0x1e94  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:48:08.0730 0x1e94  pciide - ok
15:48:08.0735 0x1e94  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:48:08.0744 0x1e94  pcmcia - ok
15:48:08.0747 0x1e94  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:48:08.0753 0x1e94  pcw - ok
15:48:08.0786 0x1e94  [ A279FC9BE4D1DA5DA3E79B5EAE0FDCF4, 0CC9A413E2BFE30421A74610300F6AD29769EF45557137F6FD7B7FAF0E0A241C ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
15:48:08.0825 0x1e94  PDF Architect 3 - ok
15:48:08.0841 0x1e94  [ 29D993E6AABC958032ED9620D232C521, 68F6581BB8A856561BAD22B5EB5CAB25B3F9473228B553D133ECFB4BDCEB2A3F ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
15:48:08.0860 0x1e94  PDF Architect 3 CrashHandler - ok
15:48:08.0873 0x1e94  [ 9EC3A20048C2E53B98E3617B7D6EB1DE, 8C2A11FFE65C062E8091135ECE4E392C2F18BB48C565E47DA08BF344B2587061 ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
15:48:08.0886 0x1e94  PDF Architect 3 Creator - ok
15:48:08.0898 0x1e94  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:48:08.0914 0x1e94  PEAUTH - ok
15:48:08.0935 0x1e94  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:48:08.0962 0x1e94  PeerDistSvc - ok
15:48:08.0967 0x1e94  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:48:08.0974 0x1e94  PerfHost - ok
15:48:08.0997 0x1e94  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:48:09.0037 0x1e94  pla - ok
15:48:09.0046 0x1e94  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:48:09.0058 0x1e94  PlugPlay - ok
15:48:09.0061 0x1e94  PnkBstrA - ok
15:48:09.0063 0x1e94  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:48:09.0070 0x1e94  PNRPAutoReg - ok
15:48:09.0076 0x1e94  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:48:09.0086 0x1e94  PNRPsvc - ok
15:48:09.0095 0x1e94  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:48:09.0120 0x1e94  PolicyAgent - ok
15:48:09.0125 0x1e94  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:48:09.0146 0x1e94  Power - ok
15:48:09.0149 0x1e94  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:48:09.0167 0x1e94  PptpMiniport - ok
15:48:09.0170 0x1e94  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:48:09.0177 0x1e94  Processor - ok
15:48:09.0182 0x1e94  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:48:09.0191 0x1e94  ProfSvc - ok
15:48:09.0194 0x1e94  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:48:09.0200 0x1e94  ProtectedStorage - ok
15:48:09.0204 0x1e94  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:48:09.0223 0x1e94  Psched - ok
15:48:09.0246 0x1e94  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:48:09.0275 0x1e94  ql2300 - ok
15:48:09.0280 0x1e94  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:48:09.0287 0x1e94  ql40xx - ok
15:48:09.0292 0x1e94  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:48:09.0304 0x1e94  QWAVE - ok
15:48:09.0307 0x1e94  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:48:09.0316 0x1e94  QWAVEdrv - ok
15:48:09.0318 0x1e94  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:48:09.0336 0x1e94  RasAcd - ok
15:48:09.0339 0x1e94  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:48:09.0357 0x1e94  RasAgileVpn - ok
15:48:09.0360 0x1e94  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:48:09.0379 0x1e94  RasAuto - ok
15:48:09.0383 0x1e94  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:09.0402 0x1e94  Rasl2tp - ok
15:48:09.0409 0x1e94  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:48:09.0432 0x1e94  RasMan - ok
15:48:09.0436 0x1e94  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:09.0454 0x1e94  RasPppoe - ok
15:48:09.0458 0x1e94  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:48:09.0476 0x1e94  RasSstp - ok
15:48:09.0482 0x1e94  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:48:09.0504 0x1e94  rdbss - ok
15:48:09.0507 0x1e94  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:48:09.0514 0x1e94  rdpbus - ok
15:48:09.0516 0x1e94  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:09.0533 0x1e94  RDPCDD - ok
15:48:09.0538 0x1e94  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:48:09.0547 0x1e94  RDPDR - ok
15:48:09.0549 0x1e94  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:48:09.0566 0x1e94  RDPENCDD - ok
15:48:09.0569 0x1e94  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:48:09.0586 0x1e94  RDPREFMP - ok
15:48:09.0589 0x1e94  [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:48:09.0595 0x1e94  RdpVideoMiniport - ok
15:48:09.0601 0x1e94  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:48:09.0609 0x1e94  RDPWD - ok
15:48:09.0614 0x1e94  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:48:09.0622 0x1e94  rdyboost - ok
15:48:09.0626 0x1e94  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:48:09.0646 0x1e94  RemoteAccess - ok
15:48:09.0650 0x1e94  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:48:09.0670 0x1e94  RemoteRegistry - ok
15:48:09.0674 0x1e94  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:48:09.0692 0x1e94  RpcEptMapper - ok
15:48:09.0695 0x1e94  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:48:09.0702 0x1e94  RpcLocator - ok
15:48:09.0711 0x1e94  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:48:09.0734 0x1e94  RpcSs - ok
15:48:09.0737 0x1e94  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:48:09.0756 0x1e94  rspndr - ok
15:48:09.0758 0x1e94  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:48:09.0764 0x1e94  s3cap - ok
15:48:09.0766 0x1e94  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs           C:\Windows\system32\lsass.exe
15:48:09.0772 0x1e94  SamSs - ok
15:48:09.0775 0x1e94  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:48:09.0782 0x1e94  sbp2port - ok
15:48:09.0787 0x1e94  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:48:09.0808 0x1e94  SCardSvr - ok
15:48:09.0810 0x1e94  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:48:09.0827 0x1e94  scfilter - ok
15:48:09.0844 0x1e94  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
15:48:09.0868 0x1e94  Schedule - ok
15:48:09.0871 0x1e94  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:48:09.0889 0x1e94  SCPolicySvc - ok
15:48:09.0893 0x1e94  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:48:09.0903 0x1e94  SDRSVC - ok
15:48:09.0905 0x1e94  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:48:09.0911 0x1e94  secdrv - ok
15:48:09.0914 0x1e94  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:48:09.0932 0x1e94  seclogon - ok
15:48:09.0935 0x1e94  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:48:09.0954 0x1e94  SENS - ok
15:48:09.0957 0x1e94  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:48:09.0964 0x1e94  SensrSvc - ok
15:48:09.0966 0x1e94  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:48:09.0973 0x1e94  Serenum - ok
15:48:09.0976 0x1e94  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:48:09.0984 0x1e94  Serial - ok
15:48:09.0986 0x1e94  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:48:09.0993 0x1e94  sermouse - ok
15:48:09.0999 0x1e94  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:48:10.0017 0x1e94  SessionEnv - ok
15:48:10.0020 0x1e94  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:48:10.0028 0x1e94  sffdisk - ok
15:48:10.0030 0x1e94  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:48:10.0037 0x1e94  sffp_mmc - ok
15:48:10.0040 0x1e94  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:48:10.0047 0x1e94  sffp_sd - ok
15:48:10.0049 0x1e94  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:48:10.0056 0x1e94  sfloppy - ok
15:48:10.0063 0x1e94  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:48:10.0086 0x1e94  SharedAccess - ok
15:48:10.0094 0x1e94  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:48:10.0117 0x1e94  ShellHWDetection - ok
15:48:10.0120 0x1e94  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:48:10.0126 0x1e94  SiSRaid2 - ok
15:48:10.0129 0x1e94  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:48:10.0135 0x1e94  SiSRaid4 - ok
15:48:10.0138 0x1e94  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:48:10.0157 0x1e94  Smb - ok
15:48:10.0161 0x1e94  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:48:10.0168 0x1e94  SNMPTRAP - ok
15:48:10.0170 0x1e94  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:48:10.0176 0x1e94  spldr - ok
15:48:10.0185 0x1e94  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:48:10.0207 0x1e94  Spooler - ok
15:48:10.0260 0x1e94  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:48:10.0333 0x1e94  sppsvc - ok
15:48:10.0338 0x1e94  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:48:10.0357 0x1e94  sppuinotify - ok
15:48:10.0365 0x1e94  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:48:10.0378 0x1e94  srv - ok
15:48:10.0385 0x1e94  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:48:10.0397 0x1e94  srv2 - ok
15:48:10.0402 0x1e94  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:48:10.0410 0x1e94  srvnet - ok
15:48:10.0415 0x1e94  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:48:10.0436 0x1e94  SSDPSRV - ok
15:48:10.0439 0x1e94  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:48:10.0459 0x1e94  SstpSvc - ok
15:48:10.0464 0x1e94  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:48:10.0472 0x1e94  ssudmdm - ok
15:48:10.0485 0x1e94  [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:48:10.0502 0x1e94  Steam Client Service - ok
15:48:10.0505 0x1e94  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:48:10.0510 0x1e94  stexstor - ok
15:48:10.0512 0x1e94  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:48:10.0518 0x1e94  StillCam - ok
15:48:10.0528 0x1e94  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:48:10.0546 0x1e94  stisvc - ok
15:48:10.0549 0x1e94  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:48:10.0555 0x1e94  storflt - ok
15:48:10.0558 0x1e94  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:48:10.0564 0x1e94  storvsc - ok
15:48:10.0566 0x1e94  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:48:10.0571 0x1e94  swenum - ok
15:48:10.0580 0x1e94  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:48:10.0606 0x1e94  swprv - ok
15:48:10.0609 0x1e94  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
15:48:10.0616 0x1e94  Synth3dVsc - ok
15:48:10.0641 0x1e94  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:48:10.0674 0x1e94  SysMain - ok
15:48:10.0679 0x1e94  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:48:10.0690 0x1e94  TabletInputService - ok
15:48:10.0696 0x1e94  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:48:10.0718 0x1e94  TapiSrv - ok
15:48:10.0721 0x1e94  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:48:10.0740 0x1e94  TBS - ok
15:48:10.0767 0x1e94  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:48:10.0801 0x1e94  Tcpip - ok
15:48:10.0829 0x1e94  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:48:10.0858 0x1e94  TCPIP6 - ok
15:48:10.0863 0x1e94  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:48:10.0869 0x1e94  tcpipreg - ok
15:48:10.0872 0x1e94  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:48:10.0879 0x1e94  TDPIPE - ok
15:48:10.0881 0x1e94  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:48:10.0887 0x1e94  TDTCP - ok
15:48:10.0891 0x1e94  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:48:10.0899 0x1e94  tdx - ok
15:48:10.0901 0x1e94  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:48:10.0908 0x1e94  TermDD - ok
15:48:10.0910 0x1e94  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
15:48:10.0917 0x1e94  terminpt - ok
15:48:10.0928 0x1e94  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:48:10.0943 0x1e94  TermService - ok
15:48:10.0946 0x1e94  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:48:10.0956 0x1e94  Themes - ok
15:48:10.0959 0x1e94  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:48:10.0977 0x1e94  THREADORDER - ok
15:48:10.0981 0x1e94  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:48:11.0001 0x1e94  TrkWks - ok
15:48:11.0006 0x1e94  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
15:48:11.0015 0x1e94  truecrypt - ok
15:48:11.0020 0x1e94  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:48:11.0039 0x1e94  TrustedInstaller - ok
15:48:11.0043 0x1e94  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:48:11.0050 0x1e94  tssecsrv - ok
15:48:11.0053 0x1e94  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:48:11.0059 0x1e94  TsUsbFlt - ok
15:48:11.0062 0x1e94  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:48:11.0068 0x1e94  TsUsbGD - ok
15:48:11.0072 0x1e94  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
15:48:11.0080 0x1e94  tsusbhub - ok
15:48:11.0084 0x1e94  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:48:11.0102 0x1e94  tunnel - ok
15:48:11.0105 0x1e94  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:48:11.0111 0x1e94  uagp35 - ok
15:48:11.0118 0x1e94  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:48:11.0140 0x1e94  udfs - ok
15:48:11.0144 0x1e94  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:48:11.0151 0x1e94  UI0Detect - ok
15:48:11.0154 0x1e94  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:48:11.0160 0x1e94  uliagpkx - ok
15:48:11.0163 0x1e94  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:48:11.0169 0x1e94  umbus - ok
15:48:11.0171 0x1e94  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:48:11.0178 0x1e94  UmPass - ok
15:48:11.0183 0x1e94  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:48:11.0193 0x1e94  UmRdpService - ok
15:48:11.0200 0x1e94  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:48:11.0224 0x1e94  upnphost - ok
15:48:11.0228 0x1e94  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:48:11.0235 0x1e94  USBAAPL64 - ok
15:48:11.0238 0x1e94  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:48:11.0245 0x1e94  usbccgp - ok
15:48:11.0249 0x1e94  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:48:11.0256 0x1e94  usbcir - ok
15:48:11.0259 0x1e94  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:48:11.0265 0x1e94  usbehci - ok
15:48:11.0272 0x1e94  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:48:11.0283 0x1e94  usbhub - ok
15:48:11.0285 0x1e94  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:48:11.0291 0x1e94  usbohci - ok
15:48:11.0294 0x1e94  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:48:11.0301 0x1e94  usbprint - ok
15:48:11.0304 0x1e94  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
15:48:11.0310 0x1e94  usbscan - ok
15:48:11.0314 0x1e94  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:48:11.0321 0x1e94  USBSTOR - ok
15:48:11.0323 0x1e94  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:48:11.0330 0x1e94  usbuhci - ok
15:48:11.0332 0x1e94  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:48:11.0351 0x1e94  UxSms - ok
15:48:11.0353 0x1e94  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc        C:\Windows\system32\lsass.exe
15:48:11.0359 0x1e94  VaultSvc - ok
15:48:11.0361 0x1e94  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:48:11.0367 0x1e94  vdrvroot - ok
15:48:11.0377 0x1e94  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:48:11.0403 0x1e94  vds - ok
15:48:11.0405 0x1e94  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:48:11.0413 0x1e94  vga - ok
15:48:11.0415 0x1e94  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:48:11.0432 0x1e94  VgaSave - ok
15:48:11.0434 0x1e94  VGPU - ok
15:48:11.0439 0x1e94  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:48:11.0447 0x1e94  vhdmp - ok
15:48:11.0481 0x1e94  [ E066AA9C9866C2001372486A6841108C, 648E39962EDB3D77FBB5E2D5B603E16240AADE181A20E8778EE3D8847E4C0984 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
15:48:11.0519 0x1e94  VIAHdAudAddService - ok
15:48:11.0523 0x1e94  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:48:11.0529 0x1e94  viaide - ok
15:48:11.0531 0x1e94  [ 1236737C7993FB462610E1A0AA92C40B, 85385740AE7F885ACD605860AB2642DAC7456BB26C6615DAA9EE02AF54FEF77C ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
15:48:11.0536 0x1e94  VIAKaraokeService - ok
15:48:11.0541 0x1e94  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:48:11.0550 0x1e94  vmbus - ok
15:48:11.0552 0x1e94  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:48:11.0559 0x1e94  VMBusHID - ok
15:48:11.0562 0x1e94  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:48:11.0568 0x1e94  volmgr - ok
15:48:11.0575 0x1e94  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:48:11.0586 0x1e94  volmgrx - ok
15:48:11.0592 0x1e94  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:48:11.0602 0x1e94  volsnap - ok
15:48:11.0607 0x1e94  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:48:11.0614 0x1e94  vsmraid - ok
15:48:11.0639 0x1e94  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:48:11.0682 0x1e94  VSS - ok
15:48:11.0684 0x1e94  VUSB3HUB - ok
15:48:11.0687 0x1e94  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:48:11.0694 0x1e94  vwifibus - ok
15:48:11.0702 0x1e94  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:48:11.0725 0x1e94  W32Time - ok
15:48:11.0729 0x1e94  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:48:11.0735 0x1e94  WacomPen - ok
15:48:11.0738 0x1e94  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:48:11.0756 0x1e94  WANARP - ok
15:48:11.0759 0x1e94  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:48:11.0776 0x1e94  Wanarpv6 - ok
15:48:11.0795 0x1e94  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:48:11.0820 0x1e94  WatAdminSvc - ok
15:48:11.0843 0x1e94  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:48:11.0874 0x1e94  wbengine - ok
15:48:11.0880 0x1e94  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:48:11.0892 0x1e94  WbioSrvc - ok
15:48:11.0899 0x1e94  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:48:11.0914 0x1e94  wcncsvc - ok
15:48:11.0916 0x1e94  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:48:11.0924 0x1e94  WcsPlugInService - ok
15:48:11.0926 0x1e94  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:48:11.0931 0x1e94  Wd - ok
15:48:11.0944 0x1e94  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:48:11.0961 0x1e94  Wdf01000 - ok
15:48:11.0965 0x1e94  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:48:11.0973 0x1e94  WdiServiceHost - ok
15:48:11.0975 0x1e94  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:48:11.0982 0x1e94  WdiSystemHost - ok
15:48:11.0987 0x1e94  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
15:48:11.0997 0x1e94  WebClient - ok
15:48:12.0003 0x1e94  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:48:12.0024 0x1e94  Wecsvc - ok
15:48:12.0028 0x1e94  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:48:12.0047 0x1e94  wercplsupport - ok
15:48:12.0050 0x1e94  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:48:12.0069 0x1e94  WerSvc - ok
15:48:12.0071 0x1e94  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:48:12.0088 0x1e94  WfpLwf - ok
15:48:12.0090 0x1e94  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:48:12.0096 0x1e94  WIMMount - ok
15:48:12.0097 0x1e94  WinDefend - ok
15:48:12.0101 0x1e94  WinHttpAutoProxySvc - ok
15:48:12.0110 0x1e94  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:48:12.0131 0x1e94  Winmgmt - ok
15:48:12.0160 0x1e94  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:48:12.0198 0x1e94  WinRM - ok
15:48:12.0204 0x1e94  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
15:48:12.0212 0x1e94  WinUsb - ok
15:48:12.0226 0x1e94  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:48:12.0249 0x1e94  Wlansvc - ok
15:48:12.0284 0x1e94  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:48:12.0318 0x1e94  wlidsvc - ok
15:48:12.0322 0x1e94  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:48:12.0329 0x1e94  WmiAcpi - ok
15:48:12.0335 0x1e94  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:48:12.0344 0x1e94  wmiApSrv - ok
15:48:12.0346 0x1e94  WMPNetworkSvc - ok
15:48:12.0349 0x1e94  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:48:12.0356 0x1e94  WPCSvc - ok
15:48:12.0359 0x1e94  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:48:12.0369 0x1e94  WPDBusEnum - ok
15:48:12.0371 0x1e94  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:48:12.0389 0x1e94  ws2ifsl - ok
15:48:12.0392 0x1e94  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:48:12.0403 0x1e94  wscsvc - ok
15:48:12.0406 0x1e94  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:48:12.0414 0x1e94  WSDPrintDevice - ok
15:48:12.0415 0x1e94  WSearch - ok
15:48:12.0454 0x1e94  [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:48:12.0501 0x1e94  wuauserv - ok
15:48:12.0506 0x1e94  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:48:12.0513 0x1e94  WudfPf - ok
15:48:12.0518 0x1e94  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:48:12.0526 0x1e94  WUDFRd - ok
15:48:12.0529 0x1e94  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:48:12.0537 0x1e94  wudfsvc - ok
15:48:12.0542 0x1e94  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:48:12.0552 0x1e94  WwanSvc - ok
15:48:12.0554 0x1e94  xhcdrv - ok
15:48:12.0558 0x1e94  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
15:48:12.0564 0x1e94  xusb21 - ok
15:48:12.0567 0x1e94  ================ Scan global ===============================
15:48:12.0570 0x1e94  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:48:12.0574 0x1e94  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
15:48:12.0582 0x1e94  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
15:48:12.0586 0x1e94  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:48:12.0593 0x1e94  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:48:12.0598 0x1e94  [ Global ] - ok
15:48:12.0598 0x1e94  ================ Scan MBR ==================================
15:48:12.0600 0x1e94  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:48:12.0670 0x1e94  \Device\Harddisk0\DR0 - ok
15:48:12.0689 0x1e94  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:48:12.0772 0x1e94  \Device\Harddisk1\DR1 - ok
15:48:12.0773 0x1e94  ================ Scan VBR ==================================
15:48:12.0774 0x1e94  [ 30CA6F797293CE1FB42E895D7B6F604F ] \Device\Harddisk0\DR0\Partition1
15:48:12.0775 0x1e94  \Device\Harddisk0\DR0\Partition1 - ok
15:48:12.0776 0x1e94  [ ACC92F1E5D8AD93CC433DA69B1B9A6A3 ] \Device\Harddisk0\DR0\Partition2
15:48:12.0777 0x1e94  \Device\Harddisk0\DR0\Partition2 - ok
15:48:12.0778 0x1e94  [ 847DABB3AB56A0F5F19E15219AAFAEDD ] \Device\Harddisk1\DR1\Partition1
15:48:12.0852 0x1e94  \Device\Harddisk1\DR1\Partition1 - ok
15:48:12.0853 0x1e94  ================ Scan generic autorun ======================
15:48:13.0043 0x1e94  [ 3F0B5EBDEB180C073E01A4A2DFA28C12, 0ACE6F70260E17284B8307D0DD0ACC9B59B379A99AE43429AB644B421ADAE8A7 ] C:\Program Files\Logitech Gaming Software\LCore.exe
15:48:13.0211 0x1e94  Launch LCore - ok
15:48:13.0235 0x1e94  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
15:48:13.0242 0x1e94  Cmaudio8788 - ok
15:48:13.0272 0x1e94  [ B653CC2510CA44369C47498ABBCA8E98, 9A8C9E8B372CFD61985CD138624A6F3E8C98ABEF212B9ED3735BD6019C0C0C19 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
15:48:13.0308 0x1e94  CanonMyPrinter - ok
15:48:13.0313 0x1e94  [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
15:48:13.0319 0x1e94  iTunesHelper - ok
15:48:13.0322 0x1e94  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:48:13.0329 0x1e94  Logitech Download Assistant - ok
15:48:13.0332 0x1e94  [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
15:48:13.0338 0x1e94  IAStorIcon - ok
15:48:13.0343 0x1e94  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:48:13.0351 0x1e94  USB3MON - ok
15:48:13.0355 0x1e94  [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:48:13.0359 0x1e94  APSDaemon - ok
15:48:13.0429 0x1e94  [ 2C5C919C1147B91BA2B47527B709BDA5, 58E2D6DBF0A7023A56C1576A0E8915CB3F2D4ED72F0A0B3652F29009DD853BDE ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
15:48:13.0511 0x1e94  HDAudDeck - ok
15:48:13.0517 0x1e94  [ 7AAF55E4C97861C4BAACF908B48A76A3, 351B9B3267D667D08B001B2ED46665A6717C9C9A6609BCBCCAA2F54AE26216DC ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
15:48:13.0522 0x1e94  IJNetworkScanUtility - ok
15:48:13.0524 0x1e94  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
15:48:13.0528 0x1e94  amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
15:48:15.0977 0x1e94  Detect skipped due to KSN trusted
15:48:15.0977 0x1e94  amd_dc_opt - ok
15:48:16.0010 0x1e94  [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
15:48:16.0042 0x1e94  tvncontrol - ok
15:48:16.0046 0x1e94  Dropbox - ok
15:48:16.0053 0x1e94  [ C2CE42005E3381A95460876020518440, 562EB30DA9A1DB58DB221423177C0680E69A4C38EEE2D5FD936633B2EB8A616E ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:48:16.0062 0x1e94  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
15:48:18.0502 0x1e94  Detect skipped due to KSN trusted
15:48:18.0502 0x1e94  QuickTime Task - ok
15:48:18.0503 0x1e94  BlueStacks Agent - ok
15:48:18.0513 0x1e94  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:48:18.0524 0x1e94  SunJavaUpdateSched - ok
15:48:18.0601 0x1e94  [ D5DDC3EC0BF960389E9A964D7CC8CC30, 02C06CF596B33B1883C371EA9B61B1EC41319EFF853A54864329129699534769 ] D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
15:48:18.0618 0x1e94  StartCCC - ok
15:48:18.0624 0x1e94  [ 1E2B7E1F256CBC4B55DDD622FF5604EF, C25BF91080A382AAE78FB52C1E05737CC7ECE575D6243D0DC91769C4BAF36489 ] C:\Program Files (x86)\Raptr\raptrstub.exe
15:48:18.0630 0x1e94  Raptr - ok
15:48:18.0646 0x1e94  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:48:18.0666 0x1e94  Sidebar - ok
15:48:18.0670 0x1e94  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:48:18.0680 0x1e94  mctadmin - ok
15:48:18.0697 0x1e94  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:48:18.0717 0x1e94  Sidebar - ok
15:48:18.0720 0x1e94  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:48:18.0729 0x1e94  mctadmin - ok
15:48:18.0861 0x1e94  [ D5218EE66173405B26B716EBA68133F6, 265820925538A075E753701DC36F89702B3E4C0BE73B8166138495092F339E43 ] D:\Program Files (x86)\Steam\steam.exe
15:48:18.0913 0x1e94  Steam - ok
15:48:18.0917 0x1e94  [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:48:18.0922 0x1e94  iCloudServices - ok
15:48:18.0923 0x1e94  ApplePhotoStreams - ok
15:48:18.0955 0x1e94  [ 9D0D72B696B8CDF9AE368E542FD042CE, 8CD19E8B609041A6C226D57D40509175827C75DEF93378B53A814060BB7A9E0B ] C:\Users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:48:18.0984 0x1e94  Spotify Web Helper - ok
15:48:19.0088 0x1e94  [ DC8DC7ED86A259614D3B2186B2F841EB, 6F305431EE35849D637AF41F213B716D936311015483422FA294E9435B82AB2A ] C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
15:48:19.0187 0x1e94  Spotify - ok
15:48:19.0191 0x1e94  Waiting for KSN requests completion. In queue: 16
15:48:20.0191 0x1e94  Waiting for KSN requests completion. In queue: 11
15:48:21.0191 0x1e94  Waiting for KSN requests completion. In queue: 11
15:48:21.0663 0x1a20  Object required for P2P: [ D5218EE66173405B26B716EBA68133F6 ] D:\Program Files (x86)\Steam\steam.exe
15:48:22.0191 0x1e94  Waiting for KSN requests completion. In queue: 4
15:48:23.0191 0x1e94  Waiting for KSN requests completion. In queue: 4
15:48:24.0123 0x1a20  Object send P2P result: true
15:48:24.0123 0x1a20  Object required for P2P: [ DC8DC7ED86A259614D3B2186B2F841EB ] C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe
15:48:24.0191 0x1e94  Waiting for KSN requests completion. In queue: 1
15:48:25.0191 0x1e94  Waiting for KSN requests completion. In queue: 1
15:48:26.0191 0x1e94  Waiting for KSN requests completion. In queue: 1
15:48:26.0539 0x1a20  Object send P2P result: true
15:48:27.0201 0x1e94  Win FW state via NFP2: enabled ( trusted )
15:48:29.0539 0x1e94  ============================================================
15:48:29.0539 0x1e94  Scan finished
15:48:29.0539 0x1e94  ============================================================
15:48:29.0543 0x1810  Detected object count: 1
15:48:29.0543 0x1810  Actual detected object count: 1
15:48:42.0597 0x1810  Aqua Computer Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:42.0597 0x1810  Aqua Computer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:48:53.0647 0x0330  Deinitialize success
         


Alt 01.11.2015, 06:21   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl

Alt 01.11.2015, 11:23   #7
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Hallo,

und wieder vielen Dank für's Kümmern.

Code:
ATTFilter
ComboFix 15-10-28.01 - Mario 01.11.2015  11:52:37.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.16346.13239 [GMT 1:00]
ausgeführt von:: d:\users\Mario\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzaepr2.dll
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmpB48F.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-10-01 bis 2015-11-01  ))))))))))))))))))))))))))))))
.
.
2015-10-31 14:26 . 2015-10-31 14:44	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-10-30 09:27 . 2015-10-13 09:47	11140960	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{90788111-737D-4FA1-9AE8-033D16653479}\mpengine.dll
2015-10-28 14:37 . 2015-10-28 14:38	--------	d-----w-	C:\FRST
2015-10-28 13:50 . 2015-10-31 14:26	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-28 13:50 . 2015-10-31 14:25	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-10-28 13:50 . 2015-10-28 13:50	--------	d-----w-	c:\programdata\Malwarebytes
2015-10-28 13:50 . 2015-10-05 08:50	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-10-28 13:50 . 2015-10-05 08:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-10-28 12:35 . 2015-07-04 01:18	227000	----a-w-	c:\windows\system32\drivers\klhk.sys
2015-10-28 12:35 . 2015-06-30 00:05	931000	----a-w-	c:\windows\system32\drivers\klif.sys
2015-10-28 12:35 . 2015-06-30 00:05	171192	----a-w-	c:\windows\system32\drivers\klflt.sys
2015-10-28 12:35 . 2015-10-28 12:35	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files
2015-10-28 11:47 . 2013-05-06 07:13	110176	----a-w-	c:\windows\system32\klfphc.dll
2015-10-28 11:46 . 2015-10-28 13:59	--------	d-----w-	c:\programdata\Kaspersky Lab
2015-10-28 11:46 . 2015-10-28 12:35	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2015-10-24 18:52 . 2015-10-24 18:52	0	----a-w-	c:\windows\SysWow64\OCL91BD.tmp
2015-10-24 18:51 . 2015-10-24 18:51	0	----a-w-	c:\windows\SysWow64\OCL4285.tmp
2015-10-18 18:40 . 2015-10-18 18:40	--------	d-----w-	c:\programdata\Stardock
2015-10-16 01:58 . 2015-10-16 01:58	189136	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
2015-10-15 13:23 . 2015-09-18 19:22	25432	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-10-15 13:23 . 2015-09-18 19:19	700416	----a-w-	c:\windows\system32\invagent.dll
2015-10-15 13:23 . 2015-09-18 19:19	766464	----a-w-	c:\windows\system32\generaltel.dll
2015-10-15 13:23 . 2015-09-18 19:19	503808	----a-w-	c:\windows\system32\devinv.dll
2015-10-15 13:23 . 2015-09-18 19:19	73216	----a-w-	c:\windows\system32\acmigration.dll
2015-10-15 13:23 . 2015-09-18 19:19	1291264	----a-w-	c:\windows\system32\appraiser.dll
2015-10-15 13:23 . 2015-09-18 19:09	1163776	----a-w-	c:\windows\system32\aeinv.dll
2015-10-13 17:50 . 2015-09-25 18:07	98816	----a-w-	c:\windows\system32\wudriver.dll
2015-10-12 18:25 . 2015-10-12 18:25	--------	d-----w-	c:\users\Mario\AppData\Roaming\7DaysToDie
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-28 12:34 . 2013-01-20 12:49	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2015-10-27 13:07 . 2015-08-18 10:04	632432	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-10-17 13:22 . 2013-01-21 09:21	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-17 13:22 . 2013-01-21 09:21	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-13 20:51 . 2013-01-23 17:59	143481208	----a-w-	c:\windows\system32\MRT.exe
2015-09-30 10:16 . 2015-09-30 10:16	115592	----a-w-	c:\windows\system32\pdfcmon.dll
2015-09-29 02:58 . 2015-10-13 17:50	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-09-02 03:04 . 2015-09-09 12:22	41984	----a-w-	c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 12:22	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 12:22	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 12:22	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 12:22	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 12:22	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 12:22	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 12:22	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 12:22	3209216	----a-w-	c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 12:22	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 12:22	299520	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 12:35	2004480	----a-w-	c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 12:35	1887232	----a-w-	c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 12:35	2048	----a-w-	c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 12:35	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 12:35	1391104	----a-w-	c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 12:35	1241088	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 12:35	2048	----a-w-	c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 12:35	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2015-08-27 11:48 . 2015-08-27 11:48	3584	----a-r-	c:\users\Mario\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2015-08-27 11:34 . 2014-04-12 18:57	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-24 12:41 . 2009-08-18 09:24	24288	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-08-05 17:56 . 2015-09-09 13:11	1110016	----a-w-	c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 13:14	24576	----a-w-	c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 13:14	275456	----a-w-	c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 13:14	216064	----a-w-	c:\windows\SysWow64\InkEd.dll
2015-08-04 06:29 . 2015-08-04 06:29	107784	----a-w-	c:\windows\system32\amdave64.dll
2015-08-04 06:29 . 2015-08-04 06:29	100568	----a-w-	c:\windows\SysWow64\amdave32.dll
2015-08-04 06:28 . 2015-08-04 06:28	141792	----a-w-	c:\windows\system32\amdhcp64.dll
2015-08-04 06:28 . 2015-08-04 06:28	128384	----a-w-	c:\windows\SysWow64\amdhcp32.dll
2015-08-04 06:28 . 2015-08-04 06:28	78432	----a-w-	c:\windows\system32\atimpc64.dll
2015-08-04 06:28 . 2015-08-04 06:28	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2015-08-04 06:28 . 2015-08-04 06:28	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2015-08-04 06:28 . 2015-08-04 06:28	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2015-08-04 06:28 . 2012-12-19 19:31	152056	----a-w-	c:\windows\system32\atiuxp64.dll
2015-08-04 06:28 . 2015-08-04 06:28	133016	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2015-08-04 06:28 . 2012-12-19 19:31	120144	----a-w-	c:\windows\system32\atiu9p64.dll
2015-08-04 06:28 . 2012-12-19 19:30	102616	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2015-08-04 06:28 . 2012-12-19 20:08	1445224	----a-w-	c:\windows\system32\aticfx64.dll
2015-08-04 06:28 . 2012-12-19 20:09	1193904	----a-w-	c:\windows\SysWow64\aticfx32.dll
2015-08-04 06:28 . 2012-12-19 19:49	11948704	----a-w-	c:\windows\system32\atidxx64.dll
2015-08-04 06:28 . 2015-08-04 06:28	10094152	----a-w-	c:\windows\SysWow64\atidxx32.dll
2015-08-04 06:28 . 2012-12-19 19:44	7929616	----a-w-	c:\windows\SysWow64\atiumdva.dll
2015-08-04 06:28 . 2012-12-19 20:50	7408936	----a-w-	c:\windows\SysWow64\atiumdag.dll
2015-08-04 06:27 . 2012-12-19 19:59	8893160	----a-w-	c:\windows\system32\atiumd6a.dll
2015-08-04 06:27 . 2012-12-19 19:44	8779872	----a-w-	c:\windows\system32\atiumd64.dll
2015-08-04 06:25 . 2015-08-04 06:25	297672	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2015-08-04 06:23 . 2015-08-04 06:23	21622784	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2015-08-04 06:19 . 2015-08-04 06:19	235008	----a-w-	c:\windows\system32\clinfo.exe
2015-08-04 06:18 . 2015-08-04 06:18	47785472	----a-w-	c:\windows\system32\amdocl64.dll
2015-08-04 06:14 . 2015-08-04 06:14	39714304	----a-w-	c:\windows\SysWow64\amdocl.dll
2015-08-04 06:09 . 2015-08-04 06:09	65024	----a-w-	c:\windows\system32\OpenCL.dll
2015-08-04 06:09 . 2015-08-04 06:09	59392	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-08-04 05:58 . 2015-08-04 05:58	27535872	----a-w-	c:\windows\system32\amdocl12cl64.dll
2015-08-04 05:57 . 2015-08-04 05:57	22318592	----a-w-	c:\windows\SysWow64\amdocl12cl.dll
2015-08-04 04:12 . 2015-08-04 04:12	127488	----a-w-	c:\windows\system32\mantle64.dll
2015-08-04 04:12 . 2015-08-04 04:12	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2015-08-04 04:11 . 2015-08-04 04:11	6477312	----a-w-	c:\windows\system32\amdmantle64.dll
2015-08-04 03:43 . 2015-08-04 03:43	5068288	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2015-08-04 03:21 . 2015-08-04 03:21	93696	----a-w-	c:\windows\system32\mantleaxl64.dll
2015-08-04 03:21 . 2015-08-04 03:21	86528	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2015-08-04 02:55 . 2015-08-04 02:55	30752256	----a-w-	c:\windows\system32\atio6axx.dll
2015-08-04 02:32 . 2015-08-04 02:32	25299968	----a-w-	c:\windows\SysWow64\atioglxx.dll
2015-08-04 02:25 . 2015-08-04 02:25	367104	----a-w-	c:\windows\system32\atiapfxx.exe
2015-08-04 02:25 . 2015-08-04 02:25	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2015-08-04 02:25 . 2015-08-04 02:25	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2015-08-04 02:24 . 2015-08-04 02:24	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2015-08-04 02:24 . 2015-08-04 02:24	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2015-08-04 02:24 . 2015-08-04 02:24	15716864	----a-w-	c:\windows\system32\aticaldd64.dll
2015-08-04 02:21 . 2015-08-04 02:21	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2015-08-04 02:21 . 2015-08-04 02:21	50688	----a-w-	c:\windows\system32\amdmmcl6.dll
2015-08-04 02:21 . 2015-08-04 02:21	39424	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2015-08-04 02:07 . 2012-12-19 19:57	442368	----a-w-	c:\windows\system32\atidemgy.dll
2015-08-04 02:07 . 2015-08-04 02:07	160256	----a-w-	c:\windows\system32\atieah64.exe
2015-08-04 02:07 . 2015-08-04 02:07	143872	----a-w-	c:\windows\SysWow64\atieah32.exe
2015-08-04 02:07 . 2015-08-04 02:07	204800	----a-w-	c:\windows\system32\amdgfxinfo64.dll
2015-08-04 02:07 . 2015-08-04 02:07	189952	----a-w-	c:\windows\SysWow64\amdgfxinfo32.dll
2015-08-04 02:07 . 2015-08-04 02:07	29696	----a-w-	c:\windows\system32\atimuixx.dll
2015-08-04 02:07 . 2015-08-04 02:07	672768	----a-w-	c:\windows\system32\atieclxx.exe
2015-08-04 02:06 . 2015-08-04 02:06	246784	----a-w-	c:\windows\system32\atiesrxx.exe
2015-08-04 02:05 . 2015-08-04 02:05	190976	----a-w-	c:\windows\system32\atitmm64.dll
2015-08-04 01:48 . 2015-08-04 01:48	865792	----a-w-	c:\windows\system32\coinst_15.20.dll
2015-08-04 01:48 . 2015-08-04 01:48	89088	----a-w-	c:\windows\system32\atisamu64.dll
2015-08-04 01:47 . 2015-08-04 01:47	80896	----a-w-	c:\windows\SysWow64\atisamu32.dll
2015-08-04 01:43 . 2012-12-19 19:33	1247744	----a-w-	c:\windows\system32\atiadlxx.dll
2015-08-04 01:43 . 2015-08-04 01:43	926720	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2015-08-04 01:43 . 2015-08-04 01:43	926720	----a-w-	c:\windows\SysWow64\atiadlxx.dll
2015-08-04 01:43 . 2015-08-04 01:43	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2015-08-04 01:43 . 2015-08-04 01:43	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2015-08-04 01:43 . 2015-08-04 01:43	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2015-08-04 01:42 . 2015-08-04 01:42	156672	----a-w-	c:\windows\system32\atig6txx.dll
2015-08-04 01:42 . 2015-08-04 01:42	141824	----a-w-	c:\windows\SysWow64\atigktxx.dll
2015-08-04 01:42 . 2015-08-04 01:42	665088	----a-w-	c:\windows\system32\drivers\atikmpag.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
2015-09-17 13:21	38112	----a-w-	c:\program files (x86)\PDF Architect 3\creator-ie-helper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{2DFF3579-5AA7-45B9-9328-1D38EA230861}"= "c:\program files (x86)\PDF Architect 3\creator-ie-plugin.dll" [2015-09-17 517344]
.
[HKEY_CLASSES_ROOT\clsid\{2dff3579-5aa7-45b9-9328-1d38ea230861}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{882BBDC8-4C5D-46A7-8333-5F4E819666F4}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-08-18 10:05	329376	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-08-18 10:05	329376	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-08-18 10:05	329376	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-08-18 10:05	329376	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-08-18 10:05	329376	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	194824	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\program files (x86)\Steam\steam.exe" [2015-10-14 2901584]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2015-04-26 43816]
"Spotify Web Helper"="c:\users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-10-22 2030912]
"Spotify"="c:\users\Mario\AppData\Roaming\Spotify\Spotify.exe" [2015-10-22 7736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 60712]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-23 5120144]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2010-01-18 128352]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"tvncontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2014-09-24 2327248]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2015-10-12 36711472]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2015-06-16 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
"StartCCC"="d:\program files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-10-01 56080]
.
c:\users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
An OneNote senden.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2015-9-25 195248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2014-9-25 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox-Update-Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 MBAMService;MBAMService;d:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;d:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;d:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;d:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 dbupdatem;Dropbox-Update-Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler;c:\program files (x86)\PDF Architect 3\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 3\crash-handler-ws.exe [x]
R3 PDF Architect 3;PDF Architect 3;c:\program files (x86)\PDF Architect 3\ws.exe;c:\program files (x86)\PDF Architect 3\ws.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Aqua Computer Service;Aqua Computer Service;c:\program files\aquasuite\AquaComputerService.exe;c:\program files\aquasuite\AquaComputerService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DevoloNetworkService;devolo Network Service;d:\program files (x86)\devolo\dlan\devolonetsvc.exe;d:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job-Manager;d:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe;d:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 PDF Architect 3 Creator;PDF Architect 3 Creator;c:\program files (x86)\PDF Architect 3\creator-ws.exe;c:\program files (x86)\PDF Architect 3\creator-ws.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cmudaxp;ASUS Xonar D2X Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-21 13:22]
.
2015-11-01 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18 15:12]
.
2015-11-01 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18 15:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	232712	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	232712	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	232712	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	232712	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	232712	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	232712	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	232712	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34	232712	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-08-18 10:05	358064	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2015-08-18 10:05	358064	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2015-08-18 10:05	358064	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-08-18 10:05	358064	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-08-18 10:05	358064	----a-w-	c:\users\Mario\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-10-27 13:08	2339032	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-10-27 13:08	2339032	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-10-27 13:08	2339032	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-03-12 13318424]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-07-11 170280]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft &Excel exportieren - d:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ApplePhotoStreams - d:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Wow6432Node-HKLM-Run-BlueStacks Agent - c:\program files (x86)\BlueStacks\HD-Agent.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{43B74FAB-FB58-447D-8D3A-5F638AF36FD1} - c:\programdata\{87B61FE8-334F-4066-B7AA-68DC81782D4D}\Netzmanager1.071.0301_120720a.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\d:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2508083331-1529705533-2935304339-1000\Software\SecuROM\License information*]
"datasecu"=hex:22,b4,b9,b1,ed,f6,04,b9,77,73,1e,12,f0,4c,01,67,3e,88,61,8c,57,
   86,ff,bd,84,c7,70,b1,6c,5d,58,37,19,44,03,cd,1f,1c,87,f1,8e,c4,14,a7,c0,9a,\
"rkeysecu"=hex:b6,fc,fa,c0,9a,39,c6,0f,d9,3a,ca,30,2b,67,1b,fb
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-01  12:17:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-11-01 11:17
.
Vor Suchlauf: 13 Verzeichnis(se), 26.904.440.832 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 28.009.730.048 Bytes frei
.
- - End Of File - - 02FFEA3E4B70838959AF61ED0B81587A
         

Alt 02.11.2015, 18:11   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.11.2015, 01:32   #9
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



mbam:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.11.2015
Suchlaufzeit: 20:18
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.02.05
Rootkit-Datenbank: v2015.10.28.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Mario

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 476865
Abgelaufene Zeit: 5 Min., 47 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Adwcleaner:
Code:
ATTFilter
# AdwCleaner v5.016 - Bericht erstellt am 02/11/2015 um 21:09:20
# Aktualisiert am 01/11/2015 von Xplode
# Datenbank : 2015-11-01.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Mario - WAKGOD
# Gestartet von : d:\Users\Mario\Desktop\AdwCleaner_5.016.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Users\Mario\AppData\Local\PackageAware
[-] Ordner Gelöscht : C:\Users\Mario\AppData\Roaming\pdfforge

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[-] Datei Gelöscht : C:\Users\Public\Desktop\GeekBuddy.lnk

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\GeekBuddyRSP
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\GeekBuddyRSP

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1510 Bytes] ##########
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Ultimate x64
Ran by Mario on 02.11.2015 at 21:12:47,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2DFF3579-5AA7-45B9-9328-1D38EA230861}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2DFF3579-5AA7-45B9-9328-1D38EA230861}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}



~~~ Files

Successfully deleted: [File] C:\Program Files (x86)\GUT3A83.tmp



~~~ Folders

Successfully deleted: [Folder] C:\Users\Mario\Appdata\Local\crashrpt





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.11.2015 at 21:14:04,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Mario (Administrator) auf WAKGOD (03-11-2015 02:24:14)
Gestartet von D:\Users\Mario\downloads
Geladene Profile: Mario (Verfügbare Profile: Mario & Lernen)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5120144 2012-05-23] (VIA)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Spotify Web Helper] => C:\Users\Mario\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-22] (Spotify Ltd)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Run: [Spotify] => C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe [7736128 2015-10-22] (Spotify Ltd)
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Policies\Explorer: [] 
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-08-20]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0B52BEBB-7563-41E0-B641-7EB5A06869B3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1B8A7188-20ED-4D44-8C47-45B185A97B35}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{F3E5FAE6-6066-4660-9FD6-542222576451}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-18] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2508083331-1529705533-2935304339-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Mario\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2508083331-1529705533-2935304339-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-09-07] ()
FF SearchPlugin: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\searchplugins\youtube-videosuche.xml [2015-05-29]
FF Extension: Video DownloadHelper - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\sepu839o.2\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-30] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - d:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-03-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 Aqua Computer Service; C:\Program Files\aquasuite\AquaComputerService.exe [536064 2013-03-27] (Aqua Computer GmbH & Co. KG) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
S2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
S2 DevoloNetworkService; D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-05] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-08-17] (Futuremark)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 mitsijm2012; D:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [848184 2010-12-07] (Autodesk, Inc.)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
S2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-05] ()
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AIDA64Driver; D:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [30624 2012-10-28] ()
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-01-20] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2013-12-05] (Paragon Software Group)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [931000 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 VUSB3HUB; system32\DRIVERS\ViaHub3.sys [X]
S3 xhcdrv; system32\DRIVERS\xhcdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 21:14 - 2015-11-02 21:14 - 00001556 _____ C:\Users\Mario\Desktop\JRT.txt
2015-11-02 21:12 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Mario\Desktop\JRT.exe
2015-11-02 21:06 - 2015-11-02 21:09 - 00000000 ____D C:\AdwCleaner
2015-11-01 12:17 - 2015-11-01 12:17 - 00046418 _____ C:\ComboFix.txt
2015-11-01 11:51 - 2015-11-01 12:17 - 00000000 ____D C:\Qoobox
2015-11-01 11:51 - 2015-11-01 12:16 - 00000000 ____D C:\Windows\erdnt
2015-11-01 11:51 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-01 11:51 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-01 11:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-01 11:51 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-01 01:17 - 2015-11-01 01:17 - 00000000 ____D C:\Users\Mario\AppData\LocalLow\Dreamsite Games
2015-10-31 15:26 - 2015-10-31 15:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-28 15:37 - 2015-11-03 02:24 - 00000000 ____D C:\FRST
2015-10-28 15:19 - 2015-10-28 15:19 - 00000000 _____ C:\Users\Mario\defogger_reenable
2015-10-28 14:50 - 2015-11-02 20:18 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-28 14:50 - 2015-10-31 15:25 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-28 14:50 - 2015-10-28 14:50 - 00000790 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-28 14:50 - 2015-10-28 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-28 14:50 - 2015-10-28 14:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-28 14:50 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-28 14:50 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-28 13:35 - 2015-10-28 13:35 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-28 13:35 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-28 13:35 - 2015-06-30 01:05 - 00931000 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-10-28 13:35 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-10-28 12:47 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-28 12:46 - 2015-10-28 14:59 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-28 12:46 - 2015-10-28 13:35 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-24 19:52 - 2015-10-24 19:52 - 00000000 _____ C:\Windows\SysWOW64\OCL91BD.tmp
2015-10-24 19:51 - 2015-10-24 19:51 - 00000000 _____ C:\Windows\SysWOW64\OCL4285.tmp
2015-10-18 19:40 - 2015-10-18 19:40 - 00000000 ____D C:\ProgramData\Stardock
2015-10-16 10:18 - 2015-10-16 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-15 14:23 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 14:23 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 14:23 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 14:23 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-13 19:29 - 2015-10-13 19:29 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher
2015-10-13 18:51 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 18:51 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 18:51 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 18:51 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 18:51 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 18:51 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 18:51 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 18:51 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 18:51 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 18:51 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 18:51 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 18:51 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 18:51 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 18:51 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 18:51 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 18:51 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 18:51 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 18:51 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 18:51 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 18:51 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 18:51 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 18:51 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 18:51 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 18:51 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 18:51 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 18:51 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 18:51 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 18:51 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 18:51 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 18:51 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 18:51 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 18:51 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 18:51 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 18:51 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 18:51 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 18:51 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 18:51 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 18:51 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 18:51 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 18:51 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 18:51 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 18:51 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 18:51 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 18:51 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 18:51 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 18:51 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 18:51 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 18:51 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 18:51 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 18:51 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 18:51 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 18:51 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 18:51 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 18:51 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 18:51 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 18:51 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 18:51 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 18:51 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 18:51 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 18:51 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 18:51 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 18:51 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 18:51 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 18:50 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 18:50 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 18:50 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 18:50 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 18:50 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 18:50 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 18:50 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-13 18:50 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 18:50 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-13 18:50 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-13 18:50 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-13 18:50 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-13 18:50 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-13 18:50 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-13 18:50 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-13 18:50 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-13 18:50 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-13 18:50 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-13 18:50 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-13 18:50 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-13 18:50 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-13 18:50 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-13 18:50 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-13 18:50 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-13 18:50 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-13 18:50 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-13 18:50 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-13 18:50 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-13 18:50 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-13 18:50 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-13 18:50 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 18:50 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-13 18:50 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-13 18:50 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-13 18:50 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-13 18:50 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-13 18:50 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-13 18:50 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-13 18:50 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 18:50 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-13 18:50 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-13 18:50 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-13 18:50 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-13 18:50 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-13 18:50 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-13 18:50 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-13 18:50 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-13 18:50 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 18:50 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 19:25 - 2015-10-12 19:25 - 00000000 ____D C:\Users\Mario\AppData\Roaming\7DaysToDie

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-03 02:22 - 2013-01-21 10:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-03 02:18 - 2015-06-18 16:12 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-03 02:12 - 2013-01-19 18:58 - 01188507 _____ C:\Windows\WindowsUpdate.log
2015-11-02 21:18 - 2015-06-18 16:12 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-02 21:18 - 2009-07-14 05:45 - 00027168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-02 21:18 - 2009-07-14 05:45 - 00027168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-02 21:14 - 2011-04-12 08:43 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-11-02 21:14 - 2011-04-12 08:43 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-11-02 21:14 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-02 21:10 - 2015-06-18 16:12 - 00000000 ____D C:\Users\Mario\AppData\Local\Dropbox
2015-11-02 21:10 - 2015-04-08 19:26 - 00000000 ____D C:\Users\Mario\AppData\Local\Spotify
2015-11-02 21:10 - 2015-04-08 19:24 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Spotify
2015-11-02 21:10 - 2015-01-17 14:31 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Raptr
2015-11-02 21:10 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-02 21:10 - 2009-07-14 05:51 - 00153857 _____ C:\Windows\setupact.log
2015-11-02 13:21 - 2013-01-22 15:47 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6D29F55A-55FE-4567-AD7B-56A549E15B84}
2015-11-01 20:34 - 2013-01-21 12:55 - 00000000 ____D C:\Users\Mario\AppData\Roaming\vlc
2015-11-01 12:17 - 2014-05-10 14:08 - 00000000 ____D C:\Users\Mario\AppData\Local\Apps\2.0
2015-11-01 12:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2015-11-01 12:16 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-01 11:57 - 2010-11-21 04:47 - 00836234 _____ C:\Windows\PFRO.log
2015-10-31 14:11 - 2013-06-19 16:08 - 00000000 ____D C:\ProgramData\aquasuite-data
2015-10-31 12:34 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-30 21:08 - 2015-08-27 12:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-30 21:08 - 2014-12-26 16:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-29 19:27 - 2014-12-15 21:17 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-29 00:39 - 2015-07-14 19:59 - 00000000 ____D C:\Users\Mario\AppData\Roaming\LolClient
2015-10-28 15:19 - 2013-01-19 18:59 - 00000000 ____D C:\Users\Mario
2015-10-28 14:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Web
2015-10-28 13:34 - 2013-01-20 13:49 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-10-28 13:34 - 2013-01-20 13:49 - 00003877 _____ C:\Windows\LkmdfCoInst.log
2015-10-28 12:41 - 2015-08-13 13:31 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-27 14:08 - 2015-08-18 11:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-24 19:52 - 2014-12-23 20:10 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-10-21 21:48 - 2013-01-20 11:43 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-18 19:40 - 2013-01-21 10:57 - 00665776 _____ C:\Windows\DirectX.log
2015-10-17 14:22 - 2013-01-21 10:21 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 14:22 - 2013-01-21 10:21 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 14:22 - 2013-01-21 10:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 12:36 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-10-16 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-16 10:18 - 2015-06-18 16:12 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-15 19:59 - 2014-12-11 18:12 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 19:59 - 2014-05-06 21:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-13 21:54 - 2013-08-13 21:07 - 00000000 ____D C:\Windows\system32\MRT
2015-10-13 21:54 - 2013-02-20 19:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-13 21:51 - 2013-01-23 18:59 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-13 19:29 - 2015-09-01 15:58 - 00000760 _____ C:\Users\Mario\Desktop\Star Citizen Launcher.lnk
2015-10-13 19:29 - 2015-09-01 15:58 - 00000760 _____ C:\Users\Lernen\Desktop\Star Citizen Launcher.lnk
2015-10-12 10:36 - 2015-01-17 14:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-10-11 18:45 - 2013-07-14 13:52 - 00000000 ____D C:\Users\Mario\AppData\Roaming\Might & Magic Heroes VI
2015-10-09 15:11 - 2015-04-04 15:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 11:31 - 2015-04-04 15:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-17 14:34 - 2015-09-28 17:48 - 0003973 _____ () C:\Users\Mario\AppData\Roaming\LTspiceIV.ini
2014-11-28 19:39 - 2014-11-28 19:39 - 0000017 _____ () C:\Users\Mario\AppData\Local\resmon.resmoncfg
2015-02-11 17:30 - 2015-02-11 17:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-08 17:37 - 2013-07-08 17:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Mario\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxikfot.dll
C:\Users\Mario\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 12:14

==================== Ende von FRST.txt ============================
         

Alt 03.11.2015, 01:34   #10
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Und noch die Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von Mario (2015-11-03 02:24:27)
Gestartet von D:\Users\Mario\downloads
Windows 7 Ultimate Service Pack 1 (X64) (2013-01-19 17:58:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2508083331-1529705533-2935304339-500 - Administrator - Disabled)
Gast (S-1-5-21-2508083331-1529705533-2935304339-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2508083331-1529705533-2935304339-1004 - Limited - Enabled)
Lernen (S-1-5-21-2508083331-1529705533-2935304339-1003 - Administrator - Enabled) => C:\Users\Lernen
Mario (S-1-5-21-2508083331-1529705533-2935304339-1000 - Administrator - Enabled) => C:\Users\Mario

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.25 - GIGABYTE)
3DMark (HKLM-x32\...\Steam App 223850) (Version:  - Futuremark)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aquasuite (HKLM-x32\...\aquasuite5) (Version:  - Aqua Computer GmbH & Co. KG)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1664-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (HKLM\...\Autodesk Inventor Professional 2012) (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Vault 2012 (Client) (HKLM-x32\...\Autodesk Vault 2012 (Client)) (Version: 16.0.56.200 - Autodesk, Inc.)
Autodesk Vault 2012 (Client) (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Autodesk Vault 2012 (Client) German Language Pack (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Automation - The Car Company Tycoon Game (HKLM-x32\...\Steam App 293760) (Version:  - Camshaft Software)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
cadvilla basic plus 5 (HKLM\...\{BE7D95B0-6BB8-4381-820F-4673D20C84F5}_is1) (Version: 5.0.0.2 - Trixl GmbH)
cadvilla Tutorial Version 1.0 (HKLM-x32\...\{C62795BE-D29B-4232-9F94-BCB542D122F0}_is1) (Version: 1.0 - Trixl GmbH)
calibre 64bit (HKLM\...\{1C757A31-7FAE-43EA-99C4-672222534BC2}) (Version: 1.7.0 - Kovid Goyal)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP620 series Benutzerregistrierung (HKLM-x32\...\Canon MP620 series Benutzerregistrierung) (Version:  - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Die Gilde 2 - Gold Edition (HKLM-x32\...\Die Gilde 2 - Gold Edition) (Version: V 1.20 - JoWood)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version:  - DIMPS)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
DWG TrueView 2012 (HKLM\...\DWG TrueView 2012) (Version: 18.2.51.0 - Autodesk)
DWG TrueView 2012 (Version: 18.2.51.0 - Autodesk) Hidden
Easy Tune 6 B12.0626.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0626.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Eco Materials Adviser (x64) (HKLM\...\{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}) (Version: 1.32.0.0 - Granta Design Limited)
Elite Dangerous Launcher version 0.4.1765.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1765.0 - Frontier Developments)
Empire TV Tycoon (HKLM-x32\...\Steam App 377900) (Version:  - Dreamsite Games)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{185D7B00-8600-4716-A619-D8CBE689974B}) (Version: 4.40.560.0 - Futuremark)
Galactic Civilizations II: Ultimate Edition (HKLM-x32\...\Steam App 202200) (Version:  - Stardock Entertainment)
GeekBuddy (HKLM-x32\...\{87A5B227-81F8-4E51-86CA-39E89CB33B16}) (Version: 4.18.121 - Comodo Security Solutions Inc)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackup Viewer 2.00 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version:  - Big Huge Games)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell)
MATLAB Student R2010a (HKLM-x32\...\MatlabR2010a) (Version: 7.10 - The MathWorks, Inc.)
Medieval Engineers (HKLM-x32\...\Steam App 333950) (Version:  - Keen Software House)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Might & Magic ® Heroes ® VI (HKLM-x32\...\Steam App 48220) (Version:  - Blackhole)
Mozilla Firefox 18.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0 (x86 de)) (Version: 18.0 - Mozilla)
Mozilla Firefox 41.0.2 (x86 de) (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 18.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.241 - Logitech)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version:  - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.9 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 3.9 - Saal Digital Fotoservice GmbH) Hidden
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1664-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - Keen Software House)
Spotify (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Star Citizen Launcher (HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - Star Gem Inc.)
Star Conflict Launcher 1.0.1.18 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.11.26825 - Blizzard Entertainment)
Startopia (HKLM-x32\...\Steam App 243040) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Curious Expedition (HKLM-x32\...\Steam App 358130) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TriDef 3D 6.5 (HKLM-x32\...\essentials-bundle) (Version: 6.5 - Dynamic Digital Depth Australia Pty Ltd)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files\Autodesk\AutoCAD 2014\de-DE\acadficn.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll ()
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2508083331-1529705533-2935304339-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei

==================== Wiederherstellungspunkte =========================

27-10-2015 14:01:55 Windows Update
29-10-2015 19:27:32 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
29-10-2015 19:27:38 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
01-11-2015 11:51:30 ComboFix created restore point
02-11-2015 21:12:48 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-11-01 12:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0E274B58-D602-43B4-9684-33C2B4DB7AFC} - System32\Tasks\{ECF3DAD0-1AFD-46C1-B41C-AD08FBD55565} => pcalua.exe -a "D:\Program Files (x86)\TriDef 3D\TriDef\Common\TriDef3DDisplaySetup.exe" -d "d:\Program Files (x86)\TriDef 3D\TriDef\Common"
Task: {127B0FB4-4A66-41CB-BD24-71F99EF10A89} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {31992ED4-BD66-4F82-848C-58275783197B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {3A3463E1-7D8D-4D3D-A165-0F6099783F5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {7D01C1F8-8D0D-4097-8665-02EA9B625E21} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {7DF2D8CB-4288-4EF4-9EE7-6772106312AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {804CF0D1-F89A-4360-8160-1E38B5F777DF} - System32\Tasks\{4937B928-1F70-4E4D-9F90-30B19BFFD7FA} => pcalua.exe -a D:\Users\Mario\downloads\msicuu2.exe -d D:\Users\Mario\downloads
Task: {98BC9B38-B1C3-4751-979B-71A5BF992442} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9C5CEEF5-980D-433B-937D-0563DAFDF9AB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {A7165FDA-6E77-40CD-A8EE-F4F316786142} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BC6FE798-7549-49F7-8DEC-7DB66AAFFE44} - System32\Tasks\{D6A16315-8AA0-4394-9949-62E4B972B07F} => pcalua.exe -a "F:\Spiele für Lan\Call of Duty 4 - Modern Warfare\iw3mp.exe" -d "F:\Spiele für Lan\Call of Duty 4 - Modern Warfare"
Task: {EDFE630F-5211-4DDA-80D6-5BFF684773B3} - System32\Tasks\{2E792ADF-5189-427D-B92B-4AF2670A9F4B} => pcalua.exe -a D:\Users\Mario\downloads\RegCleaner.exe -d D:\Users\Mario\downloads

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-18 11:02 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-15 15:27 - 2015-05-15 15:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-17 20:00 - 2014-10-17 20:00 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-01-20 11:02 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-09-02 10:29 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2508083331-1529705533-2935304339-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ADSK DLMSession => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mario\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Mario\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: gbrspcontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{965F110C-420A-4BB4-A706-523D6FC60BBC}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B789D5C8-BD03-43D5-B714-4833E528D623}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00780DA0-577B-4DE8-A200-95DD3C1C9343}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{83E8AE4A-763B-4291-9A7B-2A968EA4BB57}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C2DCFE65-3DB0-4320-88EE-C23BD24BB240}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ACA4E8FB-5D1E-48C3-A6E9-4FAA7FAC4989}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{73BAD040-D1D7-4685-9A19-EA2DE2D01F4E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A877C44B-2DD7-4663-853E-EA25059B6B33}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2BD3554F-4CD2-4EC8-BDF0-34D6EAB0A071}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{CF1DCAFB-EE5C-455A-B1AE-8A067ABEC4AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B76671E1-F9A0-4E10-8A71-926B2B725945}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{2C31BC53-9B0C-4923-93CD-134B2DDE73AD}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{F643CEA5-BA54-4214-88DE-727888D25D37}] => (Allow) D:\Program Files (x86)\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{E902DC53-990E-4F2A-B3DF-375B5DEAAEDC}] => (Allow) D:\Program Files (x86)\Origin\SimCity\SimCity\SimCity.exe
FirewallRules: [{D50989DF-D2CB-492B-A02E-A110DE8FC546}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{BE381255-FE92-493C-95DE-BFA655C2C308}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{615144B6-3D45-41A6-B5AF-A2CF401E5545}] => (Allow) D:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{E0C74655-91E6-42AD-894C-952C91238E74}] => (Allow) D:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{2DF3094F-ADC5-4E83-802E-3AE6C815DDBF}] => (Allow) C:\Users\Mario\AppData\Local\Temp\pftD5A.tmp\fsetup.exe
FirewallRules: [{238A8B6A-42EF-42D9-BBE3-872D42343BEC}] => (Allow) C:\Users\Mario\AppData\Local\Temp\pftD5A.tmp\fsetup.exe
FirewallRules: [{10C6CD12-0C8B-470F-8015-0EACBC1D973B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{1DE769BD-2DF1-4E73-8065-AB8CD2984097}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{6B1EEDF5-314F-4269-AE46-6A0DFEA0456C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{975795EB-9BDD-4552-986E-C22896830E73}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher.exe
FirewallRules: [{11CC7E6E-CEC7-4BD5-9524-71A0551FC455}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{FF94FF4C-B86C-41E7-A434-F3A2C23BD9C0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3A8D263E-8B23-4D6D-BA6E-3DE7E4D967CC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{ED4DDCF9-270B-4F78-95BB-689B0CC27DCB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{F5C0EDC3-DFDE-49BD-9D83-06FE78419BBB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{92E874AE-643D-4483-9CBE-BC78BF2F3D36}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{A151D699-5218-4B1E-8606-31320E0BA7F3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{B1CACD10-52EF-4571-8502-5E38B0959231}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{6EBD9D7A-21F5-4D59-BBD7-876AE98D7EFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{EEF5F05A-AC21-4252-B7FE-87D9742202E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DiRT 3\dirt3.exe
FirewallRules: [{5FD004C9-ABEE-4101-8519-5D6C99415D76}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{B239C9D3-50D2-4DE9-9D79-1717B8392A10}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{037D0F96-F690-4044-92F2-E38D98906706}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{D2C9EDF3-A584-4344-AD10-44B766C4AECC}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F47C36C7-1598-45BB-AC9C-35400AB7E9EE}] => (Allow) D:\Alt D\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{E2098DA8-CC0A-4D33-A6AF-45CF25883389}] => (Allow) D:\Alt D\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{CE7547CC-63C4-4300-9EDC-95A1FADB3788}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{1E1700B2-922C-428D-9F37-4FA75BAA39AA}] => (Allow) C:\Windows\Temp\CMC_DRAGON\restart_helper.exe
FirewallRules: [{7AF04FF3-55E1-4D41-8B55-9E1890C5CDBA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{3497FFE5-1A21-4BB8-8ADE-A881372781AC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8B4224D1-8D3A-4056-80B2-522D02E20706}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{9887F9FA-F739-4098-BAA4-274D87B70473}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{ED6DF60F-B67F-4654-AAA8-4B375E2164BF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{4E93F34C-78BA-4E2A-863D-E7BFF2FB3345}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{D928C4C0-A916-4AAC-B1E8-51BAD62546D4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{7EE7FFB3-5B37-4E11-93D6-CA9CA5D4CBC0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\RunLauncher.bat
FirewallRules: [{65CD7FB6-2D40-4BF4-BCC4-70B2CF364988}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{B2D21727-AA57-49E9-88A6-F36FD975DE6C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{FC43DFF8-1713-4D45-80DA-50BB75C64EBD}] => (Allow) D:\Program Files (x86)\Origin\FIFA Manager 14\Manager14.exe
FirewallRules: [{EC997D54-7C0C-4E26-8ADC-B4E04493E851}] => (Allow) D:\Program Files (x86)\Origin\FIFA Manager 14\Manager14.exe
FirewallRules: [{73476562-5129-4D52-A934-0D71AC2862C7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{29E75F0E-0EB7-4B71-9F24-75C1D4643F7F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{6D3F7DFD-178A-406F-AD2E-0B0EF247F96E}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Block) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{5BDF3BC9-ED72-4897-8C9B-D567A1285ED0}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Block) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{759F2E21-CB81-46E4-AC9D-4346474E59C3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{A264AAC2-52C6-4CB0-AA82-5E13D5B3F770}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{FE6CB7BE-23BC-45F2-A023-CB2BDDC1555E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{827F2D62-A790-4C9F-B654-6FDFEAE8C320}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{F92D3616-E596-45FB-890F-EF760A6CEE9C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{5F2BEE00-109F-4602-B7AB-95E53859552A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [TCP Query User{C8AB7109-039F-41E9-825B-D2104D1CAF19}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{171F1388-F727-4BFC-B5BC-35C45ABDF466}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{882D3BFB-CD02-4FD1-8E34-C49F1371E416}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1C3C6EAB-ECBD-487F-B2A4-BEA8F1CFB187}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{3821A5D5-0A44-49F0-9419-4FC79FDED117}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{29872FA9-284E-4BF9-AE32-ED2B90F50D1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{947B1178-5F2A-421A-85FD-5D751D6DF9A4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{C4E42559-9FFD-4C5D-ACBF-F32D794AC123}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{FA06CB50-3CD1-47EE-81C9-FE7A6F1FF5EB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{FDC95ECA-EE54-48F0-8787-EA2F6BB7129D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{A2BE1020-2694-4D46-8369-7727CBB68B56}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7E2186D6-000B-44C6-B71C-8C9A257A8442}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0C1113FB-04F8-4AE2-B518-6E97C577B84D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{DA1F2C81-CEF2-4F79-8536-01131133C031}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{4BA04CD1-368E-461E-A1AE-0094E42CB6EA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D4556F2F-72CF-4344-A42A-5A130B8B6C5B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{3A1F0628-B2DB-42AF-8B5A-4E279BF7DED9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{C9A2B82F-DE1C-453D-B49E-4A499BBE3934}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\star conflict\game.exe
FirewallRules: [{17E3568F-6302-455B-A538-4F0D0A507753}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{D4FC8FB6-F28A-4202-AFEE-53D858103120}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\GameDevTycoon.exe
FirewallRules: [{B69283DC-9C37-4E91-8D26-CEB6A0681F07}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Galactic Civilizations II - Ultimate Edition\Twilight\GC2TwilightOfTheArnor.exe
FirewallRules: [{43FCA703-B52B-4E8F-9DE6-059582A39FCB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Galactic Civilizations II - Ultimate Edition\Twilight\GC2TwilightOfTheArnor.exe
FirewallRules: [{1FF871DC-18DF-4FBB-A1CB-49AB28701B82}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{CF1B2E55-5202-4A39-8AE9-6AE46D573345}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{54FE59E1-9103-43EA-9C46-E07323457987}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{1C639D60-B663-4F39-B4E0-17F654262FBE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Planetary Annihilation\PA.exe
FirewallRules: [{1CFF44AF-D38F-4C78-8527-EAAE8F432DFD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{71CEAE73-30D4-4CBC-ABDB-E4FC09CD188F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{DBBD6CF8-E3BE-4D0F-8D4D-3FB98EF99CAF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{0AA5A1F0-BD01-4FFA-B959-C88A317E84E8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{F27784D8-47CA-44FE-87CA-F2F1576DB70F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{C98905A5-D9B9-410B-842D-D6890AAD9E26}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{AA210F4E-DF56-4C0D-ACF5-8925EF72CC6B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{47C33655-31DE-44EA-8B55-A1A2516117A3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\KOAReckoning\Reckoning.exe
FirewallRules: [{E0B0954C-159B-4C08-B9E3-DD6BA1FEDF7D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{235EE3C3-03B6-4D9B-893B-BCECA33AE19B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{9D22DAE1-C78D-4653-B6FC-66EE1B29DF1C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{7D04F1D6-B4B8-453B-A943-5C1593891D0B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{8B4503BD-B1C4-4D81-89D8-0A6F64BE73FB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{FDDF32DF-7D1A-4FE7-96BE-32D42264BA0F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{84E79338-CCE9-4188-A10D-29157E1E2D17}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DF02C93D-2C46-4B37-B962-19C384EFA103}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4093C914-3DB5-4D9D-B031-511890105978}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{381ADD66-D099-4C9B-8D72-EDE6A20F6C93}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Metro Last Light\MetroLL.exe
FirewallRules: [{D459F41E-0222-4801-AB26-B1AD23C8B280}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{CC601224-2620-4A8B-A97F-14EDBF23819D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{7C704CCB-D2D7-4EEB-91BC-2D7F939950E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{07DA511F-A879-40D4-8210-875DDC636D98}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{B20656FC-4A61-41DB-A531-94F54783756B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{6619F624-5F3E-4E80-AD42-545272D81329}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{0936A2F7-D3A3-4E2B-A0ED-0F33B52EB512}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{A774F7CA-FC0D-47FF-909E-59ECB45D2851}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{C9F87D21-6E00-4062-80C0-DAF0FD5640EC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{3D1B9255-57D4-461B-9D22-D1471755E308}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Godus\windows\godus.exe
FirewallRules: [{8D27AD06-0868-4688-A6B2-B51F5BC6D4CE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{4228A036-11D7-4BB8-8FCA-9271312F0895}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{5C04C660-20C1-49C0-B4A9-192860CA45A8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{E5477090-605F-4FF8-BD5D-3DED100C98BE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B3E43AF9-533C-4F86-91CC-35625F6BE444}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{5D93F297-1DDD-465F-ABFE-8D39128B2693}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{8CA85D9C-C006-4ECE-9808-2D29EC2472F2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{4C564B59-BAD6-4B06-B975-29D2F05EF243}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{7197C9C5-9CCF-4380-95FD-1E8CBB5C6611}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{01590297-4C7F-413D-92DB-2A47C434E028}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{CE039751-19F0-4428-B7F5-C83DD8A2FB94}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{A6DDD054-18A6-439F-A60A-616E8D1642DD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{ED9A5189-DF33-4BA9-A490-898C1A5BA7F6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{0C9BADB8-F037-4F09-A4A0-9408C6D11667}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{1EFCBD7B-CDB5-47E0-B936-A50E4535B880}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{49094478-BCB4-4C30-9E49-011A22E44791}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Besiege\Besiege.exe
FirewallRules: [{5F71D05D-0E04-4CA3-B6A2-F41C3D6F715C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{B1F57978-828B-4EE4-AA13-D6BF0E33846E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [TCP Query User{92C1F3DB-5222-4C52-929A-C93582778AF6}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2997A13E-DDD7-4A5F-B11A-398848D5EBF1}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BB34A2C2-72CD-4A4C-BBAA-1CBB1811A6E4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{C5351D06-B0ED-4F2A-9CC6-0B3FBC9A1BF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{F02664CB-D9FD-4110-A4B4-D44A491BB3E6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{20D3098E-6A12-4D13-BC8E-CE7083E79863}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{91CC3A78-75DD-4CA0-A280-B5530D3BD5A1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Curious Expedition\nw.exe
FirewallRules: [{E301BF3A-364A-4B44-810E-179DE09C8918}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Curious Expedition\nw.exe
FirewallRules: [{A76CF13A-DF1A-4F27-86A3-47861F64AC06}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{EBF72FAF-CA77-440B-B764-F7E62C73F40C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{C782509E-96AF-45E4-B73E-DE8711607348}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D506091C-508A-4AD9-853F-6561717B110F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{0ADC0B6A-3CD0-4E69-A6B3-F06E56C334E3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II\GuildII.exe
FirewallRules: [{8970025C-2E16-4258-8340-1B63FAEEAD60}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\The Guild II\GuildII.exe
FirewallRules: [{D40896D7-B9A1-48A3-9ED8-3506AEA9EF14}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{93D5BDE9-C894-4A45-85AF-9BCCC25DCEA8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation Launcher Steam.exe
FirewallRules: [{12EF3CB6-8AD8-43FB-BBF2-0F099E79241E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{445DCB15-C78B-41BD-9ED1-18AEE923759F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Automation\Automation_Shipping_Steam.exe
FirewallRules: [{50AFAF84-361C-4C08-B15F-5D9BF04E2218}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Startopia\startopia.exe
FirewallRules: [{7421C5EB-E854-40AE-9BBD-2272689F6252}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Startopia\startopia.exe
FirewallRules: [{EF008559-261D-42B3-BB85-2EB84E7EAD31}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{C40176B6-31D1-4C04-8493-607766BBA6EF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{E23D771E-DDEF-4909-92CD-C2FBDBCE4651}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{3EA6C4A0-023F-4C1B-BB38-C71530B6A4FA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{DAE989FB-6A91-4AAA-B155-9E4FCA45E9A6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{A4810FB3-3F25-46AB-B823-DF5C43C983D5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Ori\ori.exe
FirewallRules: [{D1225A65-5001-4772-9907-A112DD061934}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{D6453AE3-D6D4-4A87-BD10-2939712CB073}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{09902A01-1461-49B5-B819-CCB1EE9EF85C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AD6EC883-8EEC-4FD8-8991-EF6FD969AE05}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D5C8C7F4-F71A-4EB6-A966-6969532EACBC}] => (Allow) D:\Program Files (x86)\BattleNet\Battle.net\Battle.net.exe
FirewallRules: [{0992C7DB-857C-43A9-9E25-348506338EEB}] => (Allow) D:\Program Files (x86)\BattleNet\Battle.net\Battle.net.exe
FirewallRules: [{634E3C0B-9271-450E-A53C-50425C5EB0BA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{95A7FBB1-1E81-44CF-9A08-076CF6A3E16A}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{2974D597-073A-4F4B-B5B7-3FFB95D9E450}] => (Allow) D:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{B674311E-17DB-458E-9CE0-048ECADC5B1F}] => (Allow) C:\Users\Mario\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{EFC31C88-F374-45C5-BCC9-01A60A414DE0}D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => (Allow) D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [UDP Query User{DAA27DAD-AA07-4DBE-8E02-CAD1934207A3}D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => (Allow) D:\users\mario\downloads\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [{766FE798-8AB6-4D1B-90A0-D6E8CFA21A8E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{43CC7273-0E98-4D0D-ABA1-29FFBC4F0F4C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{C15D9151-6047-40D4-AF2F-02B24FFF3BF1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{7E2B5519-AA68-417C-97A8-DE4A973B5CF6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{0BB7039B-A1D4-40B2-AB34-4DC4D04D9CA3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5C9856C4-6E45-4194-9735-7F3D23FD8E97}] => (Allow) LPort=2869
FirewallRules: [{D72B930C-88BB-4FDF-B074-B1D29D9C0B17}] => (Allow) LPort=1900
FirewallRules: [{BEDC4523-6F08-4543-8160-8AE8FD01614E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{3C0ACA69-928B-402B-B610-EBE8F264DAF9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{455CBFE4-DC85-45CE-AF60-D521D2A349F0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{0B5CFA37-7488-434B-86E1-7572C9D8B094}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{0B4AE6B6-6A7C-4A37-8347-48969AFDB17B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{97CCF153-C52A-42A5-B650-09BA1D7A3398}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{19A28B81-EE4B-4760-BE5D-AD0082AA6D1D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DAB135F4-5948-445D-9AA6-39AEC2FC07D5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{4356867B-75D5-4E91-92E1-47FC55225FCF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{235135FB-C6BA-4936-983B-23272E7574C9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{4C5AA192-30AD-4E9B-A8C7-22A79B2E7BE9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [TCP Query User{FDF54BB0-5126-4D1E-B9F5-E8B8C9E3CB32}C:\users\mario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DAEF1DBD-5D05-4690-83F4-30062D6C5D1F}C:\users\mario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mario\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2F20D451-3AA1-43C0-95BC-5326851657F4}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{9C508D5D-54BD-43A8-86F1-69FE3D49006F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{EF01BA0B-1BE6-4D7F-93F7-88227E79566A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Empire TV Tycoon\EmpireTV.exe
FirewallRules: [{0287F97A-8589-4FF6-9308-823D800F5740}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Empire TV Tycoon\EmpireTV.exe
FirewallRules: [{DBC355C3-44FB-4722-9816-93DAA354E513}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{58B5DEB5-A109-4FB5-83F1-9FBA831C9BCA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [d:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/02/2015 09:10:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/02/2015 08:15:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/02/2015 01:17:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2015 08:11:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2015 12:25:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2015 11:57:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2015 11:47:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2015 10:56:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2015 10:14:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT-AUTORITÄT)
Description: Der Wert "Object List" des Schlüssels "SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance" kann nicht aktualisiert werden. Das erste DWORD im Datenbereich enthält den Fehlercode, und das zweite DWORD enthält den aktualisierten Wert.

Error: (10/31/2015 10:14:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT-AUTORITÄT)
Description: Der Wert "First Help" des Schlüssels "SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance" kann nicht aktualisiert werden. Das erste DWORD im Datenbereich enthält den Fehlercode, und das zweite DWORD enthält den aktualisierten Wert.


Systemfehler:
=============
Error: (11/02/2015 09:15:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Software Protection" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (11/02/2015 09:13:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 09:13:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 09:13:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/02/2015 09:13:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VIA Karaoke digital mixer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 09:13:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect 3 Creator" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-11-01 11:56:18.478
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-01 11:56:18.442
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-25 12:21:06.199
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 17:26:48.911
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 17:26:48.906
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-17 06:28:58.487
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:39:38.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:39:38.575
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:34:46.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 16:34:46.722
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 16346.1 MB
Verfügbarer physikalischer RAM: 13895.47 MB
Summe virtueller Speicher: 32690.4 MB
Verfügbarer virtueller Speicher: 30159.91 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:25.34 GB) NTFS
Drive d: (Müllhalde) (Fixed) (Total:1863.01 GB) (Free:392.55 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: E389A575)
Partition 1: (Active) - (Size=100 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C052AFF8)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Ich habe bisher übrigens nicht wieder versucht, einen Neustart im abgesicherten Modus zu machen. Sollte ich das zwischendurch probieren sollen bitte Bescheid geben.

Und nochmal vielen Dank!

Alt 03.11.2015, 20:13   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Bitte Windows Repair laufen lassen:
Windows reparieren - so geht's - Anleitungen

Jetzt kannst Du es versuchen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.11.2015, 13:54   #12
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Da in der Beschreibung vom Tool unter andrem stand, dass mehrmaliges Ausführen zu besseren Ergebnissen führen, habe ich das zunächst zwei Mal laufen lassen. Aber aus gegebenen Gründen nicht (wie eigentlich empfohlen) im abgesichterten Modus.
Erst nach den zwei Läufen habe ich gemerkt, dass der "Geekbuddy" von Comodo sich mit dem PC ebenfalls gestartet hatte. Da ich mir nicht sicher war, ob dieser bei der Reparatur dazwischengefunkt hatte, habe ich den Geekbuddy deinstalliert und das Tool noch zwei Mal laufen lassen.

Wenn ich jetzt den abgesichterten Modus starte, akzeptiert er immerhin das Passwort von meinem Nutzer und will mit der Anmeldung fortfahren (anstatt wie vorher anzugeben, dass das Passwort falsch wäre). Das Neustartproblem selbst ist aber noch immer vorhanden. Nach ein paar Sekunden im Anmeldebildschirm startet er neu.
Bei der erfolgreichen Eingabe vom Passwort konnte ich noch kurz ein "Wilkommen" sehen und dann kam wieder der Neustart.

Alt 04.11.2015, 19:45   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Sehr merkwürdig. Passiert das bei allen 3 Safe Modes?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.11.2015, 20:32   #14
Arktin
 
Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



Leider ja

Alt 05.11.2015, 20:14   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Standard

Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl



  • Lade das SafeMode-Regfix herunter, entpacke es auf Deinen Desktop. Dieser SafeMode-Regfix wird gebraucht, falls Malware durch Registry-Änderungen dafür gesorgt hat, dass Du nicht mehr aus dem abgesicherten Modus heraus kommst bzw. dass der abgesicherte Modus nicht mehr funktioiert. In diesem Fall mache einen Doppelklick auf die "SafeMode Repair.reg", um die verbogenen Registry-Einträge zu reparieren. Klicke auf "OK" und beantworte die Frage mit "Ja". Starte Deinen Rechner neu, um wieder in den normalen Modus zu kommen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl
100%, bildschirm, bluestacks, bonjour, computer, desktop, dnsapi.dll, firefox, flash player, hängt, installation, internet, kaspersky, mozilla, problem, prozesse, registry, rundll, security, sekunden, software, starten, svchost.exe, system, trojaner, usb, windows



Ähnliche Themen: Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl


  1. abgesicherter Modus funktioniert nicht in win7 - 64Bit
    Alles rund um Windows - 20.11.2014 (6)
  2. Win7: GVU Trojaner versperrt Desktop, abgesicherter Modus möglich
    Log-Analyse und Auswertung - 05.11.2014 (9)
  3. Interpol-Sperrbildschirm, Win XP, kein abgesicherter Modus klappt - dauernder Neustart
    Log-Analyse und Auswertung - 02.03.2014 (5)
  4. Windows 7 1) Systemwiederherstellungspunkte nach Neustart weg / 2) F8-Menü -> Abgesicherter Modus etc. funktioniert nicht mehr
    Alles rund um Windows - 15.11.2013 (7)
  5. GVU Trojaner - Win7 - kein abgesicherter Modus
    Log-Analyse und Auswertung - 22.09.2013 (9)
  6. Win7 mit Trojaner inkl. Webcam, kein abgesicherter Modus möglich
    Log-Analyse und Auswertung - 16.09.2013 (3)
  7. Win7 /64bit, Abgesicherter Modus lässt sich nicht starten
    Log-Analyse und Auswertung - 10.09.2013 (8)
  8. GVU unter Win7, nur noch abgesicherter Modus
    Log-Analyse und Auswertung - 05.09.2013 (3)
  9. Win7: Bundespolizei-Trojaner, abgesicherter Modus funktioniert nicht.
    Plagegeister aller Art und deren Bekämpfung - 12.08.2013 (9)
  10. Win7 GVU/BKA Trojaner / webcam bild / abgesicherter Modus läuft nicht /
    Log-Analyse und Auswertung - 28.07.2013 (18)
  11. GVU / BKA Trojaner Win7, abgesicherter Modus m E-Aufforderung möglich
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (17)
  12. GVU Trojaner, Win7, kein abgesicherter Modus möglich
    Log-Analyse und Auswertung - 29.06.2013 (9)
  13. GVU-Trojaner Win7 32Bit (Abgesicherter Modus geht nicht)
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (49)
  14. WIN7 64Bit GVU Trojaner, abgesicherter Modus funktioniert nicht
    Log-Analyse und Auswertung - 25.04.2013 (5)
  15. Control Department gegen Cyberkriminalität (XP, abgesicherter Modus führt zu Bluescreen)
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (1)
  16. WIN7 64Bit GVU Trojaner, abgesicherter Modus funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (8)
  17. Bundespolizei Virus auf Win7, Abgesicherter Modus funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (2)

Zum Thema Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl - Hallo zusammen, ich habe ein Problem mit meinem Abgesicherten Modus. Sobald ich den Abgesicherten Modus starte und in den Bildschirm der Benutzerauswahl komme dauert es ein paar Sekunden und der - Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl...
Archiv
Du betrachtest: Win7: Abgesicherter Modus führt zum Neustart ab Benutzerauswahl auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.